www.hebergementwebs.com Open in urlscan Pro
2606:4700:20::ac43:48e7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
Effective URL:
https://www.hebergementwebs.com/
Submission: On September 01 via api (September 1st 2021, 7:08:20 am UTC) from AU

Summary HTTP 99 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 99 HTTP transactions. The main IP is 2606:4700:20::ac43:48e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hebergementwebs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2021. Valid for: a year.

This is the only time www.hebergementwebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2606:4700:20:... 2606:4700:20::ac43:48e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
99	14

43 2606:4700:20::ac43:48e7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hebergementwebs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

propu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	hebergementwebs.com www.hebergementwebs.com	480 KB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	676 KB
9	doubleclick.net googleads.g.doubleclick.net	59 KB
9	propu.sh propu.sh	45 KB
6	google.com 2 redirects adservice.google.com www.google.com	1 KB
4	googletagservices.com www.googletagservices.com	128 KB
2	google.de adservice.google.de	287 B
2	googleadservices.com partner.googleadservices.com	466 B
99	8

	Domain	Requested by
43	www.hebergementwebs.com	www.hebergementwebs.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.hebergementwebs.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	propu.sh	www.hebergementwebs.com propu.sh
4	www.google.com	2 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
99	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.xing.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-03` - `2022-08-02`	a year	crt.sh
propu.sh R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.hebergementwebs.com/
Frame ID: F55F52E91E39FC9C4776D1D4872911F5
Requests: 48 HTTP requests in this frame

Frame: https://www.hebergementwebs.com/adsense/testtoday.html
Frame ID: 0E2D8DAB567AA7F992A61682F26C2015
Requests: 10 HTTP requests in this frame

Frame: https://www.hebergementwebs.com/adsense/testtoday.html
Frame ID: 9FCA747350213FF9DE6D980D223A6231
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html
Frame ID: A5442A0D6305550008A0E894B130EF17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111
Frame ID: 56DBB7D1A09E2348975D947E1659BCAB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62
Frame ID: 25E7F290F20DC8CDE2D04369A4C450F7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B1D4A1652E513FDE7A456F96F7C008B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: ACFCA7CEF1463CADF44AFC6187EAE6F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FE703E3FCBC71A56D22293BFF5EB1359
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93C9810047D4A4995D4815B89A3AEA2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D5734C89E0D9A46E4600A5BC185D3A4E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: 7F40AC8D59A89068485C4A33AF780C00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CD83E4A4BF0335C30FDEFBDD8F9914EB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E826E5550730396EBC60E432A294E898
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The latest web news in real time

Page URL History Show full URLs

https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/ Page URL
https://www.hebergementwebs.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

99
Requests

100 %
HTTPS

86 %
IPv6

8
Domains

10
Subdomains

14
IPs

3
Countries

1389 kB
Transfer

2684 kB
Size

0
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/culture/scientists-trace-the-fate-of-ancient-kangaroos-wombats-and-large-fangs
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/culture/scientists-trace-the-fate-of-ancient-kangaroos-wombats-and-large-fangs
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/culture/scientists-trace-the-fate-of-ancient-kangaroos-wombats-and-large-fangs
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/culture/scientists-trace-the-fate-of-ancient-kangaroos-wombats-and-large-fangs
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/tech/windows-10-21h2-will-recommend-switching-to-windows-11
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/tech/windows-10-21h2-will-recommend-switching-to-windows-11
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/tech/windows-10-21h2-will-recommend-switching-to-windows-11
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/tech/windows-10-21h2-will-recommend-switching-to-windows-11
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/movie-theater/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/movie-theater/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/movie-theater/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/movie-theater/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/video-games/minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/video-games/minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/video-games/minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/video-games/minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/tech/google-publishes-a-new-demonstration-of-duplex-the-ia-which-calls-people-in-your-place
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/tech/google-publishes-a-new-demonstration-of-duplex-the-ia-which-calls-people-in-your-place
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/tech/google-publishes-a-new-demonstration-of-duplex-the-ia-which-calls-people-in-your-place
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/tech/google-publishes-a-new-demonstration-of-duplex-the-ia-which-calls-people-in-your-place
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/blogs/plugins-wordpress-instagram-integrate-a-feed-insta-in-wp
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/blogs/plugins-wordpress-instagram-integrate-a-feed-insta-in-wp
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/blogs/plugins-wordpress-instagram-integrate-a-feed-insta-in-wp
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/blogs/plugins-wordpress-instagram-integrate-a-feed-insta-in-wp
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/cybersecurity/cybersecurity-three-cisa-tips-to-protect-yourself-from-cyber-attacks
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/cybersecurity/cybersecurity-three-cisa-tips-to-protect-yourself-from-cyber-attacks
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/cybersecurity/cybersecurity-three-cisa-tips-to-protect-yourself-from-cyber-attacks
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/cybersecurity/cybersecurity-three-cisa-tips-to-protect-yourself-from-cyber-attacks
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hebergementwebs.com/tvandradio/tv-tonight-stephen-graham-and-daniel-mays-return-to-comedy
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https://www.hebergementwebs.com/tvandradio/tv-tonight-stephen-graham-and-daniel-mays-return-to-comedy
Title:

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=https://www.hebergementwebs.com/tvandradio/tv-tonight-stephen-graham-and-daniel-mays-return-to-comedy
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hebergementwebs.com/tvandradio/tv-tonight-stephen-graham-and-daniel-mays-return-to-comedy
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/ Page URL
https://www.hebergementwebs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

99 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/ 96 KB
0 1006ms
989ms Document
text/html 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: www.hebergementwebs.com
:scheme: https
:path: /health/is-it-possible-to-reverse-prediabetes-naturally/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 01 Sep 2021 08:07:56 GMT
cache-control: max-age=3600
pragma: no-cache
set-cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44; path=/
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: SpeedGenius Engintron
x-nginx-upstream-cache-status: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KS3L0HVSPxjwhIPAWUt3cj8%2FpkLOD9X8NKpx7Xz7fzzMSnfXUFfPYJwV25TmYc1W4EbrMp%2BIQI8fgKf9ZgWg%2Fsr52%2BWgJKMTqHmL0PduXA3qxmbFjZ%2B8%2Bc5hQIIjspu6H8EVc66nKCH%2B9YLbDvG1NcR4W03m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 687caa1b6c66432d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 memwYa2wxmKQyNknTZM.woff2
www.hebergementwebs.com/image/fonts/memwYa2wxmKQyNknTZM.woff2/ 17 KB
17 KB 45ms
30ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/memwYa2wxmKQyNknTZM.woff2/memwYa2wxmKQyNknTZM.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/memwYa2wxmKQyNknTZM.woff2/memwYa2wxmKQyNknTZM.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762619
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17124
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Mon, 29 Mar 2021 16:19:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjLgTUo0ZAC6wEtz6EJNm%2FR2W74bXzK%2FE5hLaLcXm8MKcoezShTjc4kLuTwsGun86afcaZCRpFMG2B2PCPhTtSAFCOQUjlvw690GCPVvOAushEs%2B7p4YBCFwLkK0T61nnGz%2FUXwrfgxll6yO3xfBsPTr2Wb5"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa21bf3b2c01-FRA
expires: Sun, 10 Oct 2021 21:30:56 GMT

GET
H3-29 200 mem9Ya2wxmKQyNGcaIYScrg.woff2
www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNGcaIYScrg.woff2/ 17 KB
17 KB 30ms
15ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNGcaIYScrg.woff2/mem9Ya2wxmKQyNGcaIYScrg.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/mem9Ya2wxmKQyNGcaIYScrg.woff2/mem9Ya2wxmKQyNGcaIYScrg.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762620
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17016
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Mon, 29 Mar 2021 16:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv8ofEle1yaMIkEJDNQlRrEjYn2A2LSO0Rmg9OpIEt2DNSs8fUxboFt13Q0LoqNmQcJC1ROhZAUlwQhV7qg5B29IT6ExQuHxmf1xiXV1ZB1TYhQkAaEmj%2BUIvCRTCu9qSqTiJY0308d2qUjzVxHxrjy7MPbl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa21bf342c01-FRA
expires: Sun, 10 Oct 2021 21:30:56 GMT

GET
H3-29 200 mem9Ya2wxmKQyNH4aYYScrg.woff2
www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNH4aYYScrg.woff2/ 17 KB
17 KB 36ms
22ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNH4aYYScrg.woff2/mem9Ya2wxmKQyNH4aYYScrg.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/mem9Ya2wxmKQyNH4aYYScrg.woff2/mem9Ya2wxmKQyNH4aYYScrg.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762620
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17108
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Mon, 29 Mar 2021 16:19:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfpEcBdMSblVdvFVatY%2Bt0X5HR6HrA1j1T%2F4KyNn63FRccfB0TrmPqq4fpUYpOHmNesRxRuM%2FPRyxSx7NgmMjIT8YehZVbCqeFDGWIQIItOw4T8BKtCzW5%2FDLSGEf%2B5Nb%2Fd6YQX7nlSHuzzTMRaL%2Ffw1OdgD"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa21bf302c01-FRA
expires: Sun, 10 Oct 2021 21:30:56 GMT

GET
H3-29 200 ga-lite.min.js
www.hebergementwebs.com/image/js/ga-lite.min.js/ 1 KB
1 KB 45ms
30ms Script
application/javascript 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/js/ga-lite.min.js/ga-lite.min.js

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/js/ga-lite.min.js/ga-lite.min.js
pragma: no-cache
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762607
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: HIT MISS
last-modified: Fri, 02 Apr 2021 16:28:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q6FNtT3%2FRxKniQglIrq7hD%2BH47ww5i1rCcV0dFVtIH3dJ0fBmWoSSsItGFVOEboa9juUTC0NAb%2F2r4d3ybgwoPSB6re2Xnm6Vkpc49pyOBR%2FQhoYyXpH7olGj2X1xJETM7rbyDgq7bDgVbzFMVbhQ7%2FQeQk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 687caa21bf3c2c01-FRA
expires: Fri, 10 Sep 2021 21:31:08 GMT

GET
H3-29 200 Primary Request / Show response
www.hebergementwebs.com/ 199 KB
43 KB 491ms
480ms Document
text/html 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c070e18f5424d38ac984ee59dcd9673164c8999bd1c206bfcb79393c3df6984b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: www.hebergementwebs.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 01 Sep 2021 07:07:57 GMT
cache-control: max-age=0
pragma: no-cache
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: SpeedGenius Engintron
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a88CX%2B7IgGNcfXSp9GCBIXqCf%2Br5YhJveBagy%2BcNe4oy7PplCvmFwdG684%2Ba8k57FzpA78S9ei01w57k8b9UJQW1qmqVXQG138%2Bp0UJ1ExEd%2Fp%2FjGR8EutbHSVM62oKnTQvQnx0Af76NZp9DFq7YDckngchG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 687caa21bf382c01-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 memwYa2wxmKQyNknTZM.woff2
www.hebergementwebs.com/image/fonts/memwYa2wxmKQyNknTZM.woff2/ 17 KB
17 KB 16ms
12ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/memwYa2wxmKQyNknTZM.woff2/memwYa2wxmKQyNknTZM.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2d304fa40e81546e0d13d6cba4d5d21673df4efc210a97c8faf2f357152e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/memwYa2wxmKQyNknTZM.woff2/memwYa2wxmKQyNknTZM.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762619
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17124
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Mon, 29 Mar 2021 16:19:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDvOXcmemUs%2FyoF2XV8yxxorpFbmY5%2B1EeXCCp0P1kV%2BH5vk8YNkSiitjrOXLjiH%2FKGj7IMD4yLpBkleCV5D104%2BKTE8Xhmvgl6I%2FVLfgdzjyPNE9X5vaMYD2IBOdIY%2F%2Fgz9mD%2Bz1bWSARPnH7aN4%2BrOK8R2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa24cc992c01-FRA
expires: Sun, 10 Oct 2021 21:30:56 GMT

GET
H3-29 200 mem9Ya2wxmKQyNGcaIYScrg.woff2
www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNGcaIYScrg.woff2/ 17 KB
17 KB 16ms
14ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNGcaIYScrg.woff2/mem9Ya2wxmKQyNGcaIYScrg.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a30ecd2a62e1d9fab3d2e06c4544a0be6a21ab982f191922a5f7a8885d05f963

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/mem9Ya2wxmKQyNGcaIYScrg.woff2/mem9Ya2wxmKQyNGcaIYScrg.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762620
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17016
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Mon, 29 Mar 2021 16:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdVwtbATNNz4jfIaK0H%2FZVN8kEyEf9cmFB%2BVnjzP18iuC35fbhvwx2PDYmcyQrX%2FFvf9xfkYu4Xb4%2Ba1vO1zynzgRpM5jMhol1eUJ8keOCtITb5uxXz5kfFVe3mXfeXaUPHaq%2FptUSqBFPPcPXm7lKWIjc9r"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa24dca82c01-FRA
expires: Sun, 10 Oct 2021 21:30:56 GMT

GET
H3-29 200 mem9Ya2wxmKQyNH4aYYScrg.woff2
www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNH4aYYScrg.woff2/ 17 KB
17 KB 22ms
20ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNH4aYYScrg.woff2/mem9Ya2wxmKQyNH4aYYScrg.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b9c60bb78ce28b597f5eeabc7dc453a84ef2500c817bc14e47759711aafa741

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/mem9Ya2wxmKQyNH4aYYScrg.woff2/mem9Ya2wxmKQyNH4aYYScrg.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762620
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17108
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Mon, 29 Mar 2021 16:19:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfJw7a8TmY9AK3Dwv0dwstmiiFMVOlq%2BU2Y3SkLzPhobD8ry07IocUHgh32%2BgI%2FtQrFxeBmUB2Nk8N0oHIMlpwHyk8KARUvxmYbko2BkbZIkiwquwXNfAiYcIKzsK63P8JBNmVOdje%2FUx%2Fsghhd4B%2BAxd85i"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa24dcae2c01-FRA
expires: Sun, 10 Oct 2021 21:30:56 GMT

GET
H3-29 200 mem9Ya2wxmKQyNHUboYScrg.woff2
www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNHUboYScrg.woff2/ 17 KB
17 KB 16ms
14ms Font
font/woff2 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/fonts/mem9Ya2wxmKQyNHUboYScrg.woff2/mem9Ya2wxmKQyNHUboYScrg.woff2

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d92b2c3a7acdaecb1fa13f452fb7a6e81476e5eef77d72cc2cb8f05d71e00775

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
:path: /image/fonts/mem9Ya2wxmKQyNHUboYScrg.woff2/mem9Ya2wxmKQyNHUboYScrg.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hebergementwebs.com
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761908
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17148
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Fri, 02 Apr 2021 16:18:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57ndh9JiFnFC7HRGYlVlvVolBXcXqPxkE8cZ6Re5o33bev4%2FooRgQI9EV%2BRbBKIcjH3GWj0g2U5rHwu0WjkH8GP13KZnHroILfi8mxnilJokCZFNJnyNVJl8BMsU52CW1eb7RExwOUBug7Lwl7JL%2FjkNjW0i"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa24dcb02c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 ga-lite.min.js Show response
www.hebergementwebs.com/image/js/ga-lite.min.js/ 1 KB
1 KB 19ms
17ms Script
application/javascript 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/image/js/ga-lite.min.js/ga-lite.min.js

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a23af16a8f94767c703e8ae0f00edd3d61d1560c43ac34bd2f01820250d10b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/js/ga-lite.min.js/ga-lite.min.js
pragma: no-cache
cookie: PHPSESSID=f16873e93650d7709ff27eaeaf2a0f44
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762607
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: HIT MISS
last-modified: Fri, 02 Apr 2021 16:28:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg9D5THm7m9O3tW5bLaQGpEhIaOBj9JkF6sVmMpjgkzXB5P5zjTRhZL6277%2FyAJZ3X6k07o0VNHFb9SwjewQHGLC0qwPGBO62OeRvfDg4FyMrOG81tf6PH3i%2BO76BI1juPW8W38jenqMM8Bdms3ca7BBi2OM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 687caa24dcb52c01-FRA
expires: Fri, 10 Sep 2021 21:31:08 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 star.jpg
www.hebergementwebs.com/assets/img/ 11 KB
11 KB 20ms
19ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/assets/img/star.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc38e36b5ae506dc3d32580211b26ce82518839043cc433fc2af11edb81bfe20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /assets/img/star.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761103
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11164
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 24 Mar 2021 20:53:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzMy5GmLTa9PfEPTbp1cQB1XyySZ4fC5rOnx2%2F%2BejzaBGjksy9ioXLWLwfeOPniOag0gUiGm%2FOPzf8G60fWbYs9x0S82aLvh4df%2F1dVolc8lRPNZHsF7fUT%2FeY4veRx%2B6ffoxjAguWfb12jDfI4EbIu2nCPl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa264efe432d-FRA
expires: Sun, 10 Oct 2021 21:56:12 GMT

GET
H3-29 200 white.png
www.hebergementwebs.com/blog/images/ 1 KB
2 KB 14ms
14ms Image
image/png 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/blog/images/white.png

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4e37ead02ca9dfc6bc18866aa777ec5bbd8f0c976e1bebf9a32dbef037c074

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /blog/images/white.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762216
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1372
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 27 May 2020 17:42:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK%2BDAgFn%2BZ15UudBRxDel2aTYmqKstO25y867LXfPXnE0D1FPyO8plhxegyvAk4cAw6Mq2hfjYo7K8gYG4pbYfmOfLh7rMi6AIgrw2qIOJNOOBdS84a%2BM5xE46YStkYhUSqOmacUk8ufLrxqlIYvgEyEzXE6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa27191b2c01-FRA
expires: Sun, 10 Oct 2021 21:37:39 GMT

GET
H3-29 200 hebergementwebs_v2.png
www.hebergementwebs.com/image/body/hebergementwebs_v2.png/ 7 KB
7 KB 16ms
15ms Image
image/png 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/body/hebergementwebs_v2.png/hebergementwebs_v2.png

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f01454b6434c7bb21de2463ed2fbe26b77a461bda821510480f3f20f0d4c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/body/hebergementwebs_v2.png/hebergementwebs_v2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761908
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6706
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Thu, 15 Apr 2021 17:12:07 GMT
server: cloudflare
etag: "607873e7-1a32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bn%2Bz8uOIHabnxdLZJCAe5zSd3pgbHaGU6gGgoRbesnNFDxiqNPN1KLsxsmi%2FsMXGfNTTjkEvBmP6ZO0tGPN075D%2Fjsg%2FyvOBu2VrKd7Kvs1ebNw1TjbsovBK4wgql7c3PJn%2FVWaID0zbazwxgfWmGpJuOEb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa28cc4d2c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 en.svg
www.hebergementwebs.com/blog/images/flags/ 8 KB
6 KB 16ms
15ms Image
image/svg+xml 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/blog/images/flags/en.svg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be8f8acb4f6636723fe875670572cc2aab139957333163c1eb57ebabf13c94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /blog/images/flags/en.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761908
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS MISS
last-modified: Fri, 19 Mar 2021 13:33:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oyQg4NQMAAr1mcEy3hk8B48DfY40vRLjEXkeg6wHsmtKfXLV15vpPpEphdJSv%2FeOkTeS0DmTGJToDuTD4757dDU2Ksg5UCBZSQTYDrDyK73sisdGEdk72knV%2B5Wv5vw1S8RKmuRemwLHkJbHhcy6ZQdHgUr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 687caa28cc4f2c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 fr.svg
www.hebergementwebs.com/blog/images/flags/ 5 KB
4 KB 17ms
16ms Image
image/svg+xml 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/blog/images/flags/fr.svg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f769ab4d3d35669064521226584b8fa3ae3429d76f8798c6e9af62d332c3849e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /blog/images/flags/fr.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761908
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Fri, 19 Mar 2021 13:32:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaYzG%2FS%2BY6KvutA5LS6C7dEJ6Ny3vJlffLOHyPmflBu4gO2qEba1V%2FNjOwyaiXjH%2F0zKhL1Hug6vfnp0%2BqLk80x6YAUdDgKXe9W%2FI2H1px3iR3MBvDacZa9Xdq0DurmMn4Pe%2FxP90GaMxspbZhYWf1zQctJY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 687caa28cc512c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 es.svg
www.hebergementwebs.com/blog/images/flags/ 7 KB
6 KB 19ms
18ms Image
image/svg+xml 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/blog/images/flags/es.svg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b279ff71dc74dad3f536670e63b499f22094909b8f92e3505b450c87c18ced62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /blog/images/flags/es.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761908
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: STALE MISS
last-modified: Fri, 19 Mar 2021 13:28:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHfswXMoV%2FtN%2BXg16v7iwNin6Ndn2VrT3RCYc1kkEwIn3eyLVQYcGQXGYqB6h4%2BnK4FgC5MOJY2HQzT%2FwggMELNfwXFBQISRrGY43O8VZ%2BX32vdblvoj53Od3VbPTaR2N0d0Unf%2Fpziqe%2F7i8UUNP8jzPJfl"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 687caa28cc522c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 world91.jpg
www.hebergementwebs.com/blog/images/flags/ 6 KB
7 KB 17ms
16ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/blog/images/flags/world91.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af56a4cd5343b12bc133eabe7bf2e9744f322e169db2f52b7e03145aa6cc2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /blog/images/flags/world91.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 709027
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6579
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 07 Apr 2021 12:50:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOnqVXJU4HDuRgOPRr3rVUqmgr4rDrDmoHnDqGSMukbi9Cua7bAA7QDfqJtXgv8tFwo2WQmyRwKMcFj4irZcnIPk3bp6UX2e%2FZqLzU7Z0sx5b11PgJukEaqtx0JkPTzProF6asxjriX%2FJNsBtGZaAcgvl3gF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa28cc532c01-FRA
expires: Sat, 23 Oct 2021 02:10:50 GMT

GET
H3-29 200 8c83a1d9ae297ef7473c7716faf55168.jpg
www.hebergementwebs.com/assets/img/thrends/ 5 KB
6 KB 32ms
31ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/assets/img/thrends/8c83a1d9ae297ef7473c7716faf55168.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f9558d1e810f8ef50be4a66fb025ca7e9d97836b399d73117a567e891204e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /assets/img/thrends/8c83a1d9ae297ef7473c7716faf55168.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52729
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5210
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Sat, 21 Aug 2021 15:01:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuBYQukCuyJYlNPnrKudPihSJPE8ein8J3EokIxWyH%2FmghodE9qyTD1WMXi7lK%2BWv7cn4%2F1bo9MngsLYs1pqKfoXxJVnnXVjAazWy3jh3%2B3qCj2lO9GO7SqzaeUiRMZL8WdosZpiit9ogv1158ZKcvEUHgRa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa28cc562c01-FRA
expires: Sat, 30 Oct 2021 16:29:09 GMT

GET
H3-29 200 e97bf5989713e85c54eb382ea1804a7c.jpg
www.hebergementwebs.com/assets/img/thrends/ 3 KB
4 KB 20ms
20ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/assets/img/thrends/e97bf5989713e85c54eb382ea1804a7c.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a33542c10a0f3c1d0592a635dbc2c6e3c9f7f499247d1897e7d95bc8e0b0cad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /assets/img/thrends/e97bf5989713e85c54eb382ea1804a7c.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52729
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3087
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Sat, 21 Aug 2021 15:00:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g14JLdO%2F1vgjf46TqSXjDz4S8YZJm%2B3iYQ8dznTGa%2Fuzi8wy1Ms%2FE%2BoGWUbSOpLT7BXp10NpVUlnI2JoaGt%2F0fSHhuBtKpTLIESiUcdrzm8KKfiugVCADaoENvIvquwVqAH0555TM82yijI%2Fncq96JLDnklx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa28cc5b2c01-FRA
expires: Sat, 30 Oct 2021 16:29:09 GMT

GET
H3-29 200 7537244572b648dff85fd29eae39c154.jpg
www.hebergementwebs.com/assets/img/thrends/ 3 KB
4 KB 181ms
180ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/assets/img/thrends/7537244572b648dff85fd29eae39c154.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

febfe0010f1f48f91241f606acac1255725adf2e0255bdfe5b74bed45aeb78ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /assets/img/thrends/7537244572b648dff85fd29eae39c154.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3002
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Sat, 21 Aug 2021 15:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLh3JCDvVjhEr3akUGGhxHcOq%2Bq4XT8V6gYy8S6QbgMxXn1ZZUupLhy48X%2BcSqQud0NT2WmM8FIHVVkOusnxrkU5IfekpbBSfKL2GWWW8NtKeVkgS7l4MHHS6Lcify9vll8Uj4JXcXUNzbqrVs0oBbFdHRyJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa28cc662c01-FRA
expires: Sun, 31 Oct 2021 07:07:57 GMT

GET
H3-29 200 scientists-trace-the-fates-of-ancient-large-kangaroos-wombats-and-fangs.webp
www.hebergementwebs.com/image/4f/resize-4fbb9bc4fa742c9545247f2bdbf76ea2.webp/ 14 KB
15 KB 466ms
459ms Image
image/webp 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/4f/resize-4fbb9bc4fa742c9545247f2bdbf76ea2.webp/scientists-trace-the-fates-of-ancient-large-kangaroos-wombats-and-fangs.webp

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7944380b6804bb7298f5324f90b07ac5a2cd82453930acfd2cddbd658cfa5ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/4f/resize-4fbb9bc4fa742c9545247f2bdbf76ea2.webp/scientists-trace-the-fates-of-ancient-large-kangaroos-wombats-and-fangs.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14776
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 02 Dec 2020 16:24:21 GMT
server: cloudflare
etag: "5fc7bfb5-39b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEVl5%2BKtFXPOZj3cL72%2F8UmEErMuxSQ5c6tjaRpWMCSlzgqAToAh9nhs1JloyiO%2FVeFKnPz77nJPpGUIwWaaT1MA%2BD3Bu4SkNZ57HD4l6ABHbgqcBk7CDpIXMIktSkpmxH9bR1t6TuvATSLEuMNV2ZUGedbW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa28dc692c01-FRA
expires: Sun, 31 Oct 2021 07:07:57 GMT

GET
H3-29 200 scientists-trace-the-fates-of-ancient-large-kangaroos-wombats-and-fangs.jpg
www.hebergementwebs.com/image/4f/resize-4fbb9bc4fa742c9545247f2bdbf76ea2.jpg/ 18 KB
18 KB 702ms
699ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/4f/resize-4fbb9bc4fa742c9545247f2bdbf76ea2.jpg/scientists-trace-the-fates-of-ancient-large-kangaroos-wombats-and-fangs.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79491a98b81a8e5f09e06208b51b6ccbc41ad2ee070b1f09658f7eddcba6b018

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/4f/resize-4fbb9bc4fa742c9545247f2bdbf76ea2.jpg/scientists-trace-the-fates-of-ancient-large-kangaroos-wombats-and-fangs.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17993
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 02 Dec 2020 16:24:21 GMT
server: cloudflare
etag: "5fc7bfb5-4649"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGz8RwZmMEfM1zrVIG%2BuYJbGlu4OgtTl4Mgdim1Bg6gt8ukGEf5mGjQObdj%2FeaHLiNv4A%2BBx4a0QtR29dPMXLnmJWdNqAA1KkgPQPAbshTfRAmiPb8vWlE3izh0ukcVKE%2F54fpqDyFlqex7%2FolxQyl1D%2FfX1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dbd2c01-FRA
expires: Sun, 31 Oct 2021 07:07:58 GMT

GET
H3-29 200 facebook.jpg
www.hebergementwebs.com/image/share/facebook.jpg/ 2 KB
2 KB 17ms
15ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/facebook.jpg/facebook.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5096a708d695b7e7dda47401b34ab884d6651673779f033603367b8ae8514b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/facebook.jpg/facebook.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761909
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1751
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:50:32 GMT
server: cloudflare
etag: "6061f748-6d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVagZwBWJh07ypt%2FFeRRt40unI1Vf0sbgyVBDNVML3Xk9sWVRHmb2Vty9FxgNzQ4nk3USpiUZZEcbcuvZvuK%2B%2BXxCQHzb2xALZmMtzvHIz0VjxtLbf7PQsHHMSXc%2FxxsQiiK0KNmVhz9TJhoVO6vDYvkitH8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dc02c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 twitter.jpg
www.hebergementwebs.com/image/share/twitter.jpg/ 1 KB
2 KB 16ms
14ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/twitter.jpg/twitter.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51b2dc7cd9a230041bdc162d263a1695fcd2144d214de34763a9c01feb9cdb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/twitter.jpg/twitter.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761909
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1316
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:54:16 GMT
server: cloudflare
etag: "6061f828-524"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNcOyUBVQ0flIYEFIO4l7Dt6L5yTY8668g12UDwK18%2F%2FFq%2FzAHuB5tYnVFGtY910raQdZF19j5kpSHIbMBOwNXZTGdYA48tBpOxSvnEoFdU23OtFvOmWFP1ZssN6WrbGTAf454eyS%2F4vrYtpj219X5x9MXJo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dc22c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 xingi.jpg
www.hebergementwebs.com/image/share/xingi.jpg/ 2 KB
3 KB 14ms
13ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/xingi.jpg/xingi.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec79c42c5638934fdd8f5ac406f850edb418d688ed009d0cfb3e7e560f86c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/xingi.jpg/xingi.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761909
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1996
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:55:22 GMT
server: cloudflare
etag: "6061f86a-7cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QQy5G9O84yFuQKU94JgYpqPI0wkFN0pCMlrAyEuPrwsCAPXpGGu2Kk%2By%2BDg9E8FgBApxuK2WGth8lc%2BdFarfCCWgqUGf0lkOrGGcLaiDcfoORm9%2BfxdgbkGS%2Fq6uPEHl2TV29oh1pBBMp3iDwk2X9egbzdl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dc42c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 linkedin.jpg
www.hebergementwebs.com/image/share/linkedin.jpg/ 2 KB
3 KB 16ms
15ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/linkedin.jpg/linkedin.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e2bd27c0b33e210b76872f5d54444bd0caa0f729ef3a7d1c7270a6b670f2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/linkedin.jpg/linkedin.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761909
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1958
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:55:58 GMT
server: cloudflare
etag: "6061f88e-7a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoRS3ez2BUmq5UnfGteg8l0wtyfATPRJyybAuq9ZBN%2BA%2Fh%2B0uy4KLmd5NQqd9y14ckzVqGCeo%2FH%2BZlYCm%2B8PrYiFQf7MLJcV7Wwnkc67RBEg1kE4N4%2BXXdhWhOE5qkjBiv2IDaeo23HYWbpgHqH%2F%2FwHYJDIg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dc52c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 windows-10-21h2-will-recommend-switching-to-windows-11.jpg
www.hebergementwebs.com/image/2b/resize-2b8b679c416aa7ad26d0b5563706290b.jpg/ 4 KB
5 KB 1102ms
1100ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/2b/resize-2b8b679c416aa7ad26d0b5563706290b.jpg/windows-10-21h2-will-recommend-switching-to-windows-11.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ddb6a1af863a3126ac48886151dc2928450967d23ad45297d2351acfdc0539d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/2b/resize-2b8b679c416aa7ad26d0b5563706290b.jpg/windows-10-21h2-will-recommend-switching-to-windows-11.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4294
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 01 Sep 2021 06:30:02 GMT
server: cloudflare
etag: "612f1dea-10c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La8byej1HkPvr0KHEXAGlFF0GeFucjzdlgqVF4ffJLh60q%2BpsvvvLkwCmnYPaejtGW2J1JzzAlLukjXdyo5y9g1GAWmf7DaOw68fW5CLEN%2BBn0dqGhxBz0k05NPLx7WRSeJTqXroDlpYEoOXCw%2FUOz37kKUX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dc82c01-FRA
expires: Sun, 31 Oct 2021 07:07:58 GMT

GET
H3-29 200 windows-10-21h2-will-recommend-switching-to-windows-11.webp
www.hebergementwebs.com/image/56/resize-56d063c9381c850b94a0561f1d11269a.webp/ 24 KB
24 KB 535ms
533ms Image
image/webp 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/56/resize-56d063c9381c850b94a0561f1d11269a.webp/windows-10-21h2-will-recommend-switching-to-windows-11.webp

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf0606974d30a820d9b212a1476a383e6494996c41fb168bef1889c4c4eb3cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/56/resize-56d063c9381c850b94a0561f1d11269a.webp/windows-10-21h2-will-recommend-switching-to-windows-11.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24272
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 01 Sep 2021 06:30:06 GMT
server: cloudflare
etag: "612f1dee-5ed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HuYh1sd4C26GOpg0cDf%2BCkdmKsplA98HVn3h4TcQ9KA0myzLsC9yYt%2BqCfA0EifDZqUIDAWI%2BPTjHFsyAFJjD8W3gYwmgKe2l1OJdESKcSB2JyAeXSekENsqv6XNFnc4vu6DKjvMp4VDLwKOJ0DWv9uV1f6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa299dca2c01-FRA
expires: Sun, 31 Oct 2021 07:07:57 GMT

GET
H2 200 ntfc.php Show response
propu.sh/ 15 KB
6 KB 145ms
49ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/ntfc.php?p=4217846
Requested by: Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9edfbe24e3b2e97fff21882c2319f55e0adf9d34f0a5d1c84f10a557db386d1f

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 07:07:58 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 11:25:37 GMT
server: nginx
etag: W/"612cc031-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus.jpg
www.hebergementwebs.com/image/fd/resize-fd54ce309a1d07918d976a07c675ca9b.jpg/ 22 KB
23 KB 499ms
497ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/fd/resize-fd54ce309a1d07918d976a07c675ca9b.jpg/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69326e6a1c44650e099e603a904313d2b48b44c908b8881e882c102cc959b606

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/fd/resize-fd54ce309a1d07918d976a07c675ca9b.jpg/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22849
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 01 Sep 2021 06:29:24 GMT
server: cloudflare
etag: "612f1dc4-5941"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIc4ta8n5k1AoI7gHQ58qX2kfk4OBQGO2ENfkBN8sCJn38hsjmOnUJBlBC%2BPLn7wl1WiExbLt1yFa5Ir1p0B%2B4MNLvk7YKGPQ4%2Fx80m8Ywwf76GH%2BeqvlH9hUfHiDgpBZ%2FtGzfcwJiU8%2FoB%2Br9cBhTcqjpoo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa2aaf8a2c01-FRA
expires: Sun, 31 Oct 2021 07:07:57 GMT

GET
H3-29 200 shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus.webp
www.hebergementwebs.com/image/84/resize-84c80b13bd70bd37e3c3926408ea8980.webp/ 114 KB
114 KB 745ms
744ms Image
image/webp 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/84/resize-84c80b13bd70bd37e3c3926408ea8980.webp/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus.webp

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0509d47fc3ae03f0786a8ee59c5ee7d525462e47132e8aad8adabf7dd61f103

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/84/resize-84c80b13bd70bd37e3c3926408ea8980.webp/shang-chi-marvel-already-has-a-lot-of-ideas-for-a-second-opus.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116464
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 01 Sep 2021 06:29:28 GMT
server: cloudflare
etag: "612f1dc8-1c6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDs8bK%2FTpHyFm7yodaHMud2OjAIhPC1Umzw4yCx6Qq2IMKhPi6U0BeXalsvpSpkoM0njbZrbqcDt4JWFTGGmuieBIwYm86RPNlUj%2FHlhvPDvI7hGZrdC0QfCksQQwhpnpppiPP2lCXa9IgGbmm1eD1x87Cs%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa2aaf8d2c01-FRA
expires: Sun, 31 Oct 2021 07:07:57 GMT

GET
H2 200 zone Show response
propu.sh/ 663 B
956 B 48ms
48ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/zone?pub=0&zone_id=4217846&is_mobile=false&domain=www.hebergementwebs.com&var=&ymid=&var_3=

Requested by

Host: propu.sh
URL: https://propu.sh/ntfc.php?p=4217846

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bf4147ea2649766b76a18213ee8b51d80c4545bb8502c2a2d8767a00cd059daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: a1971391bdc7a43548543ba4ae57b9a5
date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 663

GET
H2 200 universal.min.js Show response
propu.sh/pfe/current/ 101 KB
37 KB 126ms
42ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/universal.min.js?v=3.1.322
Requested by: Host: propu.sh
URL: https://propu.sh/ntfc.php?p=4217846
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d9e474035edd33bc07bc1f74503c5bcb02ac2015157ead0dd528509b1c614ce5

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 07:07:55 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 11:25:32 GMT
server: nginx
etag: W/"612cc02c-192d7"
content-type: application/javascript
access-control-allow-origin: https://www.hebergementwebs.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler.jpg
www.hebergementwebs.com/image/85/resize-856ac214da902c1c7a9a909d20f8f1ca.jpg/ 8 KB
9 KB 477ms
474ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/85/resize-856ac214da902c1c7a9a909d20f8f1ca.jpg/minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ad61d4e906b61a1b57dc2446dd7bcc5ec0fa4c6e7db1cdc1668fc9bcbb8ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/85/resize-856ac214da902c1c7a9a909d20f8f1ca.jpg/minecraft-a-spin-off-arrives-in-the-form-of-a-dungeon-crawler.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8165
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Sat, 10 Oct 2020 12:50:35 GMT
server: cloudflare
etag: "5f81ae1b-1fe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDh1zDPF9m7qdgqw9VbgXVi5SIY%2Fch88Y8CSFw5QFXLig9Ob%2FzDOPmTzo%2BqvbJaqnqvfk93ux5h6Q6GYd9LUC0Mx0Fv1yksVe3WHhMXnq5vVg%2FuJ9ZlCPLWKCbcyrruyxUmrKbkVoaG0GyGg1rDEup8WgRpi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa2b68fc2c01-FRA
expires: Sun, 31 Oct 2021 07:07:58 GMT

GET
H3-29 200 default.png
www.hebergementwebs.com/image/de/default.png/ 4 KB
4 KB 16ms
16ms Image
image/png 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/de/default.png/default.png

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393af021f751b4c2737d5568ea2fd763cc8891837fd205f62b986318776c410f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/de/default.png/default.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 989793
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3638
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Tue, 13 Oct 2020 14:45:31 GMT
server: cloudflare
etag: "5f85bd8b-e36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqvYEkRYBfywl9jLqAW3PwTDHWh%2BDyT6xVnSN9SQ7P5TZyzblWCMDbwVEj28eKQ07Ognh8RhSNfSHGWCdJBLc4UtSwoE067bCXM2%2FtDjCwz0J6KXCJpBG3YhlB9BMWnhy0mh3m83fVZXJtdA04LkEk9meKVg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa2c3a8a2c01-FRA
expires: Tue, 19 Oct 2021 20:11:24 GMT

POST
H2 200 custom Show response
propu.sh/ 39 B
330 B 48ms
48ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: ef8c17da2ca2bc5707b00c057af0a266
date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3-29 200 sw.js Show response
www.hebergementwebs.com/ 5 KB
3 KB 13ms
13ms Fetch
application/javascript 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/sw.js

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c9a516d31cd5fc2cb79f46306b57aa155ea5c378cebd1b050b6749d6d6b971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /sw.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 671152
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Tue, 24 Aug 2021 12:37:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyngvXBvjOVYm4IEVARyXAm9d%2Fyx4uO4no8%2FqxNtr8Rtpp4pTUaJnw1u1PvQXDztda7VcJdnq9Is8a3DTdASpHU8x2UTDbjUx%2B2XSYT%2BsRseNKOIJ8nAql8YfAQ%2B8k%2BXKdpYVMsv6QuPWP6EKY1tc%2Bl%2FHcmL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 687caa2c6af42c01-FRA
expires: Thu, 23 Sep 2021 12:42:05 GMT

OPTIONS
H2 200 custom
propu.sh/ Frame 0
0 41ms
40ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hebergementwebs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Sep 2021 07:07:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
propu.sh/ 39 B
332 B 49ms
44ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 7159b39b79339778a7b950f754bf4293
date: Wed, 01 Sep 2021 07:07:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
propu.sh/ Frame 0
0 41ms
41ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hebergementwebs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Sep 2021 07:07:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H3-29 200 ajax-page.php Show response
www.hebergementwebs.com/ 18 KB
3 KB 191ms
190ms XHR
text/html 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/ajax-page.php?urlprefix=article&lg=en&cat=&search=

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4268e2db74cc2ed81c0b959aa62306c27b0b4838b468467703a9e04818303a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hebergementwebs.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 232
:path: /ajax-page.php?urlprefix=article&lg=en&cat=&search=
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: multipart/form-data; boundary=----WebKitFormBoundaryqzLl13oPzF7bUhAk
accept: */*
cache-control: no-cache
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryqzLl13oPzF7bUhAk

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: SpeedGenius Engintron
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0uYgLSB%2BsyIOH7fPHeKG7glspZUC5wtlgCzjFo%2FTdqrrACyIhaw7YNJX75mHBoYAdqIZ7v3ElORitGFpLMCczYtWhOAf9OLJ2vhOy6vR%2FTSlnfTBtBvxa6hntqvcTBsroczUGDV6RrgCgP54qAQkm7SaZSi"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
set-cookie: PHPSESSID=eb1e59eef37d94b9049ac2d19eb704a9; path=/
cf-ray: 687caa30aa872c01-FRA
expires: Wed, 01 Sep 2021 08:07:59 GMT

POST
H2 200 custom Show response
propu.sh/ 39 B
331 B 56ms
55ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/health/is-it-possible-to-reverse-prediabetes-naturally/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 59c41de52f9201cfc8c3e94f4167ee88
date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
propu.sh/ Frame 0
0 40ms
40ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hebergementwebs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 01 Sep 2021 07:07:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.hebergementwebs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H3-29 200 facebook.jpg
www.hebergementwebs.com/image/share/facebook.jpg/ 2 KB
2 KB 17ms
13ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/facebook.jpg/facebook.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5096a708d695b7e7dda47401b34ab884d6651673779f033603367b8ae8514b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/facebook.jpg/facebook.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761910
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1751
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:50:32 GMT
server: cloudflare
etag: "6061f748-6d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVuIzH5BMa9oqKamxo06k2u72EbiZq%2FOzohKdPovgszDtjts8mOJWmNVzVhmHAuciyW8jdKvGjR6QmXoRCwMOgDvvjTZDvixCpXcHGLvPPkGc0s125GkUh6u%2BOKJc%2B73weI%2BAQZHIgv7vzuzHZ6qRi9cu7vh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa316bc92c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 twitter.jpg
www.hebergementwebs.com/image/share/twitter.jpg/ 1 KB
2 KB 12ms
11ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/twitter.jpg/twitter.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51b2dc7cd9a230041bdc162d263a1695fcd2144d214de34763a9c01feb9cdb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/twitter.jpg/twitter.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761910
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1316
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:54:16 GMT
server: cloudflare
etag: "6061f828-524"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M9sFwrg1azeSIFU%2FSqIsLbXOR7T0jTi1o5E9jKLWBh%2FC%2FoaULokAvuQ6WlToNF7132zb4W9LGmyCjDVSCV7bLb3L0VbhMwA7k%2Fe8rvyhhTh0hyimRumIa6kbq%2BNYEtQz9IOfmy4u7wIe45iKyRoDt5BF524"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa317bd32c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 xingi.jpg
www.hebergementwebs.com/image/share/xingi.jpg/ 2 KB
3 KB 14ms
13ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/xingi.jpg/xingi.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec79c42c5638934fdd8f5ac406f850edb418d688ed009d0cfb3e7e560f86c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/xingi.jpg/xingi.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761910
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1996
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:55:22 GMT
server: cloudflare
etag: "6061f86a-7cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM0dyeucUgC0az5qqaff8iZsNFVtJU7dVpAI6jQ%2FaZ%2B2balSdBh982jfIGv8Tp66hhSU%2FBIJYoZYWcfBAYxe6l9ZoYx3%2FRLMUvaSU%2BP05pREeszjtqNREdLX7Hxt4roTXXsdu%2Bo3kJZO6U3omD396fPsq4LX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa317bd42c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 linkedin.jpg
www.hebergementwebs.com/image/share/linkedin.jpg/ 2 KB
3 KB 14ms
14ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/image/share/linkedin.jpg/linkedin.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e2bd27c0b33e210b76872f5d54444bd0caa0f729ef3a7d1c7270a6b670f2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /image/share/linkedin.jpg/linkedin.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761910
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1958
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 29 Mar 2021 15:55:58 GMT
server: cloudflare
etag: "6061f88e-7a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6btXtHw5LTeHmtE%2FeNfIeQVC70YirLAGEbt1J47VRd7UAv5jdM4lxSjXGeYitqcmACGqdx6S6334qS67mz%2BNAbdVMQl3PEtuAz6lMNxxKamFO0PU%2BtnQrPksLhsstyosKNpoY%2FV4yn6lLBEVneUNSdsB8n9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa317bd62c01-FRA
expires: Sun, 10 Oct 2021 21:42:48 GMT

GET
H3-29 200 white.png
www.hebergementwebs.com/blog/images/ 1 KB
2 KB 14ms
14ms Image
image/png 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/blog/images/white.png

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4e37ead02ca9dfc6bc18866aa777ec5bbd8f0c976e1bebf9a32dbef037c074

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /blog/images/white.png
pragma: no-cache
cookie: PHPSESSID=eb1e59eef37d94b9049ac2d19eb704a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762218
x-server-powered-by: SpeedGenius Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1372
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 27 May 2020 17:42:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h28TXUsaJ4dqk95EyHoU4pV5M6tW9c5M9HSj09%2BJX6iHpbTKyX82BAey%2Bvuc5ljhF0sIYnVQturJi4RPZOCOLoN%2BvjcnrZxeFLV4N49tjYntygvB0cTCE%2FuS8E3buUiY14zRZ%2BwurROlpWP%2B3XSnL3p2G8u%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa321d152c01-FRA
expires: Sun, 10 Oct 2021 21:37:39 GMT

GET
H3-29 200 testtoday.html Show response
www.hebergementwebs.com/adsense/ Frame 0E2D 384 B
930 B 390ms
389ms Document
text/html 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/adsense/testtoday.html

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a836f79b33976dd32c268a26620c34c06345e1bec01d513b90b8bde5a682fd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: www.hebergementwebs.com
:scheme: https
:path: /adsense/testtoday.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=eb1e59eef37d94b9049ac2d19eb704a9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 17:53:35 GMT
cache-control: max-age=0
expires: Wed, 01 Sep 2021 07:08:00 GMT
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: SpeedGenius Engintron
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DXYo%2FH4tDCLB45X0EGi7h6qc3FYaSmKrO%2Bh7Mo%2BTwbOguU5fv4nm%2FNu5K1waog2TvtvY4Zqw2XypwiZDgcpE3Os0zR1xkA6rIkBLHy6xiRUctVdKHJWq774mD5ULATBkw%2FsOZi1glDKw0cWnuYcluhnO9ko"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 687caa321d202c01-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 testtoday.html Show response
www.hebergementwebs.com/adsense/ Frame 9FCA 384 B
929 B 152ms
152ms Document
text/html 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hebergementwebs.com/adsense/testtoday.html

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a836f79b33976dd32c268a26620c34c06345e1bec01d513b90b8bde5a682fd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: www.hebergementwebs.com
:scheme: https
:path: /adsense/testtoday.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=eb1e59eef37d94b9049ac2d19eb704a9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 17:53:35 GMT
cache-control: max-age=0
expires: Wed, 01 Sep 2021 07:07:59 GMT
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: SpeedGenius Engintron
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQwPhcEW4gQ732ekQEJVKBMHnDaeUxioTlymz7BzL6unc1bVqetoiB3P3Ip%2BagaA9dguxkHvJ4VSSlOOuY4b80dMK%2BuMLmIoBNFWetwVt49XMLzs0WLTIJdo0voflF3d%2B%2BIfsYwDVnkrX%2Ft4mfAEE4fGXgei"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 687caa321d222c01-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 star.jpg
www.hebergementwebs.com/assets/img/ 11 KB
12 KB 13ms
11ms Image
image/jpeg 2606:4700:20::ac43:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hebergementwebs.com/assets/img/star.jpg

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc38e36b5ae506dc3d32580211b26ce82518839043cc433fc2af11edb81bfe20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /assets/img/star.jpg
pragma: no-cache
cookie: PHPSESSID=eb1e59eef37d94b9049ac2d19eb704a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hebergementwebs.com
referer: https://www.hebergementwebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761105
x-server-powered-by: SpeedGenius Engintron
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11164
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 24 Mar 2021 20:53:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPsgs824hvPc%2B6n59VHeaT118jCxc9YqAkXNpFGYdJey1Wuei9x5vm%2BiJ8o3GcXxbH3YpC3oUnx2rvsFdErHr1OXRCFXc7%2BaQWiKInguSc3WyGO0e51idQc6%2FRG2d1RJ9R9kXNCqeRMAvmc5cQP%2FghuTrjuq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 687caa321d242c01-FRA
expires: Sun, 10 Oct 2021 21:56:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9FCA 138 KB
49 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/adsense/testtoday.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1750be3128ffe89925474628f7b462b144b4170306d513beac4a49878620eda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49571
x-xss-protection: 0
server: cafe
etag: 3244517942752320355
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 07:07:59 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ Frame 9FCA 250 KB
93 KB 48ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9589906559848104&plah=www.hebergementwebs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 07:07:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/ Frame A544 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210830/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Aug 2021 12:45:30 GMT
expires: Tue, 14 Sep 2021 12:45:30 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 66149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9FCA 209 B
413 B 42ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hebergementwebs.com&callback=_gfp_s_&client=ca-pub-9589906559848104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9589906559848104&plah=www.hebergementwebs.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d49222752c69a0f6216af66b756ebe1bd5134b3481c289476562457677989e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9FCA 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hebergementwebs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9FCA 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hebergementwebs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56DB 80 KB
27 KB 389ms
382ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

185588ade2f053a98b0f077f3f15b4c2775b3c34aaed27ed054111498a0ef130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 07:08:00 GMT
server: cafe
content-length: 27889
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 07:23:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 07:08:00 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FCA 72 KB
27 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0E2D 138 KB
48 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hebergementwebs.com
URL: https://www.hebergementwebs.com/adsense/testtoday.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1750be3128ffe89925474628f7b462b144b4170306d513beac4a49878620eda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49571
x-xss-protection: 0
server: cafe
etag: 3244517942752320355
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ Frame 0E2D 250 KB
93 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9589906559848104&plah=www.hebergementwebs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0E2D 12 B
53 B 89ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hebergementwebs.com&callback=_gfp_s_&client=ca-pub-9589906559848104&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0E2D 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hebergementwebs.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0E2D 107 B
122 B 26ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hebergementwebs.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25E7 76 KB
26 KB 580ms
579ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0cfc503bd87b1e8e9393b384e2221c6b173007d9c8ef0e9a473f12ab6f21d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 07:08:00 GMT
server: cafe
content-length: 27085
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 07:23:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 07:08:00 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E2D 72 KB
27 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H2 200 9671268439078422713
tpc.googlesyndication.com/daca_images/simgad/ Frame 56DB 59 KB
59 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9671268439078422713

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed905bedc4f516ba7267f8d6f8ffdc32164714c044e46e77264c6906f9524c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 17:17:29 GMT
x-content-type-options: nosniff
age: 309031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60298
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 21:48:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 17:17:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 56DB 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 07:03:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 56DB 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtexX0CYvYfXIBKi4x_APmf6K-AmuqrS5ZNy22O3yDb_hHhABII6MqX9glQKgAZuI0Z8DyAECqQIFOO1Bms2zPqgDAcgDyQSqBMMBT9CgCOsQcl7cjvlry0OpfKodm0rxHQRFvEHK9B9YPzXAzMxzujgbYNyyFybf_oC_n-JAwa7m3CjebtfuvFRvL7LLaHcmomPZrkodsFgpqmuHBAptsu1axd8XQ4GYcs4rye8-3DYf_7N2zhCXbnYHdq_C8ciN1WzELm-4X6RWq8jQZFMozIBucFmC0YxazrBdP2LrPHyV-UBmxWS-bWshN5vOcOTx6JylFRcZ_UKIClsk2GVbHwncz-9o1xQbR59_Q-7NwATfm8z_rQOSBQQIBBgBkgUECAUYBKAGAoAHzfeuYKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQmo8f0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTk1ODk5MDY1NTk4NDgxMDQYAA&sigh=YOFHsfUBVwM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Sep 2021 07:08:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 56DB 2 KB
1 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 06:38:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 56DB 122 KB
37 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 56DB 14 KB
6 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 06:44:37 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 56DB 26 KB
11 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c7c4858536f566e1f4dd585c586dfadb5421cb8b246f03a8bfb680fbabe776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 22:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10740
x-xss-protection: 0
server: cafe
etag: 6955949258460630505
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 22:27:40 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1D4 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755399&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480079919&bpp=8&bdt=67&idt=79&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&correlator=2886413835807&frm=23&ife=1&pv=2&ga_vid=820887238.1630480080&ga_sid=1630480080&ga_hid=460649259&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=808&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44747620%2C31062297%2C31062311&oid=3&pvsid=1582066773414668&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.qtyda95irb6r&btvi=1&fsb=1&dtd=111

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 06:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1D4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnE_CnQCpRc1I4FrUuyoSyr5plaEP6CN7LqWHL6y6rj0_RT-ix1gctt0ilGslE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 07:08:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 01-Sep-2021 08:08:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 07:08:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 07:08:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 56DB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd6f4181b1dd8b50c085f7a9904d767657df6dad040c7198de40283cdc178c80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9FCA 11 KB
8 KB 28ms
26ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

721b87ec42b9a32c5076f652371239a1f27b9794163f05a774a55ceb0b1a1e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8453
x-xss-protection: 0

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame ACFC 35 KB
35 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:25:38 GMT
vary: Accept-Encoding
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
x-content-type-options: nosniff
age: 2542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35516
x-xss-protection: 0
expires: Thu, 01 Sep 2022 06:25:38 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FCA 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FE70 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 06:51:49 GMT
expires: Thu, 01 Sep 2022 06:51:49 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 93C9 783 B
532 B 17ms
16ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52424e3c415e78027c4aae5915f76b977dde9fd41f34336830f4a287579432bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8HHqQ/RtQVGyId/ZKdYqPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

expires: Wed, 01 Sep 2021 07:08:00 GMT
date: Wed, 01 Sep 2021 07:08:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8HHqQ/RtQVGyId/ZKdYqPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame FE70 35 KB
35 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:25:38 GMT
vary: Accept-Encoding
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
x-content-type-options: nosniff
age: 2542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35516
x-xss-protection: 0
expires: Thu, 01 Sep 2022 06:25:38 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FCA 0
0 49ms
49ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=1582066773414668&bg=!ubqluv7NAAZOkH6FTpA7ACkAdvg8WrHeG8odSuBCHybEBb50Wh594c1RhuaUzGqtT2ATjiI9PkZUVAIAAABPUgAAAAhoAQeZAqFxfro8Y5uJoBjp2-4D6264AkEloBM_NFNCW5-xmCueYngK7-raZ801xbFj6q12wUWlmwJrQ5NyWhHJbQIWMJUX8V9r2pH5CAKTejPKaiMU3xFB-1f0oabgEAzAZYznNQ6zQCPYTn-nf58J0YKJvzAWoXMMrhvI6C9T-gJBLdXvfVbYUeOBZ8PllTbkF61m1O0lmj5mx7cgG_cs1-WNS4ry_8HaEseJ_jRLqhCcpSCCSHzeiVH76KcXBun-iYqTaTsUbNLB8-qNbK_1G9ax_-abc_2xYNPZEp-62f2feFlxxPrnKIOkAbU8iQNP_R1oSJpDpuaVuiCCF5tXpVYbmfrnzkq3r7ZiqwtvEXrdbjIHdGjToBwwaAdfZdemeKlecN4IN3ivk8DTODRG8-mYB4cNvgNdYs1JbGSg1gJC85WsJzWW7dFK3KFFMenBhwJ_6wm-Q6Sizry500wRVG4BiJtU_sLsM5qBGqBwFJrVEQO9iSDZYbHwkAjGrlpow6ymC4sC6l5m8DAN1rjWCxTGgBYWBzx3hThDvaJ7TzMfK70OMt6lAstOUIsqdm9k5Gb3tlggEZzw48-ul4SzTwGURfdTv_V-v1VzjVegu3Kg1iwSamoJAkilTBFz5z2B8LJ42mOxfmU-2ZW1whOF2M2Jad2nSyZ5S5HMWuyV6sgrzC4S_nrci6x_BDXT9UEgmmzTBkTnhS7QaC1yq-Bs1NvNbbok8TEnVF3XwaXSQBpKHgUgxKygocTXTrRQfhslF9ZkWefYWfTLSUs9itKb3foCMkYMs5Hax2aFa-LAhesKr7eTFntDDjNjvbCqAfN2i0P6RwIUPI_GQXDmxEa0R2WQweZCUIo0sIfUO4j3a0StZT_0cBGNKjSBBsxTWgSkHOjxoety
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 8125435798322829556
tpc.googlesyndication.com/simgad/ Frame 25E7 105 KB
105 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8125435798322829556?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkV64iGGbZwXjWP0UJbVVmhGWNffA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73c2abe3f35f51a5b4231bf05c5c95f0b2599fed4adaecbf1f9375acb19e3618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 21:35:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Nov 2020 22:34:59 GMT
server: sffe
age: 34362
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107228
x-xss-protection: 0
expires: Wed, 31 Aug 2022 21:35:18 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 25E7 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 06:44:22 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 25E7 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 06:38:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25E7 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 25E7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 06:44:37 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 25E7 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c7c4858536f566e1f4dd585c586dfadb5421cb8b246f03a8bfb680fbabe776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 22:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10740
x-xss-protection: 0
server: cafe
etag: 6955949258460630505
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 22:27:40 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 25E7 0
0 21ms
18ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVxCT0CYvYaXLD8aIx_APvJiz0AO_-r-nY4zm6e7SDYzT9pj-DhABII6MqX9glQKgAenojJICyAECqAMByAPJBKoEtgFP0CFfA8BA51arIWxE7O_fCUCN4Dg3KAtnTn9nF-rK8dR9LJeBT7y0p6ztHN5G59iqx-YLqTBwm7AD6_lpQVQKduSq0BsPzncm-BuPrW-see-MEamzOVd-6CQA7lM4Ay2AomFHaUU56M-3Q10XrHKjur-8wgsThlJA_5zY9ka_3crTYl02DdvQxhNadwT8DjcU17g3ReDdnQ-WtcnEDkwuYonpB80qCWsjx1zkT2gRK-HiB1LFqMAEseauu78DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_-W8-0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBCAgxzSCAkIiOGAEBABGB-ACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItOTU4OTkwNjU1OTg0ODEwNBgA&sigh=SNxwjZ1LLfw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Sep 2021 07:08:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D573 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnE_CnQCpRc1I4FrUuyoSyr5plaEP6CN7LqWHL6y6rj0_RT-ix1gctt0ilGslE; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 06:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 25E7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34810f54b446c9aa0c7c6bbb6041ef27e38e6311c2de91b43c50ba89f56dc2ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0E2D 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1673d62d79db913a4e5930505f5ea200bd55316ca0b64a3b55674eaaaf8247f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8514
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D573
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnE_CnQCpRc1I4FrUuyoSyr5plaEP6CN7LqWHL6y6rj0_RT-ix1gctt0ilGslE; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 07:08:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 01-Sep-2021 08:08:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 07:08:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 07:08:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F40 35 KB
35 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9589906559848104&output=html&h=280&slotname=5014471962&adk=211414252&adf=3279755396&pi=t.ma~as.5014471962&w=784&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=784x280&url=https%3A%2F%2Fwww.hebergementwebs.com%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630480080173&bpp=2&bdt=68&idt=56&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&cookie=ID%3D374960b4270e768f-2226b821e5c800f5%3AT%3D1630480080%3ART%3D1630480080%3AS%3DALNI_MYth_cfHiO_daPMuVSghPRQo9c9BQ&correlator=2886413835807&frm=23&ife=1&pv=1&ga_vid=1920426934.1630480080&ga_sid=1630480080&ga_hid=1382502770&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1910&biw=1600&bih=1200&isw=800&ish=340&ifk=1194592431&scr_x=0&scr_y=0&eid=44748449%2C44747621%2C31062423%2C31062297&oid=3&pvsid=1837750589688853&ref=https%3A%2F%2Fwww.hebergementwebs.com%2Fhealth%2Fis-it-possible-to-reverse-prediabetes-naturally%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C340&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1156&bc=31&ifi=1&uci=1.6u3vmqdu3ykk&btvi=1&fsb=1&dtd=62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:25:38 GMT
vary: Accept-Encoding
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
x-content-type-options: nosniff
age: 2542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35516
x-xss-protection: 0
expires: Thu, 01 Sep 2022 06:25:38 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E2D 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 07:08:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CD83 12 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 06:51:49 GMT
expires: Thu, 01 Sep 2022 06:51:49 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E826 783 B
536 B 16ms
15ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea7452bac557df639dbf7b64a98b316a71c23dd3a383feee5a95aa84de97eee8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VS682KGjKpX9KapMNCObfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hebergementwebs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.hebergementwebs.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 01 Sep 2021 07:08:00 GMT
date: Wed, 01 Sep 2021 07:08:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VS682KGjKpX9KapMNCObfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame CD83 35 KB
35 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:25:38 GMT
vary: Accept-Encoding
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
x-content-type-options: nosniff
age: 2543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35516
x-xss-protection: 0
expires: Thu, 01 Sep 2022 06:25:38 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E2D 0
0 24ms
24ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=1837750589688853&bg=!f3ylfDjNAAZOkH6FTpA7ACkAdvg8WmQdKtXI51BrEtg2HuDxNuOLd1MTQZ-oVD5qUrV8hzWt-ViiLAIAAAA_UgAAAAtoAQeZApmu3fsUYz65vjp1Tok5bBHfKqD3N0mDC8rP5QzrF693Uj_A_M_9f7rHEaldumECvnBUFJSAZOVmR1FiiQBNfobC2gB1hXEWjIFNmwjXLe8OtNtndVmx0E0JMDFth92hjHFYltZsXeAwolKiIVTs88mffUYZFu3Ra47A2jypNe5tqC2sbaZoER7CeKQmFUq-ClcTS_eeS7ga3Q8u9DmFOfLhfuLVJpb4wOTyNH-60DsliT6_LjWj693mzJYGtvcXjdzL6hO5GbX6UvZe2PtIzU6jerDXOrL3iFoDDCYq4hnMItNnAfTdOOVUmhfCQoysi9AHCaUe-6SK3JdxKt41ytPMeL3hkipqiE9Ow0cQOHVn1r4ZdkqBZYlOJxaynFUg85iXcI4HFdMNEbDUy2uRU0vOmzdnDF2975kyB2s6az39hQk5-I1M1jRHKxhKUdnIYin9LocJfxMUyVJ1qswDfZObrq2jH0WVjOx05j55MAZxDNn238ca6_uALZYpmrOAbc4m8rEJ1hOh29_wFPJJNP72HpZ21TzMd4-m6ptCmIWlxD5St5VDkMvSABE-STuovCTeuQ0Wy5Pfv-9cxsnH4NH0bDYbVe2ZyMmAkHCADzJPJJLy4AzBx26flztCwZwfrv3q14c2PTK86VqNN_NOgVFcsxIr4m8T30JgpIAFqfk4fbdYAd3x-lAWAQiPAg1QrXvLalXW04-txhOJNr_ZWmpiVcK17GWf8WzMErE7L4Y5KMIXYBXzOuaFiXGXhdhHXLQl6XdiQAjAGxHavBH6dY9iR34Wh3YBbqz_oVnJX_7_-wnmTT8RxVUFmLkWASBQgaivw3OAB5CC2rsshYKRUgmHZ06Mbhlke6QLT1PdifoTyP8dEdMzPh97xg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hebergementwebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: service worker path (u): /sw.js event domain: https://propu.sh

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
propu.sh
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.hebergementwebs.com
139.45.197.250
142.250.184.226
2606:4700:20::ac43:48e7
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
0a23af16a8f94767c703e8ae0f00edd3d61d1560c43ac34bd2f01820250d10b2
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1750be3128ffe89925474628f7b462b144b4170306d513beac4a49878620eda4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185588ade2f053a98b0f077f3f15b4c2775b3c34aaed27ed054111498a0ef130
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
26f01454b6434c7bb21de2463ed2fbe26b77a461bda821510480f3f20f0d4c73
34810f54b446c9aa0c7c6bbb6041ef27e38e6311c2de91b43c50ba89f56dc2ba
38e2bd27c0b33e210b76872f5d54444bd0caa0f729ef3a7d1c7270a6b670f2f6
393af021f751b4c2737d5568ea2fd763cc8891837fd205f62b986318776c410f
3af56a4cd5343b12bc133eabe7bf2e9744f322e169db2f52b7e03145aa6cc2de
4268e2db74cc2ed81c0b959aa62306c27b0b4838b468467703a9e04818303a29
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4be8f8acb4f6636723fe875670572cc2aab139957333163c1eb57ebabf13c94e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52424e3c415e78027c4aae5915f76b977dde9fd41f34336830f4a287579432bb
5c2d304fa40e81546e0d13d6cba4d5d21673df4efc210a97c8faf2f357152e55
5c4e37ead02ca9dfc6bc18866aa777ec5bbd8f0c976e1bebf9a32dbef037c074
5c9a516d31cd5fc2cb79f46306b57aa155ea5c378cebd1b050b6749d6d6b971a
69326e6a1c44650e099e603a904313d2b48b44c908b8881e882c102cc959b606
721b87ec42b9a32c5076f652371239a1f27b9794163f05a774a55ceb0b1a1e51
73c2abe3f35f51a5b4231bf05c5c95f0b2599fed4adaecbf1f9375acb19e3618
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
7944380b6804bb7298f5324f90b07ac5a2cd82453930acfd2cddbd658cfa5ee1
79491a98b81a8e5f09e06208b51b6ccbc41ad2ee070b1f09658f7eddcba6b018
7b9c60bb78ce28b597f5eeabc7dc453a84ef2500c817bc14e47759711aafa741
7c5096a708d695b7e7dda47401b34ab884d6651673779f033603367b8ae8514b
8ddb6a1af863a3126ac48886151dc2928450967d23ad45297d2351acfdc0539d
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
9edfbe24e3b2e97fff21882c2319f55e0adf9d34f0a5d1c84f10a557db386d1f
a0cfc503bd87b1e8e9393b384e2221c6b173007d9c8ef0e9a473f12ab6f21d09
a30ecd2a62e1d9fab3d2e06c4544a0be6a21ab982f191922a5f7a8885d05f963
a33542c10a0f3c1d0592a635dbc2c6e3c9f7f499247d1897e7d95bc8e0b0cad0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a836f79b33976dd32c268a26620c34c06345e1bec01d513b90b8bde5a682fd6a
aec79c42c5638934fdd8f5ac406f850edb418d688ed009d0cfb3e7e560f86c1a
b0509d47fc3ae03f0786a8ee59c5ee7d525462e47132e8aad8adabf7dd61f103
b279ff71dc74dad3f536670e63b499f22094909b8f92e3505b450c87c18ced62
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7f9558d1e810f8ef50be4a66fb025ca7e9d97836b399d73117a567e891204e7
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bf0606974d30a820d9b212a1476a383e6494996c41fb168bef1889c4c4eb3cfa
bf4147ea2649766b76a18213ee8b51d80c4545bb8502c2a2d8767a00cd059daa
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c070e18f5424d38ac984ee59dcd9673164c8999bd1c206bfcb79393c3df6984b
c6ad61d4e906b61a1b57dc2446dd7bcc5ec0fa4c6e7db1cdc1668fc9bcbb8ad8
c8c7c4858536f566e1f4dd585c586dfadb5421cb8b246f03a8bfb680fbabe776
cd6f4181b1dd8b50c085f7a9904d767657df6dad040c7198de40283cdc178c80
d49222752c69a0f6216af66b756ebe1bd5134b3481c289476562457677989e38
d92b2c3a7acdaecb1fa13f452fb7a6e81476e5eef77d72cc2cb8f05d71e00775
d9e474035edd33bc07bc1f74503c5bcb02ac2015157ead0dd528509b1c614ce5
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e1673d62d79db913a4e5930505f5ea200bd55316ca0b64a3b55674eaaaf8247f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b2dc7cd9a230041bdc162d263a1695fcd2144d214de34763a9c01feb9cdb9
ea7452bac557df639dbf7b64a98b316a71c23dd3a383feee5a95aa84de97eee8
ed905bedc4f516ba7267f8d6f8ffdc32164714c044e46e77264c6906f9524c49
f769ab4d3d35669064521226584b8fa3ae3429d76f8798c6e9af62d332c3849e
fc38e36b5ae506dc3d32580211b26ce82518839043cc433fc2af11edb81bfe20
febfe0010f1f48f91241f606acac1255725adf2e0255bdfe5b74bed45aeb78ee
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.hebergementwebs.com Open in urlscan Pro 2606:4700:20::ac43:48e7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

86 %IPv6

8 Domains

10 Subdomains

14 IPs

3 Countries

1389 kBTransfer

2684 kBSize

0 Cookies

32 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hebergementwebs.com Open in urlscan Pro
2606:4700:20::ac43:48e7 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

86 %
IPv6

8
Domains

10
Subdomains

14
IPs

3
Countries

1389 kB
Transfer

2684 kB
Size

0
Cookies

99 HTTP transactions
3 data transactions