urlscan.io logo urlscan.io
SecurityTrails logo

en.hespress.com Open in urlscan Pro
104.18.23.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://en.hespress.com/
Effective URL: https://en.hespress.com/
Submission: On March 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 21 domains to perform 94 HTTP transactions. The main IP is 104.18.23.196, located in and belongs to CLOUDFLARENET, US. The main domain is en.hespress.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.
This is the only time en.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 104.18.22.196 13335 (CLOUDFLAR...)
29 104.18.23.196 13335 (CLOUDFLAR...)
1 88.221.110.122 20940 (AKAMAI-ASN1)
4 142.250.185.98 15169 (GOOGLE)
9 216.58.206.34 15169 (GOOGLE)
2 142.250.185.163 15169 (GOOGLE)
1 104.16.57.101 13335 (CLOUDFLAR...)
2 216.58.206.40 15169 (GOOGLE)
1 104.21.94.165 13335 (CLOUDFLAR...)
2 142.250.185.174 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
1 216.239.34.36 15169 (GOOGLE)
2 74.125.71.156 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 178.250.1.3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 172.217.16.193 15169 (GOOGLE)
2 172.217.18.4 15169 (GOOGLE)
3 142.250.185.206 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 178.250.1.11 44788 (ASN-CRITE...)
2 216.58.206.42 15169 (GOOGLE)
1 216.58.212.161 15169 (GOOGLE)
3 172.217.18.3 15169 (GOOGLE)
5 142.250.185.65 15169 (GOOGLE)
4 142.250.186.33 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
94 31
7    104.18.22.196 (None, )

ASN13335 (CLOUDFLARENET, US)
en.hespress.com
e1.hespress.com
i1.hespress.com
29    104.18.23.196 (None, )

ASN13335 (CLOUDFLARENET, US)
en.hespress.com
e1.hespress.com
1    88.221.110.122 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-122.deploy.static.akamaitechnologies.com
pahtzh.tech
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
9    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.gstatic.com
1    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f8.1e100.net
www.googletagmanager.com
1    104.21.94.165 (None, )

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
2    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads.g.doubleclick.net
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    74.125.71.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net
29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com
2    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net
www.google.com
3    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
fundingchoicesmessages.google.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f10.1e100.net
fonts.googleapis.com
1    216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f1.1e100.net
lh3.googleusercontent.com
3    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
5    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
cdn.ampproject.org
4    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
tpc.googlesyndication.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
Apex Domain
Subdomains		 Transfer
36 hespress.com
en.hespress.com
e1.hespress.com
i1.hespress.com — Cisco Umbrella Rank: 437586
1 MB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
418 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
181 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2656
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
124 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 397
104 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
224 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2186
google-bidout-d.openx.net — Cisco Umbrella Rank: 2171
788 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
7 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 466
7 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6744
515 B
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1148
211 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
164 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
7 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1845
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1235
6 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 677
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
1 KB
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 49819
103 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788
7 KB
1 pahtzh.tech
pahtzh.tech
3 KB
94 21
Domain Requested by
29 e1.hespress.com en.hespress.com
e1.hespress.com
9 pagead2.googlesyndication.com en.hespress.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 tpc.googlesyndication.com en.hespress.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net en.hespress.com
securepubads.g.doubleclick.net
4 en.hespress.com 1 redirects en.hespress.com
static.cloudflareinsights.com
3 fonts.gstatic.com en.hespress.com
fonts.googleapis.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 i1.hespress.com e1.hespress.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 oajs.openx.net 1 redirects en.hespress.com
2 www.google.com en.hespress.com
tpc.googlesyndication.com
2 www.google.de en.hespress.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 cdn.taboola.com palibzh.tech
cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com en.hespress.com
www.googletagmanager.com
2 www.gstatic.com en.hespress.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 lh3.googleusercontent.com en.hespress.com
1 29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 region1.analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 palibzh.tech pahtzh.tech
1 static.cloudflareinsights.com en.hespress.com
1 pahtzh.tech en.hespress.com
94 31
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-08 -
2024-05-07		 a year crt.sh
projectagora.net
R3		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
palibzh.tech
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh

This page contains 8 frames:

Primary Page: https://en.hespress.com/
Frame ID: BB3BDA2B7668F308C2F6EF8AAA754964
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: DFCFB6B736F55D7BA59A6220308063E6
Requests: 1 HTTP requests in this frame

Frame: https://29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C041038B048EF8168ABB06CC337162D9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=en.hespress.com
Frame ID: EC6F42F32FD3525118B144819E209651
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: 066E6D5DBF17ED8D6D38F32AF81427EF
Requests: 15 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 809188BB5275B9EFBA1EF8958CB5F2EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9016615022B0A77D82529F6E9CDD63BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 564C9B3CCDDDFCCABD7334E8930EEEA8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HESPRESS English - Morocco News

Page URL History Show full URLs

  1. http://en.hespress.com/ HTTP 301
    https://en.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

94
Requests

99 %
HTTPS

0 %
IPv6

21
Domains

31
Subdomains

31
IPs

4
Countries

2897 kB
Transfer

6851 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://en.hespress.com/ HTTP 301
    https://en.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fen.hespress.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fen.hespress.com%2F&rid=esp&cc=1

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
en.hespress.com/
Redirect Chain
  • http://en.hespress.com/
  • https://en.hespress.com/
84 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
156950d79b3572db2d92097db449b45cc655804173ca26ce7ef54bd46b2c5db6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
85f43723ad081da8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 19:19:00 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache
STALE DE
x-powered-by
PHP/7.4.13

Redirect headers

CF-RAY
85f4372318cb2c1c-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 04 Mar 2024 19:19:00 GMT
Expires
Mon, 04 Mar 2024 20:19:00 GMT
Location
https://en.hespress.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Hespress-Medium.woff
e1.hespress.com/wp-content/themes/hespress/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:34:11 GMT
server
cloudflare
age
7035717
etag
W/"6567bc63-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
85f437259918037c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
e1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:34:11 GMT
server
cloudflare
age
8267153
etag
W/"6567bc63-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
85f43725990e037c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
e1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:34:11 GMT
server
cloudflare
age
8267153
etag
W/"6567bc63-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
85f437259914037c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
en.hespress.com.js
pahtzh.tech/c/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtzh.tech/c/en.hespress.com.js
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.110.122 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-110-122.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
d889d09b671fa1b3090c87310c8000382e1aade26a285a31f678b81f2e8a95af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv8Inr4PPqlHvYtYeoHw_8Pi-bFtpkLNo-b21idoH-6m3v7Kks5q62-hXcpkkWXtjhD4wkhE7hRfu7LVdoMa2P3d8BATk4t
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2354
last-modified
Wed, 31 May 2023 07:08:11 GMT
server
UploadServer
etag
"7aa1e55a050a3c5b1df74803a6d8eddd"
vary
Accept-Encoding
x-goog-generation
1685516891206752
content-type
text/javascript
content-language
en
x-goog-hash
crc32c=iFvMSg==, md5=eqHlWgUKPFsd90gDptjt3Q==
cache-control
private, max-age=14400
x-goog-stored-content-length
2354
x-amz-checksum-crc32c
iFvMSg==
accept-ranges
bytes
expires
Mon, 04 Mar 2024 23:19:00 GMT
desktop_en.css
e1.hespress.com/wp-content/themes/hespressfr/css/ 		352 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901e8331ddde83e69df883a7701be0f89e9cef068111db9511207e916917ba28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 12 Dec 2023 18:52:58 GMT
server
cloudflare
age
730104
cf-polished
origSize=363052
etag
W/"6578ac0a-58a2c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
85f437254f951da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
45b5ed333c169fcfcd7341f37f10c6080cb80eed1014a88b5f1565dd61aaf388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28754
x-xss-protection
0
server
cafe
etag
437 / 19786 / m202402220101 / config-hash: 6198071416507790484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 19:19:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
480e542c6993b6e8510b84bf3320fe1513c586729a19a3dccb620bfafc1954c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51272
x-xss-protection
0
server
cafe
etag
10084288942520816313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 04 Mar 2024 19:19:00 GMT
etats-africains-atlantiques.webp
e1.hespress.com/wp-content/uploads/2024/02/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/02/etats-africains-atlantiques.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be6860fcd6d375581758e3ddff211dd89bb45fa0d938da0e2f7cff8876501912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Feb 2024 14:46:09 GMT
server
cloudflare
etag
"65db52b1-108f4"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f437254f9a1da8-FRA
content-length
67828
expires
Thu, 31 Dec 2037 23:55:55 GMT
abdelilah_benkirane2.webp
e1.hespress.com/wp-content/uploads/2023/11/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2023/11/abdelilah_benkirane2.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97301379274779a51fc991c429cf6bdae675c01c66b4a4e1d178a45d442953a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Mon, 20 Nov 2023 12:40:21 GMT
server
cloudflare
age
9754
etag
"655b53b5-92fc"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f437254f981da8-FRA
content-length
37628
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6546
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 14:39:41 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 08:53:58 GMT
en.min.js
e1.hespress.com/wp-content/themes/hespressfr/js/ 		161 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e1.hespress.com/wp-content/themes/hespressfr/js/en.min.js?ver=6.37
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a39bbf557f7cd035e620c0b5f45c6da91dfc9169d33a49e6f69e611d6a936b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Nov 2023 10:58:08 GMT
server
cloudflare
age
2795828
etag
W/"6559ea40-28387"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
85f43725f8cd1da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
85f437264fee368a-FRA
gtm.js
www.googletagmanager.com/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3f3e68532d4a42f1522febc58cfe7c15c222b7e74fc6308a2911b34e9b9667fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73443
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 18:36:14 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Mar 2024 19:19:00 GMT
sprite.svg
en.hespress.com/wp-content/themes/hespressar/ 		215 KB
54 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://en.hespress.com/wp-content/themes/hespressar/sprite.svg?6.37
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fa512a905398f4207dcf41492073815b663fb62a7f6862ee94c9e03abdab84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 18 Nov 2023 09:55:58 GMT
server
cloudflare
etag
W/"65588a2e-35dbb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300
cf-ray
85f43725f8d11da8-FRA
expires
Mon, 04 Mar 2024 19:24:01 GMT
sprite.svg
e1.hespress.com/wp-content/themes/hespressar/ 		215 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.34
Requested by
Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fa512a905398f4207dcf41492073815b663fb62a7f6862ee94c9e03abdab84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 18 Nov 2023 09:55:58 GMT
server
cloudflare
etag
W/"65588a2e-35dbb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
85f4372639811da8-FRA
expires
Mon, 04 Mar 2024 19:24:01 GMT
placeholder.jpg
e1.hespress.com/wp-content/themes/hespress/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/themes/hespress/img/placeholder.jpg
Requested by
Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b31dc7fd7f48aabf2dbd497b0244c947bb64b134255d4acd4bc404459d3112

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
2229268
cf-polished
qual=85, origFmt=jpeg, origSize=20759
content-disposition
inline; filename="placeholder.webp"
content-length
4762
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 May 2021 17:33:54 GMT
server
cloudflare
etag
"60942882-5117"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372639861da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

Referer
https://e1.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
2795704
etag
W/"6567ba7a-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
85f437264a3c037c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

Referer
https://e1.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
6308282
etag
W/"6567ba7a-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
85f437264a41037c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

Referer
https://e1.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
8245088
etag
W/"6567ba7a-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
85f437264a38037c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
416710743_416123180772792_7679619541139992449_n.jpg
e1.hespress.com/wp-content/uploads/2024/03/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/03/416710743_416123180772792_7679619541139992449_n.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb71532df6bd9a1122168412d7f5eeaee30b792b79f854ebd10e1ae06118dd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
208427
cf-polished
qual=85, origFmt=jpeg, origSize=69508
content-disposition
inline; filename="416710743_416123180772792_7679619541139992449_n.webp"
content-length
23598
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Feb 2024 23:18:24 GMT
server
cloudflare
etag
"65e110c0-10f84"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372649aa1da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Ronaldo-al-nassr-img1.webp
e1.hespress.com/wp-content/uploads/2023/01/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2023/01/Ronaldo-al-nassr-img1.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36db87df01c2f96a136fc902ddc4b3f37895732be006f76af309c39e19ee4bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 22:28:53 GMT
server
cloudflare
age
208427
etag
"63b35aa5-af8a"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372649ac1da8-FRA
content-length
44938
expires
Thu, 31 Dec 2037 23:55:55 GMT
map_jo-olympic_0_0-900x600.jpg
e1.hespress.com/wp-content/uploads/2021/07/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2021/07/map_jo-olympic_0_0-900x600.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63daa3b62aa51489dbeacac68fd8da316184d54737893f4932ca009b9cad3cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
336879
cf-polished
qual=85, origFmt=jpeg, origSize=71474
content-disposition
inline; filename="map_jo-olympic_0_0-900x600.webp"
content-length
52018
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Aug 2021 13:24:26 GMT
server
cloudflare
etag
"6109438a-11732"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372649ae1da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
GettyImages-1863296567-900x600.jpg
e1.hespress.com/wp-content/uploads/2024/02/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/02/GettyImages-1863296567-900x600.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6022690df73e49e56653e9e473222becbe38fbf28711c56d4fc827946420fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
336877
cf-polished
qual=85, origFmt=jpeg, origSize=65664
content-disposition
inline; filename="GettyImages-1863296567-900x600.webp"
content-length
43398
cf-bgj
imgq:85,h2pri
last-modified
Tue, 27 Feb 2024 15:51:10 GMT
server
cloudflare
etag
"65de04ee-10080"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372649b11da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
alves.jpeg
e1.hespress.com/wp-content/uploads/2023/05/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2023/05/alves.jpeg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7604a7be68b59f8ce835a060d51de16c847f7aa16c61b280905305892364fed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
378038
cf-polished
origSize=29591, status=webp_bigger
content-length
28856
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 May 2023 15:36:16 GMT
server
cloudflare
etag
"645a6870-7397"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372649b31da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bourita-ccg.jpg
e1.hespress.com/wp-content/uploads/2024/03/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/03/bourita-ccg.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f607ebb34cac1c2f4875f825c697b1eefd4a5173c952c26467b81c2cd1a344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
90880
cf-polished
qual=85, origFmt=jpeg, origSize=96636
content-disposition
inline; filename="bourita-ccg.webp"
content-length
93026
cf-bgj
imgq:85,h2pri
last-modified
Sun, 03 Mar 2024 14:49:36 GMT
server
cloudflare
etag
"65e48e00-1797c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659c31da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ISRAELUNE1.webp
e1.hespress.com/wp-content/uploads/2023/10/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2023/10/ISRAELUNE1.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7803bb1646f77f2b2c1312307096a107f3f2aacfb210fc84cfd24d20b1c434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 12:49:09 GMT
server
cloudflare
age
158871
etag
"6522a545-ebd8"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659c61da8-FRA
content-length
60376
expires
Thu, 31 Dec 2037 23:55:55 GMT
Carte-Identite-Nationale-900x600.jpeg
e1.hespress.com/wp-content/uploads/2023/03/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2023/03/Carte-Identite-Nationale-900x600.jpeg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b6411859ca2406cbc418041252451e88a1b86ecc2016542ab120ff2d99ad05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
178320
cf-polished
qual=85, origFmt=jpeg, origSize=37977
content-disposition
inline; filename="Carte-Identite-Nationale-900x600.webp"
content-length
21416
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Mar 2023 15:37:02 GMT
server
cloudflare
etag
"641c721e-9459"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659c91da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
algerie-iran-1.jpg
e1.hespress.com/wp-content/uploads/2024/03/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/03/algerie-iran-1.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2a0577284535f07a224fa5c60581b24e0ac1d807ae72dccb1f8239bb089d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Mar 2024 14:32:37 GMT
server
cloudflare
etag
"65e5db85-17184"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659ce1da8-FRA
content-length
94596
expires
Thu, 31 Dec 2037 23:55:55 GMT
PHOTO_01032024_123317092964016181-900x600.jpg
e1.hespress.com/wp-content/uploads/2024/03/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/03/PHOTO_01032024_123317092964016181-900x600.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7edd90b33cea0503447f2307616599dbc93c28ed6e49c838ae822b99763abf1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
162479
cf-polished
qual=85, origFmt=jpeg, origSize=121051
content-disposition
inline; filename="PHOTO_01032024_123317092964016181-900x600.webp"
content-length
103074
cf-bgj
imgq:85,h2pri
last-modified
Sat, 02 Mar 2024 14:30:28 GMT
server
cloudflare
etag
"65e33804-1d8db"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659d41da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2024-02-28-at-22.14.14.jpeg
e1.hespress.com/wp-content/uploads/2024/02/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/02/WhatsApp-Image-2024-02-28-at-22.14.14.jpeg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e52c2ff5328b882ac161a996dac7c026b3b02d972b80dbb480a312506c89df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
109379
cf-polished
qual=85, origFmt=jpeg, origSize=115855
content-disposition
inline; filename="WhatsApp-Image-2024-02-28-at-22.webp"
content-length
67904
cf-bgj
imgq:85,h2pri
last-modified
Wed, 28 Feb 2024 21:38:52 GMT
server
cloudflare
etag
"65dfa7ec-1c48f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659d61da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
MAPPH_20220419_0003_2710322117_map-300x300.jpg
e1.hespress.com/wp-content/uploads/resize/300/2024/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/resize/300/2024/01/MAPPH_20220419_0003_2710322117_map-300x300.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da0eda9283099d0b56ebcac9376c2243188ed47a60f00a3d5dd4875b93d77ac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
83392
cf-polished
qual=85, origFmt=jpeg, origSize=23411
content-disposition
inline; filename="MAPPH_20220419_0003_2710322117_map-300x300.webp"
content-length
21428
cf-bgj
imgq:85,h2pri
last-modified
Mon, 22 Jan 2024 20:39:21 GMT
server
cloudflare
etag
"65aed279-5b73"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659d71da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
RAYAN-300x300.webp
e1.hespress.com/wp-content/uploads/resize/300/2022/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/resize/300/2022/02/RAYAN-300x300.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72e45edb061e6dc213f04978dbb43cf9fcf381079df30df948f1ad1a38c924b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Feb 2022 17:31:31 GMT
server
cloudflare
age
83391
etag
"61feb473-5576"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659d91da8-FRA
content-length
21878
expires
Thu, 31 Dec 2037 23:55:55 GMT
moshe-yatom-suicide-1024x695-1-e1699530243620-300x300.webp
e1.hespress.com/wp-content/uploads/resize/300/2023/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/resize/300/2023/11/moshe-yatom-suicide-1024x695-1-e1699530243620-300x300.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea98c48715d43968cfec9c69a8fb6a5947e6f758526ac8a4744b485fec9093c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 11:44:03 GMT
server
cloudflare
age
83391
etag
"654cc603-1b4a"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659db1da8-FRA
content-length
6986
expires
Thu, 31 Dec 2037 23:55:55 GMT
test-covid-maroc-300x300.webp
e1.hespress.com/wp-content/uploads/resize/300/2022/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/resize/300/2022/05/test-covid-maroc-300x300.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7130eb7e34cd091afb75080d5e37d7ef900a86adeaf045d8af9c0f21713436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Tue, 17 May 2022 19:41:46 GMT
server
cloudflare
age
83391
etag
"6283fa7a-2b1c"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659dc1da8-FRA
content-length
11036
expires
Thu, 31 Dec 2037 23:55:55 GMT
voiture_automobile-300x300.webp
e1.hespress.com/wp-content/uploads/resize/300/2022/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/resize/300/2022/07/voiture_automobile-300x300.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9cc773ba15951b78405338f9a63a936c1c9af731c85156347dcedb718eae60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jul 2022 13:25:02 GMT
server
cloudflare
etag
"62c58d2e-6ab0"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659df1da8-FRA
content-length
27312
expires
Thu, 31 Dec 2037 23:55:55 GMT
DSC_9467-300x300.jpg
e1.hespress.com/wp-content/uploads/resize/300/2024/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/resize/300/2024/02/DSC_9467-300x300.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6257866fe3da5e9d6f1f6f5f3b84445e9f8f631813703ebd1aa2589054219ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
83391
cf-polished
qual=85, origFmt=jpeg, origSize=19151
content-disposition
inline; filename="DSC_9467-300x300.webp"
content-length
15632
cf-bgj
imgq:85,h2pri
last-modified
Mon, 26 Feb 2024 12:31:58 GMT
server
cloudflare
etag
"65dc84be-4acf"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659e11da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
femme-manifestation-pride-2-150x150.webp
e1.hespress.com/wp-content/uploads/2023/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2023/06/femme-manifestation-pride-2-150x150.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069de08776d34883edd11545076f5be30560c30db1fd4fc019a0713b603d7ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Jun 2023 11:36:03 GMT
server
cloudflare
age
83391
etag
"64997823-209c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659e51da8-FRA
content-length
8348
expires
Thu, 31 Dec 2037 23:55:55 GMT
belmoudden-150x150.webp
e1.hespress.com/wp-content/uploads/2024/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/02/belmoudden-150x150.webp
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3da28b08437ad106c8c3b40c0a6502c1e51845d1a57f0a76388e13b235ac0afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Feb 2024 13:37:00 GMT
server
cloudflare
age
83391
etag
"65d89f7c-1528"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659e61da8-FRA
content-length
5416
expires
Thu, 31 Dec 2037 23:55:55 GMT
DSC_9467-150x150.jpg
e1.hespress.com/wp-content/uploads/2024/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.hespress.com/wp-content/uploads/2024/02/DSC_9467-150x150.jpg
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5383c650ec73c05bf9dbed1260e62cec0c104515dd77eb5e3e58eb3f3b84e4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
cf-cache-status
HIT
age
83391
cf-polished
qual=85, origFmt=jpeg, origSize=7062
content-disposition
inline; filename="DSC_9467-150x150.webp"
content-length
6120
cf-bgj
imgq:85,h2pri
last-modified
Mon, 26 Feb 2024 12:31:57 GMT
server
cloudflare
etag
"65dc84bd-1b96"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
85f4372659e71da8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
projectagora.min.js
palibzh.tech/libs/ 		367 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahtzh.tech
URL: https://pahtzh.tech/c/en.hespress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b23472e2bff7d48bca2a06c3833be94e69186ad328f255cb5af1392245d9597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MPWXPA6QG2EPWP2B
age
1111
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.21.0
alt-svc
h3=":443"; ma=86400
content-length
104464
x-amz-id-2
Xsed38u5EaxlphuRlEjVRmeBpZQL3C3KehejhP9vdNTEzKYOim1NzSe80YlPXVgMANLItGl8Q4U=
last-modified
Mon, 19 Feb 2024 09:11:44 GMT
server
cloudflare
etag
"9fecdab9742b580abbed8a42a238c497"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbN%2B89c%2Brl336WxclQIj9xhgDrwIvKxflfxT85KRcXsrTdkuBfFekbeHwM4IHjfEvYaUPF1dXjeyvoh8lZlzhJSoxz08wMGVasmUM27ps7zwrpPHRPEjZMU0igTE%2B9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85f43726afdb6933-FRA
js
www.googletagmanager.com/gtag/ 		271 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KT9208VCT6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cc4990c2c7fd22a571068f8448384136e655d38baa1bffa831d05b9af6110c0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93644
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Mar 2024 19:19:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Mar 2024 17:32:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6419
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Mar 2024 19:32:02 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=en.hespress.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
a42f828fa2037789ed752db7ac9281f4044e7abcab8a3da01c25154614e73e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141059
x-xss-protection
0
server
cafe
etag
17064882814351921695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 19:19:01 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame DFCF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 03:55:30 GMT
etag
5035419970550746386
expires
Mon, 18 Mar 2024 03:55:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
loader.js
cdn.taboola.com/libtrc/enhespressmena-p23922933/ 		193 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/enhespressmena-p23922933/loader.js
Requested by
Host: palibzh.tech
URL: https://palibzh.tech/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60fd7463cfb0b63a3819bc8880c840a6cb196271289b10f5a6de10ef25f1c830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
FSc67Q5_agq58RSW9EtH42sXkO4.wiRG
content-encoding
gzip
via
1.1 varnish
date
Mon, 04 Mar 2024 19:19:01 GMT
x-amz-request-id
WX1NHWM1969JJ81C
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
45388
x-amz-id-2
aBiawt0NFK27G0iDjAybiNiGHKAvRHD8XAZzyY658LAgo7gfXWuqk6hATrWD3hMftHCesLQDETM=
x-served-by
cache-fra-etou8220079-FRA
last-modified
Sun, 03 Sep 2023 15:42:03 GMT
server
AmazonS3
x-timer
S1709579941.042171,VS0,VE208
etag
"d5426fbbaa49a997e9dc826056fc87d8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 		428 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 17:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
5182
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137662
x-xss-protection
0
server
cafe
etag
2919427224111863329
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 04 Mar 2025 17:52:38 GMT
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1909835212&t=pageview&_s=1&dl=https%3A%2F%2Fen.hespress.com%2F&ul=en-us&de=UTF-8&dt=HESPRESS%20English%20-%20Morocco%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1418636991&gjid=253342292&cid=1643125201.1709579941&tid=UA-1423316-19&_gid=1991866732.1709579941&_r=1&_slc=1&gtm=45He42t1n815L4RVCKv845937523za220&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1347290551
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://en.hespress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KT9208VCT6&gtm=45je42t1v886100022z8845937523za220&_p=1709579940782&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1643125201.1709579941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709579941&sct=1&seg=0&dl=https%3A%2F%2Fen.hespress.com%2F&dt=HESPRESS%20English%20-%20Morocco%20News&en=page_view&_fv=1&_ss=2&tfd=762
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT9208VCT6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT9208VCT6&cid=1643125201.1709579941&gtm=45je42t1v886100022z8845937523za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT9208VCT6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT9208VCT6&cid=1643125201.1709579941&gtm=45je42t1v886100022z8845937523za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1031285237
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1423316-19&cid=1643125201.1709579941&jid=1418636991&gjid=253342292&_gid=1991866732.1709579941&_u=YEBAAAAAAAAAAC~&z=1311311403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://en.hespress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Mar 2024 19:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40112
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bBE9WLSqLJ6PhK%2Ff92ObtlJMzPD1rtItHUVItnF4VYVUPhCx28uglcBxTVMS7tl6oPWIIFWWe%2FF4SXI4%2Bg87ziNSP%2BPQMp2COq7JSWxEHUDqXtTVL9P26JBOz7jVbNid8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85f437286d712bf0-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 27 Feb 2024 07:13:11 GMT
server
nginx
etag
W/"65dd8b87-a5db"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Mar 2024 19:19:01 GMT
ob.js
cdn-ima.33across.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 19:54:16 GMT
server
cloudflare
age
341715
etag
W/"65ce6be8-42fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
85f43728982fbb50-FRA
expires
Thu, 07 Mar 2024 19:19:01 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:53:26 GMT
content-encoding
gzip
age
1430735
x-guploader-uploadid
ABPtcPqo5Z0m2cOyr5yC8BuYs_0fezW40bVygVNwwmitTQvABMcpaTYtmyxcuZIJBEUCujATmw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 16 Feb 2025 05:53:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4057408453229164&correlator=3383905586327504&eid=31081523&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fifs&iu_parts=153418548%2Cpave_hespress_fr%2Cmega_hespress_fr%2Ccode_hespress_fr&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C300x250%2C320x50%7C970x250%7C970x90%7C728x90%2C1x1&fluid=height%2Cheight%2C0&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709579941113&lmt=1709579941&adxs=-9%2C315%2C-12245933&adys=-9%2C144%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fen.hespress.com%2F&vis=1&psz=0x-1%7C1366x0%7C1600x3202&msz=0x-1%7C970x0%7C0x-1&fws=2%2C4%2C128&ohw=0%2C1366%2C0&ga_vid=1643125201.1709579941&ga_sid=1709579941&ga_hid=1909835212&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj36Z7X4DFIAFICCGQSGQoKcHViY2lkLm9yZxj36Z7X4DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y9-me1-AxSABSAghkEhQKBW9wZW54GPfpntfgMUgAUgIIZA..&dlt=1709579940664&idt=432&adks=1628911327%2C4028731137%2C1696781711&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
153781c7efbbc88b113e5644b250075909c9720ca6aad6bdc0110ef3b57f4777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13132
x-xss-protection
0
google-lineitem-id
-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://en.hespress.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C041 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 19:19:01 GMT
expires
Tue, 04 Mar 2025 19:19:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1423316-19&cid=1643125201.1709579941&jid=1418636991&_u=YEBAAAAAAAAAAC~&z=367113641
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1423316-19&cid=1643125201.1709579941&jid=1418636991&_u=YEBAAAAAAAAAAC~&z=367113641
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-9809098668305457
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=en.hespress.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
27d03b2cf91c60b32f8daaeac0c83c082138f33021203811c0dd301a491a2c52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qt0J22Q-MfIIKN6L85sNVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-Qt0J22Q-MfIIKN6L85sNVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDsXTvjPVsAgd-L2ljBAD9ni1N"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fen.hespress.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fen.hespress.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fen.hespress.com%2F&rid=esp&cc=1
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c1222379ce239661a18841bceef238852a38b9934f43804a7ce085599ca5e92a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-fTQZI4CQJQRdrPOWHuKrD8IjCnc"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://en.hespress.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 04 Mar 2024 19:19:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://en.hespress.com
location
/esp?url=https%3A%2F%2Fen.hespress.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame EC6F 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=en.hespress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://en.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 19:19:01 GMT
server
Kestrel
server-processing-duration-in-ticks
473343
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
impl.20230903-6-RELEASE.js
cdn.taboola.com/libtrc/ 		803 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/enhespressmena-p23922933/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
gIOT1yBEHv3sGddP5vV_8PlP09Adq8pg
content-encoding
br
via
1.1 varnish
date
Mon, 04 Mar 2024 19:19:01 GMT
x-amz-request-id
SDBPSMR4VGX8K9EF
age
4744
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170019
x-amz-id-2
miCM2wmrTyIfwX3Fh/AVfRcvzcDs6t17WZCmRWZs4B70/vC8BBmEebD3vRHYcpsN5qt9GDbqe8E=
x-served-by
cache-fra-etou8220079-FRA
last-modified
Mon, 04 Sep 2023 09:32:01 GMT
server
AmazonS3-br
x-timer
S1709579941.307703,VS0,VE2
etag
"ebfc5e8f71b99d31d408f4b268b3cf64"
vary
Accept-Encoding
content-type
application/javascript
abp
13
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1
AGSKWxWr841n5NBgc0rRzRlUH7lI0Hddwr17CQWP8zMwS0xZ7NLZFd84qxf7-CLGzdaQPN8jpu9DQLdPJ6wZ6beEho4xZcAzXE9N3plAie52P4QhuDRyLzi4PCfECCsIV1_D7arfGNvk
fundingchoicesmessages.google.com/f/ 		414 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWr841n5NBgc0rRzRlUH7lI0Hddwr17CQWP8zMwS0xZ7NLZFd84qxf7-CLGzdaQPN8jpu9DQLdPJ6wZ6beEho4xZcAzXE9N3plAie52P4QhuDRyLzi4PCfECCsIV1_D7arfGNvk?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTc5OTQxLDM0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lbi5oZXNwcmVzcy5jb20vIixudWxsLFtbOCwiUXFBWGhIRE8xUVEiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.QqAXhHDO1QQ.es5.O/am=wA/d=1/rs=AJlcJMw6mu7Xcir3MDEW4fQRynd8xLLy5w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
eba8fa978069b8af6193d14828d29bbbcb2bafd096ec81e6416e64d1addfa431
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ttgjgccsZ2EI3DzkNVl1yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-ttgjgccsZ2EI3DzkNVl1yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDsXTvjPVsAhuuzX3KCAABvi16"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		107 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.QqAXhHDO1QQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxPDO4dQlVI1RuVGz5UYcoVZ51AxQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f10.1e100.net
Software
ESF /
Resource Hash
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 19:19:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 19:19:01 GMT
jIJQpCnTGCE6uha1pG9hv6VxPTXyeI1HGkC7tm0DqnB4Y-zBug05s4X4fa2IO_I3Zs9PxsLZ9JSiFxG0EWLSIE7R43bxC1qINZ9wZhpvdgDdgea0xW9p=h60
lh3.googleusercontent.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/jIJQpCnTGCE6uha1pG9hv6VxPTXyeI1HGkC7tm0DqnB4Y-zBug05s4X4fa2IO_I3Zs9PxsLZ9JSiFxG0EWLSIE7R43bxC1qINZ9wZhpvdgDdgea0xW9p=h60
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
fife /
Resource Hash
809a2c6a57e1191dcc96582e78eb59235b7f2db537e91cdf91ecf1dd541e5cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 17:20:11 GMT
x-content-type-options
nosniff
age
7130
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6443
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 05 Mar 2024 17:20:11 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 03:51:57 GMT
x-content-type-options
nosniff
age
487624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 03:51:57 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:34:50 GMT
x-content-type-options
nosniff
age
481451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 05:34:50 GMT
AGSKWxWMQ_3acUrKQRJRAj4eAe0dCD2dLI9p1spJR2IbLG4PDx5219XQAzpZj_Zgg4l3oM42PIB1y7WNxOazcsGmecxvpvjftU5wi5eBXDYik27yPxzfEa_mPphRYqYHTNnOKFG5yiCQ
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWMQ_3acUrKQRJRAj4eAe0dCD2dLI9p1spJR2IbLG4PDx5219XQAzpZj_Zgg4l3oM42PIB1y7WNxOazcsGmecxvpvjftU5wi5eBXDYik27yPxzfEa_mPphRYqYHTNnOKFG5yiCQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.QqAXhHDO1QQ.es5.O/am=wA/d=1/rs=AJlcJMw6mu7Xcir3MDEW4fQRynd8xLLy5w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eG4kBId8VKUFo3R6ed8ZYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-eG4kBId8VKUFo3R6ed8ZYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTDsXTvjPVsAh0fG1cyAQCJOxEf"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://en.hespress.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402262017000/ Frame 066E 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Mar 2024 18:11:24 GMT
age
4057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56141
x-xss-protection
0
server
sffe
etag
"28cb2d39d2a36ad8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 04 Mar 2025 18:11:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 066E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Mar 2024 18:11:24 GMT
age
4057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5220
x-xss-protection
0
server
sffe
etag
"49cab81f34612748"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 04 Mar 2025 18:11:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 066E 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Mar 2024 18:11:24 GMT
age
4057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29016
x-xss-protection
0
server
sffe
etag
"d87e4eaec13170fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 04 Mar 2025 18:11:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 066E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Mar 2024 18:11:24 GMT
age
4057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"92d49a70059f031a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 04 Mar 2025 18:11:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 066E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Mar 2024 18:11:24 GMT
age
4057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12941
x-xss-protection
0
server
sffe
etag
"abc788b0a91a2b6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 04 Mar 2025 18:11:24 GMT
css
fonts.googleapis.com/ Frame 066E 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f10.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 17:32:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 19:19:01 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 066E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 18:51:27 GMT
x-content-type-options
nosniff
server
cafe
age
1654
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 05 Mar 2024 18:51:27 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 066E 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 08:46:05 GMT
x-content-type-options
nosniff
server
cafe
age
37976
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 05 Mar 2024 08:46:05 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/4561901972067335794/ Frame 066E 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4561901972067335794/14763004658117789537
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
aaa42598845c624717a290657cfc2395f1aeabb59ae58bb3adee7436e6ded54b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Wed, 26 Feb 2025 06:52:33 GMT
date
Tue, 27 Feb 2024 06:52:33 GMT
x-content-type-options
nosniff
age
563188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188501
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 19:47:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 066E 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 066E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 066E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd1ceeaf4feb9086fd29c2cf981cf97db17b40e032a0924b829aa3f852118581

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
pd
google-bidout-d.openx.net/w/1.0/ Frame 8091 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://en.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Mon, 04 Mar 2024 19:19:01 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame EC6F 		433 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=hespress.com&sn=ChromeSyncframe&so=0&topUrl=en.hespress.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=en.hespress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
451d2acc9e071c5263c4b5bd34c393819b0ba620b154bf515a394be3c5781163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=en.hespress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2630579
expires
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 066E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://en.hespress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 04:54:54 GMT
x-content-type-options
nosniff
age
483847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 04:54:54 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 066E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGQxapR7mZZyqCrfj1PIP992gsAOW9KacdtOXzdqwEpCUxazMBBABIKGb7TFglbqUgqAHoAHp_fXPA8gBCeACAKgDAcgDCqoEqwJP0NVr6PUWGQrCre18JVHPVnyhRTbiwdqv5ggGBp_bGSAzZV0rwBxp0wWeirIu79ZJWsCqzUjXSlb1vg-R_H8ODkrNJTszvtQu7RZ8lZ_L4MrsOp4eDHcv-TFF2mSIBU3Z95x3LgSsTw5iaIoqOLJkiAefUIM8RRH0OvO12AKsJP0iZpIBCcPh4okHnCjY5EqE2zyYwf3Gl0fU9l0qShtqgdYG0xNuqjFTJzaWdupshCifOCdnHXSvFqSzCjedNgFmG5jePNAiR0y5DY8Dn7qWOKhYaV-C2N-pvU2HBAOscpL4Q-hKI1ZCNKaEheWuPiXFdl5dyd8g7TKagcUJ8IXLDtNXS1RiuUDxl7XPKnXqgfSBCjT_jo_3E6X53JMBG1XDWDncJ0mRSqFkVMAEw9nDhs8E4AQBiAWcg5yKTpIFBAgEGAGSBQQIBRgEoAYugAeM2-GsBagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEIKJD9IIKwiR4YBwEAEYHTIH64uA4L-ADToJgECAgICAgJQoSL39wTpYgL3tyKnbhAOaCTtodHRwczovL3NlYXJjaGZhdm9yaXRlcy5uZXQvaW5kZXgucGhwP3JnaWQ9OTM2NzIwJnN1Yj1nY2xpZIAKA8gLAeINEwit9-3IqduEAxW3MVUIHfcuCDbYEwzQFQGAFwGyFx4KHAgAEhRwdWItOTgwOTA5ODY2ODMwNTQ1Nxi0qB0&sigh=yHuNziBsmvo&uach_m=%5B%5D&ase=2&nis=5&template_id=5000&cbvp=2
Requested by
Host: en.hespress.com
URL: https://en.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402220101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
15c97ee2267dd7ef2f86d74b194d0aa88254e14fec46628455a79132952121eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12382
x-xss-protection
0
rum
en.hespress.com/cdn-cgi/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://en.hespress.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://en.hespress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type
application/json

Response headers

date
Mon, 04 Mar 2024 19:19:01 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://en.hespress.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
85f4372d0d3b1da8-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 19:19:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9016 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 17:52:44 GMT
expires
Tue, 04 Mar 2025 17:52:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 564C 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
b5a25180539c862e88283415b7e3b9feb41b2c82f8c88f197f0876051af83bd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1Vv3K93ToDU7dxuYhsBt_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1Vv3K93ToDU7dxuYhsBt_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 19:19:02 GMT
expires
Mon, 04 Mar 2024 19:19:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
pagead2.googlesyndication.com/bg/ Frame 9016 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
sffe /
Resource Hash
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 17:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
5177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15753
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Mar 2025 17:52:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 564C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402220101&jk=4057408453229164&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9016 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-_G8Kw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:19:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 066E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJxwb5CxdcQkbg129M5LWRs7WIQ7BEvyTrhmjPF6YWUoQ0BAGEgeZ7WbkWr0lXKbwcfD9QVKbfCTRlDREh4aZpbba4IlOBFNl9ZSvcUMWxclcA_yDrvzs8ko-7IbpUqbuz5zpTq0dqB4b9s05lqRtpSlxUplYpeepuenWjXCk7&sig=Cg0ArKJSzFfaS0nc8rdLEAE&id=ampim&o=117,144&d=1366,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=173&tls=1173&g=99.92499947547913&h=99.92499947547913&tt=1173&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 19:19:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402220101&jk=4057408453229164&bg=!sbKlsv3NAAauXHXJjlw7ADQBe5WfOGRo4CMOuK4z_esAS7M6jizXRNuaxOEIQROYMwy-VlmW7ZLvjt83M8NpA7hflz3hAgAAAGpSAAAAAmgBB5kCzDsMZsHacB09lSzSlKsjejxoT5xgwWDqv_6pyFo00NYK3Rof5rtRSxQx3V81mUzi9prNgPP5JiW5DqPdcymbuOw020_2YCufyo8ehVgVHXMVh3cq69_yECqrssT7DzgG2bSteDFW4xz-nDB2lyVZaDggWVz0HLpEZzNx1iCaAMFvIKug5QIlCBuL8_qDv_YjAHZm_6C5bzzkxNp-jzIZwsfIbIlaHbQYRfGYKmJqmEXbAqlLCl8YIAqUPsM5s0QRHhxLtIXXH-5uE2EAllgtReMYH-yNsdsdE3VdSmaaMHCZhYC33UD6KiuS3thFNhwZdlUfFXi4eEwIDfUn168vaDTHWRZkTgSpIxiNUl74u7bGT8S721l_G17nv1OqVNnjiLm_8ddP9tjsahJFcIJIahgJ9F0KLNEbBLqKcWKQD9XUghgmnDu38X80t7ign_XdrbH__aIYqyN_pypJgqHk204PHlvBbbCjjqs-wh5fs0fszrJRtGI47hYCp-tiCBp3hhAHPb0OkbBZmLpRKwblFziaw3XPssSRF3KegEYsRvrocv6uj6c_ssPdjAWFwSBB1ygsPes2n2pykTc9IeFyE2-jjP2X0Z0Wl-SdACBGJVkc8IVItzYWIxGPTynbCUpGgX1QwTwV4Pj5OvIFJDfmowS60skQETBPuOEeTGk4Ev0GQYUcLWjF4ma5qdekErThuR9eMF1O-TVIp9WUwqfovbhxcGxkv1NVp4rlzQKc8WbJbM9NvSef5NW6XnV1870XMz2W3hBPx6M77jYjJUdFNYDZINWRfaDzG0INaimOhvJO_PlTfb70UX2UXbMWSEk6JVIAdvc1qXgDik3AJh47OOzYt0O-EMM1aI-MYYOva2p58tGEcpR58GjRNMGgcwFQ8kp-fmKIY-wYHSitompLCvIeZsViriUe6OJL_j7ORs8Xd0UhGnWzQDmzHZB6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.hespress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| refreshAds object| googletag object| dataLayer object| TWAGORAINARTICLE object| firebase object| config string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| __cfBeacon object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| iFrameResize object| ProjectAgora object| _taboola object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| pbjs object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_151 object| Criteo object| Criteo_identitytag_151 object| _33across function| _typeof object| TRC object| _tblConsole undefined| msg object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjMwNTFjMGNmN2I5NGU4bG9hZGVyX2pz string| MjMwNTFjMGNmN2I5NGU4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

10 Cookies

Domain/Path Name / Value
.en.hespress.com/ Name: _ga
Value: GA1.3.1643125201.1709579941
.en.hespress.com/ Name: _gid
Value: GA1.3.1991866732.1709579941
.en.hespress.com/ Name: _gat_UA-1423316-19
Value: 1
.hespress.com/ Name: _ga
Value: GA1.1.1643125201.1709579941
.openx.net/ Name: i
Value: 0d31c383-874f-4457-a0fb-5fe039c2c5a9|1709579941
.hespress.com/ Name: __eoi
Value: ID=54725ed4ed6f92f9:T=1709579941:RT=1709579941:S=AA-AfjYE-lYeNfG9TCXT9flafauq
.criteo.com/ Name: uid
Value: 3c7f64bc-548b-4413-b8e7-c1cfb2c09fd7
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.hespress.com/ Name: _ga_KT9208VCT6
Value: GS1.1.1709579941.1.0.1709579941.60.0.0
.hespress.com/ Name: cto_bundle
Value: FDbi-F9HR21sbyUyRms2SzAzeVh0VWFJM3F5YXNyYXVMSXZCY3EzYTJheDE2JTJGeVJURUdDdlYxZFlPcnh3ZHFsNHVaOEE4allFRTJIczJ0bHhINUJWazJuJTJCVEpyJTJCJTJCbGprU1pFNjNTOURMbzZQVDNKcUNVR3dEWnFqZEl5V2xiU3kzQXpwektSNWRCYXFkZThrR3ZqNDd3UHhIVUdnJTNEJTNE

9 Console Messages

Source Level URL
Text
other warning URL: https://en.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://en.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://en.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://en.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://en.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://en.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://en.hespress.com/
Message:
The resource https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://en.hespress.com/
Message:
The resource https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://en.hespress.com/
Message:
The resource https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29c01e3ee22b82c99a297e25e3e640ec.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.taboola.com
e1.hespress.com
en.hespress.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i1.hespress.com
lh3.googleusercontent.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pahtzh.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.16.57.101
104.16.87.20
104.18.22.196
104.18.23.196
104.18.35.167
104.21.94.165
142.250.185.163
142.250.185.174
142.250.185.206
142.250.185.65
142.250.185.98
142.250.185.99
142.250.186.33
151.101.1.44
172.217.16.193
172.217.18.2
172.217.18.3
172.217.18.4
178.250.1.11
178.250.1.3
216.239.34.36
216.58.206.34
216.58.206.40
216.58.206.42
216.58.212.161
34.102.146.192
34.120.135.53
34.98.64.218
74.125.71.156
88.221.110.122
069de08776d34883edd11545076f5be30560c30db1fd4fc019a0713b603d7ee6
06f607ebb34cac1c2f4875f825c697b1eefd4a5173c952c26467b81c2cd1a344
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
0a39bbf557f7cd035e620c0b5f45c6da91dfc9169d33a49e6f69e611d6a936b5
153781c7efbbc88b113e5644b250075909c9720ca6aad6bdc0110ef3b57f4777
156950d79b3572db2d92097db449b45cc655804173ca26ce7ef54bd46b2c5db6
15c97ee2267dd7ef2f86d74b194d0aa88254e14fec46628455a79132952121eb
17b6411859ca2406cbc418041252451e88a1b86ecc2016542ab120ff2d99ad05
1b23472e2bff7d48bca2a06c3833be94e69186ad328f255cb5af1392245d9597
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
27d03b2cf91c60b32f8daaeac0c83c082138f33021203811c0dd301a491a2c52
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36db87df01c2f96a136fc902ddc4b3f37895732be006f76af309c39e19ee4bc5
3b9cc773ba15951b78405338f9a63a936c1c9af731c85156347dcedb718eae60
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d2a0577284535f07a224fa5c60581b24e0ac1d807ae72dccb1f8239bb089d74
3da28b08437ad106c8c3b40c0a6502c1e51845d1a57f0a76388e13b235ac0afd
3f3e68532d4a42f1522febc58cfe7c15c222b7e74fc6308a2911b34e9b9667fe
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
451d2acc9e071c5263c4b5bd34c393819b0ba620b154bf515a394be3c5781163
45b5ed333c169fcfcd7341f37f10c6080cb80eed1014a88b5f1565dd61aaf388
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480e542c6993b6e8510b84bf3320fe1513c586729a19a3dccb620bfafc1954c0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
60fd7463cfb0b63a3819bc8880c840a6cb196271289b10f5a6de10ef25f1c830
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257866fe3da5e9d6f1f6f5f3b84445e9f8f631813703ebd1aa2589054219ab1
63daa3b62aa51489dbeacac68fd8da316184d54737893f4932ca009b9cad3cdb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
72e45edb061e6dc213f04978dbb43cf9fcf381079df30df948f1ad1a38c924b6
7604a7be68b59f8ce835a060d51de16c847f7aa16c61b280905305892364fed1
7edd90b33cea0503447f2307616599dbc93c28ed6e49c838ae822b99763abf1a
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
809a2c6a57e1191dcc96582e78eb59235b7f2db537e91cdf91ecf1dd541e5cdc
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
901e8331ddde83e69df883a7701be0f89e9cef068111db9511207e916917ba28
97301379274779a51fc991c429cf6bdae675c01c66b4a4e1d178a45d442953a1
9f7803bb1646f77f2b2c1312307096a107f3f2aacfb210fc84cfd24d20b1c434
a3b31dc7fd7f48aabf2dbd497b0244c947bb64b134255d4acd4bc404459d3112
a42f828fa2037789ed752db7ac9281f4044e7abcab8a3da01c25154614e73e49
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa
aaa42598845c624717a290657cfc2395f1aeabb59ae58bb3adee7436e6ded54b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5a25180539c862e88283415b7e3b9feb41b2c82f8c88f197f0876051af83bd4
b6022690df73e49e56653e9e473222becbe38fbf28711c56d4fc827946420fb6
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
bdb71532df6bd9a1122168412d7f5eeaee30b792b79f854ebd10e1ae06118dd3
be6860fcd6d375581758e3ddff211dd89bb45fa0d938da0e2f7cff8876501912
bea98c48715d43968cfec9c69a8fb6a5947e6f758526ac8a4744b485fec9093c
c1222379ce239661a18841bceef238852a38b9934f43804a7ce085599ca5e92a
c4fa512a905398f4207dcf41492073815b663fb62a7f6862ee94c9e03abdab84
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
cc4990c2c7fd22a571068f8448384136e655d38baa1bffa831d05b9af6110c0b
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
d889d09b671fa1b3090c87310c8000382e1aade26a285a31f678b81f2e8a95af
da0eda9283099d0b56ebcac9376c2243188ed47a60f00a3d5dd4875b93d77ac6
dd1ceeaf4feb9086fd29c2cf981cf97db17b40e032a0924b829aa3f852118581
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
eba8fa978069b8af6193d14828d29bbbcb2bafd096ec81e6416e64d1addfa431
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1
f5383c650ec73c05bf9dbed1260e62cec0c104515dd77eb5e3e58eb3f3b84e4c
f5e52c2ff5328b882ac161a996dac7c026b3b02d972b80dbb480a312506c89df
fa7130eb7e34cd091afb75080d5e37d7ef900a86adeaf045d8af9c0f21713436
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876