www.webwiki.fr Open in urlscan Pro
104.21.51.215  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a8e7100f-043b-41df-9126-d4b8d4f744d0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=d7ea0711-8a8f-4a81-926e-ed03b1200ba8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc4c66202d7d2469795674d8abfd5f08f%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7912279&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=5356054283576437071 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c4c66202d7d2469795674d8abfd5f08f&SNR=1&GV=2&med=10

Request Chain 48

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2283ba3-355c-4a39-bcc7-4b7e8e4ac257&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=82c7c631-9fe7-42f8-b697-ef27da324d9f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D05a47972aec749aab787f1ff1fed74d7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_gznk&aid=897916072503148667 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=05a47972aec749aab787f1ff1fed74d7&SNR=1&GV=2&med=10

Request Chain 60

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a8e7100f-043b-41df-9126-d4b8d4f744d0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=d7ea0711-8a8f-4a81-926e-ed03b1200ba8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dc4c66202d7d2469795674d8abfd5f08f%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7912279&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=5356054283576437071 HTTP 303
• https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c4c66202d7d2469795674d8abfd5f08f&tids=15000&med=10

Request Chain 61

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2283ba3-355c-4a39-bcc7-4b7e8e4ac257&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=82c7c631-9fe7-42f8-b697-ef27da324d9f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D05a47972aec749aab787f1ff1fed74d7%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_gznk&aid=897916072503148667 HTTP 303
• https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=05a47972aec749aab787f1ff1fed74d7&tids=15000&med=10

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request hipnoterapi.id Show response www.webwiki.fr/	25 KB 5 KB	927ms 678ms	Document text/html	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4066b3e832797f51a17e4024d4a31ada08fa51aeb99798e096ed6f958bd33409 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 860cd8b09df899c6-CDG content-encoding br content-type text/html; charset=UTF-8 date Thu, 07 Mar 2024 19:03:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zwxp6saT%2B0teh27oIPDCqGquVvIL9brhNK1Gt7PTwJ9x7i8CllAWBIRLeeto7iuqd23fS8cJxXywiLEDrUVpjInULoLoLoqHRKk3YpWdbnNRPQkDfkloIivyeYgTQSVkrQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	bootstrap.min.css cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/css/	115 KB 16 KB	197ms 67ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/css/bootstrap.min.css Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2573612 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 15730 last-modified Mon, 04 May 2020 16:17:20 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04010-1ca39" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw7I0EjtefjBhJfXPcRQXwuyDn7Wc9%2Fc%2BVTbUzplAOFwAnJe6uXKqSnsE%2B6d9pKPHh0fC6TW9wnFyxIK64io6LgQQSokqxaDuP99WtyfkHk9%2FCk%2B%2FiUzyYv8LTekFh9RYHN3zA3%2F"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 860cd8b57dd8e3cf-TLV expires Tue, 25 Feb 2025 19:03:36 GMT
GET H2	200	glyphicons.css www.webwiki.fr/css/	30 KB 6 KB	196ms 196ms	Stylesheet text/css	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.webwiki.fr/css/glyphicons.css Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52901b1aaa3533d2c61d1e5de78918ead4b20bfb523facc29e14b86b60f5e593 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/hipnoterapi.id User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 17 Jul 2015 14:44:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"55a914dd-77e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilN1kc19oXvW2PI9mydBmkrkvSm8V9TWkMpgtMTlY8kcolHrqBRUDKe0YtfnQYVQXu4HfXYWb164HGzzYfkoaMLZ7qEFHVkknP97WLRjDnK1483g%2FPavwvevuH4ov7WL1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 860cd8b4eb9a99c6-CDG alt-svc h3=":443"; ma=86400 expires Fri, 08 Mar 2024 19:03:36 GMT
GET H2	200	webwiki.css www.webwiki.fr/css/	31 KB 7 KB	202ms 201ms	Stylesheet text/css	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.webwiki.fr/css/webwiki.css Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a36fd7ad00c074378197383aba54077a3f2d337e057e6ee7b38c842782f169b8 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/hipnoterapi.id User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 02 May 2023 13:10:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64510bc4-7bc8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4gUC0Rre0xrd2w4ch9YdZ5a285Locw82VaFEruPYTHpoIwGUlYGQoYiNIj4oWsQJz2yqzEBIBkGX%2BvNeBb41UMAAw8wwH2nQ9hAUQ1aipAZqIatPhDgf2EyI%2FksbkRO%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 860cd8b4eb9c99c6-CDG alt-svc h3=":443"; ma=86400 expires Fri, 08 Mar 2024 19:03:36 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	360ms 125ms	Stylesheet text/css	142.250.186.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,700 Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f10.1e100.net Software ESF / Resource Hash e89f2acf22ae29f8ccbb1e02c1e9cd78fae14e06ddc424e2869ecac5f1d382b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 07 Mar 2024 19:03:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 07 Mar 2024 19:03:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 07 Mar 2024 19:03:36 GMT
GET H2	200	pub-9304899100628075 Show response fundingchoicesmessages.google.com/i/	182 KB 61 KB	386ms 153ms	Script application/javascript	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/pub-9304899100628075?ers=1 Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash dbe7ed5d9af068069ef0599ba898905fa417748b20ea60680271fb3d2075e289 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vPR9UuxOJ1Y2X7Vyywy0Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:37 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vPR9UuxOJ1Y2X7Vyywy0Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTN0Tl_xXo2gQ3bp2gCANeNLIM" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	346ms 113ms	Script text/javascript	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:34:12 GMT content-encoding gzip x-content-type-options nosniff age 275364 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 14:34:12 GMT
GET H2	200	bootstrap.min.js Show response cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/	35 KB 9 KB	240ms 126ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/bootstrap.min.js Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 78674 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 8441 last-modified Mon, 04 May 2020 16:17:20 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04010-8c6f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvMMbob0kdRhPbWSRKNT%2FZriC%2FFxdOifFP50Tbjk9BrJ%2FvYXUeZQe3pUvTWPPTeN7h33GpyRo6TJWB3AB%2BwjiLxX%2FMJqsNBqNr7yZKjKJkLl4sPXUD5ZhPktiCepS059Da7j9hFP"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 860cd8b57ddbe3cf-TLV expires Tue, 25 Feb 2025 19:03:36 GMT
GET H2	200	all.js Show response www.webwiki.fr/js/	53 KB 20 KB	128ms 127ms	Script application/javascript	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.webwiki.fr/js/all.js Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b860e68e8313b1f67073761776fb55adaa54de4ac686c1a17237da35e708f0d5 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/hipnoterapi.id User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 05 Feb 2024 13:50:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 14254 etag W/"65c0e7b8-d521" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmASx4I2t7dYvmhp6Dh9FX7472zCInVadnwKzX8NlUJ%2F7E6alTrlhweqWw9lT7FesSEoxqIiQQfrCP450fhcjxmkuVATmXJ2DhjGS3SYayzw6Xme0OU2Cw55PhS3oBDwQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 860cd8b4fbb699c6-CDG alt-svc h3=":443"; ma=86400 expires Fri, 08 Mar 2024 15:06:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	230 KB 82 KB	368ms 133ms	Script application/javascript	216.58.206.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9K5Q2CHV2K Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8ff862696d732ca771db9dce19ebc52f623d901baa34ea8e52f7333a65431dcc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83972 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 07 Mar 2024 19:03:37 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	88 KB 28 KB	398ms 153ms	Script text/javascript	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/hipnoterapi.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash 40425d9f7851919c3d2e30cd0f3f5363e0e4d4a4e4b5bf342979db7df1b0e4ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28652 x-xss-protection 0 server cafe etag 336 / 19789 / 31081677 / config-hash: 12280846651988300346 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 07 Mar 2024 19:03:37 GMT
GET H3	200	logo.png www.webwiki.fr/images/	3 KB 3 KB	244ms 244ms	Image image/png	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.webwiki.fr/images/logo.png Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/css/webwiki.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d397e859d3e3c0640f362a3cc0f0053b6576e40fb2a7daf57ea929751b4d183 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/css/webwiki.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 133046 alt-svc h3=":443"; ma=86400 content-length 2969 last-modified Mon, 18 May 2015 15:42:05 GMT server cloudflare etag "555a084d-b99" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lvJWsX2sFYwkLg9qaffVgKM62xteNkqbEfT9r03VX9MypB%2F2lJ2Tc2mpM4XnU1WHrXBSKcBxEVqQ%2BehRH8n3IKg9b3CMUh6sKCgvjQorizS%2FnqYeG8UCuL3N5Y4r2fTFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 860cd8b72cc599ae-CDG expires Sat, 09 Mar 2024 06:06:10 GMT
GET H3	200	sprt-flag.png www.webwiki.fr/images/	8 KB 9 KB	244ms 244ms	Image image/png	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.webwiki.fr/images/sprt-flag.png Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/css/webwiki.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dce249efbdd5cfb9c1ff99f06cb90f73df2533ac088a9d3715cbf66176cf0e8 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/css/webwiki.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 16768 alt-svc h3=":443"; ma=86400 content-length 8468 last-modified Tue, 13 Jun 2023 12:51:47 GMT server cloudflare etag "64886663-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FcSUncFSirLhGARgUSIJaF46gTtdITOu7PhFycSHZCcAYlt%2FVvKSwF9wOWax88Z6RwPtyUqvf0rhRpMaCEzOL0r3MmpWA8orrvjzfnbbrPOkXF9Cot6%2B5AB1Sm8LNv5YQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 860cd8b72cc799ae-CDG expires Sun, 10 Mar 2024 14:24:08 GMT
GET H3	200	crowd.jpg www.webwiki.fr/images/	71 KB 72 KB	130ms 130ms	Image image/jpeg	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.webwiki.fr/images/crowd.jpg Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/css/webwiki.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85648de6e317f593b9de019073a0df4fbd2fd7bdbeb420fe6b341283daaeb33b Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/css/webwiki.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 196767 alt-svc h3=":443"; ma=86400 content-length 72717 last-modified Thu, 12 Apr 2018 15:28:17 GMT server cloudflare etag "5acf7b11-11c0d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7cw5%2FjbQPNwnzdc8xAh8gxSTmIsRcs8qd5Nsr7av0BaMxasu9oPROrlRIsxFQLhFN%2BNgHigPARvn5%2BYsdUG0CTf50O%2BaGa1cTCz7oVvPbB82qUnLXtB0LQY7rDBujsRWQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=259200 accept-ranges bytes cf-ray 860cd8b72cc999ae-CDG expires Fri, 08 Mar 2024 12:24:09 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	347ms 114ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.webwiki.fr accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Mar 2024 05:37:46 GMT x-content-type-options nosniff age 221151 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 05 Mar 2025 05:37:46 GMT
GET H3	200	glyphicons-regular.woff2 www.webwiki.fr/css/	67 KB 67 KB	470ms 469ms	Font application/octet-stream	104.21.51.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.webwiki.fr/css/glyphicons-regular.woff2 Requested by Host: www.webwiki.fr URL: https://www.webwiki.fr/css/glyphicons.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b39480f2deda31a3b49c9e37a71c60b8c41ccb2e12ac3ffc09c3dc1796e5d6d Request headers Referer https://www.webwiki.fr/css/glyphicons.css Origin https://www.webwiki.fr accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:36 GMT cf-cache-status HIT last-modified Fri, 17 Jul 2015 14:42:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1086 etag "55a9144b-10a68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3DmTl%2FCtNKt6p9B%2FuF1bcDpUS%2BgDa0ORkIwLiVxCvuG7sgXXRJHs7aMeWKMgeb1XXF3RgDETW7hSfu9CCNCxqstI0wGiEIf2bKyn0MJGcrY%2BaPM0XnmNdD%2BB3gj2fynEA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 860cd8b72ccb99ae-CDG alt-svc h3=":443"; ma=86400 content-length 68200
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	404ms 171ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.webwiki.fr accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Mar 2024 20:16:13 GMT x-content-type-options nosniff age 254844 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 20:16:13 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/	432 KB 136 KB	347ms 114ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 12:01:33 GMT content-encoding br x-content-type-options nosniff age 25324 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 139160 x-xss-protection 0 server cafe etag 12239114432611093980 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 07 Mar 2025 12:01:33 GMT
GET H2	200	AGSKWxWTkx4EQnUUGk9uJCfL3oij-b0novND-ddW1I5_ZrL-MkS7wK8hOfDJyu0_dKRUW7jSK4YtFE0T5vwwE6usRd0_7zMtQGuP1TharXJtujJZ95xlYdTCqDzUzUwKQlk1YbhCgGLa Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	154ms 154ms	Script application/javascript	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWTkx4EQnUUGk9uJCfL3oij-b0novND-ddW1I5_ZrL-MkS7wK8hOfDJyu0_dKRUW7jSK4YtFE0T5vwwE6usRd0_7zMtQGuP1TharXJtujJZ95xlYdTCqDzUzUwKQlk1YbhCgGLa?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODM4MjE3LDI3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cud2Vid2lraS5mci9oaXBub3RlcmFwaS5pZCIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksIml3Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash bcf73b45c464c25533c0e5f89a82a7cef4727d286780616ae14cbc720c03b0a4 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dHry6P29_bnG9xBkO_LR-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:37 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dHry6P29_bnG9xBkO_LR-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD0Tl_xXo2gQerfq9lBAD-7S2A" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 254 B	353ms 120ms	Ping text/plain	172.217.16.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-9K5Q2CHV2K&gtm=45je4340v9130076563za200&_p=1709838216859&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&cid=1685932620.1709838217&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709838217&sct=1&seg=0&dl=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&dt=Hipnoterapi.id&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1837 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9K5Q2CHV2K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.webwiki.fr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxWnD3T6A5ctWeitcq68I7nEeUYr1viGZXqilCR90Iw4JWw4y2o3ORK5Cc7Kh69GyB7jmgPBhkpAKaAS5DEgmqd8of5h8AxY2S24wPa6B-NmKSE1PnnwOHZIo9llLQgZYOP2clov Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	150ms 149ms	Script application/javascript	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWnD3T6A5ctWeitcq68I7nEeUYr1viGZXqilCR90Iw4JWw4y2o3ORK5Cc7Kh69GyB7jmgPBhkpAKaAS5DEgmqd8of5h8AxY2S24wPa6B-NmKSE1PnnwOHZIo9llLQgZYOP2clov?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODM4MjE3LDQzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LndlYndpa2kuZnIvaGlwbm90ZXJhcGkuaWQiLG51bGwsW1s4LCJid3JNY3M2WmNZZyJdLFs5LCJpdyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash 756f9a796cdd6487b3072a2d5c5b631a8d87294d759712baa0a23d6d2ed53761 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5swH9d0M8H_uHUSqOGWeiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:37 GMT content-security-policy script-src 'report-sample' 'nonce-5swH9d0M8H_uHUSqOGWeiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD0Tl_xXo2gY5bX78zAgAGsC2v" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	45 KB 18 KB	577ms 576ms	Fetch text/plain	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3693047731378215&correlator=3572066470056985&eid=31080984%2C31081350%2C31081677&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&gdpr=0&iu_parts=5181489%2CTrefferliste_Largerectangle_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1709838217824&lmt=1709838217&adxs=335&adys=210&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&vis=1&psz=336x280&msz=336x-1&fws=0&ohw=0&ga_vid=1685932620.1709838217&ga_sid=1709838218&ga_hid=656439325&ga_fc=true&dlt=1709838216400&idt=1389&adks=2443396842&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash fb81dd3ab3291f7e115f3f078782fc3bfbc3c04622efc035530980bee3bc5faf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18036 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.webwiki.fr cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	45 KB 18 KB	465ms 465ms	Fetch text/plain	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3693047731378215&correlator=1405775939930785&eid=31080984%2C31081350%2C31081677&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&gdpr=0&iu_parts=5181489%2CTrefferliste_Largerectangle_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1709838217831&lmt=1709838217&adxs=695&adys=210&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&vis=1&psz=337x280&msz=336x-1&fws=0&ohw=0&ga_vid=1685932620.1709838217&ga_sid=1709838218&ga_hid=656439325&ga_fc=true&dlt=1709838216400&idt=1389&adks=877410538&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 21da15c66a42636017ee7ea545b292f6d1781df2d4cd61d77a3ff66adad4777d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17902 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.webwiki.fr cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D28E	6 KB 3 KB	406ms 146ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 19:03:38 GMT expires Fri, 07 Mar 2025 19:03:38 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	adcast__585x75_ Show response fundingchoicesmessages.google.com/f/AGSKWxVV2OzhV8A_UoyFqcBhwc8qssocPTGKtP1AifFZ5rXW1m8IGNOYro1zzN5_WdYECCzlnTTmG3SLGftTZ1hJmKl1zjJkcm24qN3tC5KsJr61KDp2OSHG7qwmx0AdvxHTxLEW7kXv13LMuK3keHfz_Wk7wTE5q...	54 B 110 B	130ms 129ms	Script application/javascript	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVV2OzhV8A_UoyFqcBhwc8qssocPTGKtP1AifFZ5rXW1m8IGNOYro1zzN5_WdYECCzlnTTmG3SLGftTZ1hJmKl1zjJkcm24qN3tC5KsJr61KDp2OSHG7qwmx0AdvxHTxLEW7kXv13LMuK3keHfz_Wk7wTE5qeq1NVSOuiWkgZY0c4QQxrtN8VyNPJY=/_/ados.js/adexternal./ads.swf/adcast__585x75_ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyC0jXOml9q6aufpCALFQDJ9_stlQ/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash e4f1923835849afa55ed4c2439aac058be79b58b8bbb3737202e9a6a5542d0a9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FrXdXIeIUneBC0f6BuT9fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy script-src 'report-sample' 'nonce-FrXdXIeIUneBC0f6BuT9fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTN0TV_xXo2gQWfZlUCANXWLP8" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	osd.js Show response pagead2.googlesyndication.com/pagead/	61 B 461 B	348ms 114ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyC0jXOml9q6aufpCALFQDJ9_stlQ/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 18:32:22 GMT content-encoding br x-content-type-options nosniff age 1876 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 server cafe etag 16023549773543154165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Thu, 07 Mar 2024 19:32:22 GMT
POST H3	204	AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Show response fundingchoicesmessages.google.com/el/	0 29 B	354ms 124ms	XHR text/html	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JAAk0zBNkUETn9Uyy_RdPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JAAk0zBNkUETn9Uyy_RdPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTD0TV_xXo2gRlbVj9lBACJkxE4" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.webwiki.fr content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ABD1	6 KB 3 KB	115ms 114ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 19:03:38 GMT expires Fri, 07 Mar 2025 19:03:38 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Show response fundingchoicesmessages.google.com/el/	0 29 B	185ms 127ms	XHR text/html	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0pqu1cQsgcXrh3OD_CsgbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0pqu1cQsgcXrh3OD_CsgbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTD0TV_xXo2gRWLTjxjBACHnhFH" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.webwiki.fr access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 230E	6 KB 3 KB	114ms 113ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 19:03:38 GMT expires Fri, 07 Mar 2025 19:03:38 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame ABD1	95 KB 38 KB	404ms 138ms	Script application/javascript	13.107.213.42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.213.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 456a4fa0a6ef42832e8f19aa7bb6ce7d923ab0a52052b058763bd471445bd4d1 Request headers Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ Origin https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Thu, 07 Mar 2024 19:03:38 GMT content-encoding br last-modified Wed, 06 Mar 2024 21:38:24 GMT vary Accept-Encoding x-azure-ref 20240307T190338Z-q5fk62amyx0m19vq6gvwra2ypc00000006500000000062v0 content-type application/javascript access-control-allow-origin * x-ms-request-id 95a34b76-d01e-009e-250e-702fd4000000 cache-control private, max-age=3600, stale-while-revalidate=86400 x-cache TCP_HIT x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 66744865
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/243/ Frame ABD1	80 KB 27 KB	805ms 271ms	Script application/x-javascript	23.62.152.239 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/243/trk.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.62.152.239 Vancouver, Canada, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-152-239.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 07 Mar 2024 19:03:39 GMT Content-Encoding gzip Last-Modified Wed, 06 Mar 2024 13:23:40 GMT Server AkamaiNetStorage ETag "8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 27680 Expires Fri, 07 Mar 2025 19:03:39 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame ABD1	3 KB 1 KB	421ms 189ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 14:23:10 GMT content-encoding br x-content-type-options nosniff age 16828 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 21 Mar 2024 14:23:10 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame ABD1	20 KB 8 KB	363ms 130ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 14:23:09 GMT content-encoding br x-content-type-options nosniff age 16829 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8212 x-xss-protection 0 server cafe etag 9277691884081322989 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 21 Mar 2024 14:23:09 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ABD1	24 KB 7 KB	425ms 193ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Mar 2024 15:55:00 GMT content-encoding br x-content-type-options nosniff age 270518 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 04 Mar 2025 15:55:00 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ABD1	207 KB 63 KB	113ms 112ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 18:22:17 GMT content-encoding br x-content-type-options nosniff age 2481 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64070 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-7 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 07 Mar 2024 19:22:17 GMT
POST H3	204	AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Show response fundingchoicesmessages.google.com/el/	0 29 B	125ms 125ms	XHR text/html	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Z-g4j1XTgPDOeq5oFmSBag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy script-src 'report-sample' 'nonce-Z-g4j1XTgPDOeq5oFmSBag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTD0TV_xXo2gR1b1s1nAgCHLREI" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.webwiki.fr access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Show response fundingchoicesmessages.google.com/el/	0 29 B	126ms 126ms	XHR text/html	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVFFKCBU0JBgPoyUjLf4qg1RU2Rkv1l9lrvpoVK_-ntNQ5QagrKpBv_nvaBte2mQLvRQTCbf4_0N00aIHrCGDNqHiQ254v393NAAhxOldqyMtUXJIFljZJ4JtVSbKPnrhh41xAl Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-LI8oP0fgf36Rgx1ePhCNkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy script-src 'report-sample' 'nonce-LI8oP0fgf36Rgx1ePhCNkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTD0TV_xXo2gQs9nQuZAIkeEOM" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.webwiki.fr content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxV3YtO4ctSHS9Rj1lDRXw6mBJ3CpGv4_EdC5kv5T6mtC26-VPc6aFK7UpsBT9L6ucp4GGDCAmxCzxRHZd3oahY9udU7hFpuKXZNUZuQ--5tWYJuoMZVElEdC-WQ4hAWd_uuZi_I Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	141ms 141ms	Script application/javascript	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV3YtO4ctSHS9Rj1lDRXw6mBJ3CpGv4_EdC5kv5T6mtC26-VPc6aFK7UpsBT9L6ucp4GGDCAmxCzxRHZd3oahY9udU7hFpuKXZNUZuQ--5tWYJuoMZVElEdC-WQ4hAWd_uuZi_I?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODM4MjE4LDU0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cud2Vid2lraS5mci9oaXBub3RlcmFwaS5pZCIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksIml3Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash bf18b68ad59fefb4b290f539dbcbfb1d58e96d6957467752b8818087b15aa3fd Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dswM5dUfG7DuJHc5L0HT_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dswM5dUfG7DuJHc5L0HT_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD0TV_xXo2gYaVnauYAP-XLLU" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame 230E	95 KB 38 KB	261ms 79ms	Script application/javascript	13.107.213.42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.213.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 456a4fa0a6ef42832e8f19aa7bb6ce7d923ab0a52052b058763bd471445bd4d1 Request headers Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ Origin https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Thu, 07 Mar 2024 19:03:38 GMT content-encoding br last-modified Wed, 06 Mar 2024 21:38:24 GMT vary Accept-Encoding x-azure-ref 20240307T190338Z-q5fk62amyx0m19vq6gvwra2ypc00000006500000000062uz content-type application/javascript access-control-allow-origin * x-ms-request-id 95a34b76-d01e-009e-250e-702fd4000000 cache-control private, max-age=3600, stale-while-revalidate=86400 x-cache TCP_HIT x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 66744865
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/243/ Frame 230E	80 KB 27 KB	769ms 272ms	Script application/x-javascript	23.62.152.239 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/243/trk.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.62.152.239 Vancouver, Canada, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-152-239.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 07 Mar 2024 19:03:39 GMT Content-Encoding gzip Last-Modified Wed, 06 Mar 2024 13:23:40 GMT Server AkamaiNetStorage ETag "8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 27680 Expires Fri, 07 Mar 2025 19:03:39 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 230E	3 KB 1 KB	337ms 190ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 14:23:10 GMT content-encoding br x-content-type-options nosniff age 16828 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 21 Mar 2024 14:23:10 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 230E	20 KB 8 KB	286ms 139ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 14:23:09 GMT content-encoding br x-content-type-options nosniff age 16829 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8212 x-xss-protection 0 server cafe etag 9277691884081322989 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 21 Mar 2024 14:23:09 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 230E	24 KB 6 KB	349ms 202ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Mar 2024 15:55:00 GMT content-encoding br x-content-type-options nosniff age 270518 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 04 Mar 2025 15:55:00 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 230E	207 KB 63 KB	143ms 142ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 18:22:17 GMT content-encoding br x-content-type-options nosniff age 2481 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64070 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-7 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 07 Mar 2024 19:22:17 GMT
POST H3	204	AGSKWxVajTGcCDWZG3vJiFw4lKGGMeYmT5PcoIxE5Z66efmgGhUIPkN_b25YGn2xoW9gJiMviMMRMunXPHvySM43Q5thNRJVPcuoWPs_GseUdfKP1qtSf9jEluy2i9tsPKPz9wk7a_1B Show response fundingchoicesmessages.google.com/el/	0 29 B	127ms 127ms	XHR text/html	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVajTGcCDWZG3vJiFw4lKGGMeYmT5PcoIxE5Z66efmgGhUIPkN_b25YGn2xoW9gJiMviMMRMunXPHvySM43Q5thNRJVPcuoWPs_GseUdfKP1qtSf9jEluy2i9tsPKPz9wk7a_1B Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMyqhtpINXyALLR-O-cMxbrYbfxL7g/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wg2pmvz9q1EAQRMWxj94TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 19:03:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wg2pmvz9q1EAQRMWxj94TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTD0TV_xXo2gRvzu18wAQCJ-BFG" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.webwiki.fr access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	c.gif www.bing.com/aes/ Frame 230E Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a8e7100f-043b-41df-9126-d4b8d4f744d0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=d7ea0711-8a8f-4a81... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c4c66202d7d2469795674d8abfd5f08f&SNR=1&GV=2&med=10	0 547 B	183ms 183ms	Image text/plain	80.239.150.35 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c4c66202d7d2469795674d8abfd5f08f&SNR=1&GV=2&med=10 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 80.239.150.35 , Netherlands, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS web.horst-witte.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: FC64C80A9D864E7988CC078473826CAD Ref B: STOEDGE1520 Ref C: 2024-03-07T19:03:39Z x-cdn-traceid 0.1f96ef50.1709838219.177bb89 vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Thu, 07 Mar 2024 19:03:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: C56FC810F9254021AFA3E2B9BBF22F03 Ref B: STOEDGE1509 Ref C: 2024-03-07T19:03:39Z x-cdn-traceid 0.1f96ef50.1709838219.177ba40 vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c4c66202d7d2469795674d8abfd5f08f&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 154 expires 0
GET H2	200	th www.bing.com/ Frame 230E	27 KB 27 KB	441ms 160ms	Image image/jpeg	80.239.150.35 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OADD2.7971489608493_15ZYFQVF0BVS85TZZD&pid=21.2&c=16&roil=0.0067&roit=0&roir=0.9933&roib=1&w=336&h=176&qlt=90 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.239.150.35 , Netherlands, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS web.horst-witte.de Software / Resource Hash cf588a447d9030f8e72cf7b3373e79b8a62d1b598eccbc66d4cf9d2099933d77 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:39 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-cdn-traceid 0.1f96ef50.1709838219.177ba3d report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 27556 alt-svc h3=":443"; ma=93600
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame 230E	0 659 B	357ms 118ms	Script text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QKLBMgLAgAAAwDWAAUBCImfqK8GEM_SodLk36GqShgAKjYJ6islQ6pgwT8RxlH7qeX1wD8ZAAABAgz4PyHGDRIAKREk0DEAAABA4XqUPzDX9uIDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjL8QWAAQGKAQNVU0SSBQbwTJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMMS13ZWJ3aWtpLmZy2ALwBuACoqgx6gIlaHR0cHM6Ly93d3cud2ViDSLwkC9oaXBub3RlcmFwaS5pZIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6mKM-ADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZDrpv3Gos-QbsAFAMkFAAAAAAAA8D_SBQkJAAAhN3gAANgFAeAFAfAFjKAB-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8vxBdIHDQkRKAEmCNoHBgFeqBgA4AcA6gcCCADwB9-jvwGKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=47e9d05d7adc87d800c232e29538f91e9805b7a1&bdref=https%3A%2F%2Fwww.webwiki.fr%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.webwiki.fr%2F,https%3A%2F%2Faff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html& Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT an-x-request-uuid 56a80b0d-3213-4f81-aeb9-08e83138b022 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	c.gif www.bing.com/aes/ Frame ABD1 Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2283ba3-355c-4a39-bcc7-4b7e8e4ac257&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=82c7c631-9fe7-42f8... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=05a47972aec749aab787f1ff1fed74d7&SNR=1&GV=2&med=10	0 544 B	233ms 232ms	Image text/plain	80.239.150.35 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=05a47972aec749aab787f1ff1fed74d7&SNR=1&GV=2&med=10 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 80.239.150.35 , Netherlands, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS web.horst-witte.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 07242444B3854CA89111E222A7B5DE65 Ref B: STOEDGE1107 Ref C: 2024-03-07T19:03:39Z x-cdn-traceid 0.1f96ef50.1709838219.177bb88 vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Thu, 07 Mar 2024 19:03:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D59B7D89FDE145E9A1E57911BE2220E6 Ref B: STOEDGE1008 Ref C: 2024-03-07T19:03:39Z x-cdn-traceid 0.1f96ef50.1709838219.177ba3f vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=05a47972aec749aab787f1ff1fed74d7&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 154 expires 0
GET H2	200	th www.bing.com/ Frame ABD1	23 KB 23 KB	490ms 238ms	Image image/jpeg	80.239.150.35 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OADD2.7215929106252_1JVQ4GGFZP8K5HGT9X&pid=21.2&c=17&roil=0&roit=0.2383&roir=1&roib=0.7617&w=336&h=176&qlt=90 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.239.150.35 , Netherlands, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS web.horst-witte.de Software / Resource Hash ea83e707ad374888254d6d81fd02f21b6aa8f348b9ee4ad6624cead59e1c09da Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:39 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-cdn-traceid 0.1f96ef50.1709838219.177ba3e report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 23221 alt-svc h3=":443"; ma=93600
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame ABD1	0 658 B	334ms 119ms	Script text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QL3A-j3AQAAAwDWAAUBCIqfqK8GEPuAqN2RvYK7DBgAKjYJ6g3Gsl_Njz8RIqX6GPsJjz8ZAAAAYI_CC0AhIg0SACkRJMgxAAAAgOtRyD8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABo3AF49_MFgAEBigEDVVNEkgEBBvCqmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIlaHR0cHM6Ly93d3cud2Vid2lraS5mci9oaXBub3RlcmFwaS5pZIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6mKM-ADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEBcxYiAUBmAUAoAXL0vbR59XAsGzABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBc6bAfoFBAFcKJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH9_MF0gcNFWUBJgjaBwYBXqgYAOAHAOoHAggA8Affo78BiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=830ced578a345e1fc890d5d9d0bd9c35ef42e9ce&bdref=https%3A%2F%2Fwww.webwiki.fr%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.webwiki.fr%2F,https%3A%2F%2Faff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html& Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT an-x-request-uuid 984085b8-fcf5-4ba5-a5de-bac4e3fb7925 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame 230E	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2dda68ea64b4c4e2e6245532d3e616e37966a0174e37499b8b2551ee1a0fe43c Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame ABD1	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52cb02d7c9e22ccbd97bb44a683568206b272320c21953582372dcedcc31426c Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 230E	0 0	154ms 153ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CFvbJiQ_qZZKKOIn_x_APo_eimArS4Nfgbo-ktpOTCsCNtwEQASAAYPm69IOcEIIBF2NhLXB1Yi05MzA0ODk5MTAwNjI4MDc1yAEJ4AIAqAMByAMCqgSqAk_Q0CFC0CmnpVqb7g-5yXWkHCnUj9uDmZZy8DEQotEV7hCUjsI6gbdOY4fNh6QKB7FzqrDM2NuosM5hXZfRXG5HXJXp7DNUJEV7LANS3qzuwmf23cTom9ip8BLkP9dbnZJVq7bsepYHP2juJkiAAJzG-LeITAzpeWOyizlMAZwSmp6J6YxkJLjSvFZ7dHUXgB2HpyPVI9uXarkuqIL6b2W0mf3uaFBkmHx6BiO-dEFf_Ogz_9I5qYEipdxLORgCCZr99UeD24L-XjwIKvotPYLGpgjgz1HpBNb14OaAhqGEEQK4t1HW01sZlIthDB29Q53bxRNI8G_ygA9AeL_7SVjmXJ7fRrbdprk14U3pv61NvTd1RRZa2Si9wnpmNbnaPm2MPBYQQ1DbJhbgBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAoChIvf3BOli-2efc6-KEA4AKAfoLAggBgAwB4g0TCIiP6Nzr4oQDFYn_EQgdo7sIo9AVAYAXAbIXHAoaEhRwdWItOTMwNDg5OTEwMDYyODA3NRiBmg8&sigh=2Yq8mMmGsug&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqT1yBVDF5Vn0ewOMgxklg3exgSCBPqBIbuVcwPSM5usD5Qx9wVOMMH7OU3fgLAurQLPHnxMOnqN_30gdmzkE8gKBv4Rqn9Vr0RhgB&cbvp=2&vis=1 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	it ams3-ib.adnxs.com/ Frame 230E	0 658 B	119ms 119ms	Image text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QK9B8i9AwAAAwDWAAUBCImfqK8GEM_SodLk36GqShgAKjYJ6islQ6pgwT8RxlH7qeX1wD8ZAAABAgz4PyHGDRIAKREk0DEAAABA4XqUPzDX9uIDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjL8QWAAQGKAQNVU0SSBQbwTJgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMMS13ZWJ3aWtpLmZy2ALwBuACoqgx6gIlaHR0cHM6Ly93d3cud2ViDSKoL2hpcG5vdGVyYXBpLmlkgAMAiAMBkAMAmAMJoAMBqgOuAwrEAmh0dHBzOgk78IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kN2VhMDcxMS04YThmLTRhODEtOTI2ZS1lZDAzYjEyMDBiYTgmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZI5xALhydHlwZT1udXJsJnRhZ0lkPTc5MTIyNzkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_D1X2d2cnEtcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUzNTYwNTQyODM1NzY0MzcwNzEiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpjek56Z3pNVGszTXpNd056RWpNak15T1RFM056azBORGMxT0RFd05RPT3AA9gEyAMA2AOpijPgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWQ66b9xqLPkG7ABQDJBQAAAAAAAPA_0gUJCQAAQeZ4AADYBQHgBQHwBYygAfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfL8QXSBw0JESgBJgjaBwYBXrQYAOAHAOoHAggA8Affo78BiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0838ed318ad4a6e63c7b62b8b312ece38396fe3e&pp=ZeoPiQAOBRIIEf-JAAi7oxZkYbptRSA_VqnScQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5k69iQ_qZZKKOIn_x_APo_eimArS4Nfgbo-ktpOTCsCNtwEQASAAYPm69IOcEIIBF2NhLXB1Yi05MzA0ODk5MTAwNjI4MDc1yAEJ4AIAqAMByAMCqgStAk_Q0CFC0CmnpVqb7g-5yXWkHCnUj9uDmZZy8DEQotEV7hCUjsI6gbdOY4fNh6QKB7FzqrDM2NuosM5hXZfRXG5HXJXp7DNUJEV7LANS3qzuwmf23cTom9ip8BLkP9dbnZJVq7bsepYHP2juJkiAAJzG-LeITAzpeWOyizlMAZwSmp6J6YxkJLjSvFZ7dHUXgB2HpyPVI9uXarkuqIL6b2W0mf3uaFBkmHx6BiO-dEFf_Ogz_9I5qYEipdxLORgCCZr99UeD24L-XjwIKvotPYLGpgjgz1HpBNb14OaAhqGEEQK4t1HW01sZlIthDB29Q53bxRNI8G_ygA9AeL_7SVjmXJ7fBLT8NHuRGyB9Rdn4I27x8xJ506y07GK_lz-DutEMFjoIg9E5S4JDvOngBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAoChIvf3BOli-2efc6-KEA_oLAggBgAwB4g0TCIiP6Nzr4oQDFYn_EQgdo7sIo9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0pSbiBt14VxHSLkkeo_w_CSoFHDw%26client%3Dca-pub-9304899100628075%26adurl%3D&cbvp=2 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT an-x-request-uuid a58d09c1-5a67-4cc1-ac93-f83c607df4b8 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame ABD1	0 707 B	117ms 117ms	Ping text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QKXB-iXAwAAAwDWAAUBCIqfqK8GEPuAqN2RvYK7DBgAKjYJ6g3Gsl_Njz8RIqX6GPsJjz8ZAAAAYI_CC0AhIg0SACkRJMgxAAAAgOtRyD8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABo3AF49_MFgAEBigEDVVNEkgEBBvBpmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIlaHR0cHM6Ly93d3cud2Vid2lraS5mci9oaXBub3RlcmFwaS5pZIADAIgDAZADAJgDCaADAaoDnAMKswJodBk78IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04MmM3YzYzMS05ZmU3LTQyZjgtYjY5Ny1lZjI3ZGEzMjRkOWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOI5xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViNhkA8D5fZ3puayZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEjg5NzkxNjA3MjUwMzE0ODY2NyIJMzgxODQ2NzE0KgQhT_CBOjhVMlZoY21Ob1FXUWpOekl4TlRVM05qTXpOamd6TlRNak1qTXlNemsxTlRJMk5EWXhPREkyTUE9PcAD2ATIAwDYA6mKM-ADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukFpWIgFAZgFAKAFy9L20efVwLBswAUAyQUABQEU8D_SBQkJBQtAAAAA2AUB4AUB8AXOmwH6BQQBXCiQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_fzBdIHDRVlASYI2gcGAV60GADgBwDqBwIIAPAH36O_AYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=599263fcb7b9bb1c011bfc6c912be31d295d60ed&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=336&bh=176&sid=7552324311651410020&vd=ct~0|rr~0&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&sw=1600&sh=1200&pw=336&ph=376&ww=336&wh=280&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/243/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT an-x-request-uuid bdc4c2ce-bae6-4d7c-b2ea-cdeeab31b2f5 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame ABD1	0 0	154ms 154ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CumbOiQ_qZfP7N5-Yx_APzrmHuAvS4Nfgbo-ktpOTCsCNtwEQASAAYPm69IOcEIIBF2NhLXB1Yi05MzA0ODk5MTAwNjI4MDc1yAEJ4AIAqAMByAMCqgSpAk_Q_6Z2vz3VqX1yRhSpVQNCowoIZyKAaNtVBVHAGPkFK2IJdfTjR5qkMmBXf_3qqRPCsTXYNIpIT2MNAfGky3rcOi27BZXp5yGtgxhqyUhzPYdgKMOs40ZCLTsus-H981iF06nSyKZI5ehhp1OXRpVUAAdCT0oWbYJH34QEvQ61wyHZ3j3yUP5Smc4ymUrYtzABDT_i83JtaJ5jM_vvWRWDfTqKxaLNUoYTBKmvpiY3j-cMlMK5PL6US4rplKU5A75X94dTq3crbQM-apA_qDZezKEaJ4XdMk3cTG3YCmIJhzrygdoRgtrCHzTT2fJlwaf3_W7KRkID_rkkrn0ErcR91uar-CUWgTUthZB3akaW8LkSxkpGijgvK-d41w20V3Hk-I-IDASGJ-AEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WKjb59zr4oQDgAoB-gsCCAGADAHiDRMIo4bo3OvihAMVH8wRCB3O3AG30BUBgBcBshccChoSFHB1Yi05MzA0ODk5MTAwNjI4MDc1GIGaDw&sigh=vzyqDWwRkto&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqP2prpWc7FHLvLlxG0rFmZBcOxMYm90se_s_GVfkrrDTng4gnWkvE4kHKibg8z4BsKBFyRXpHJL_j4KuDPjjzaNPYxHXK-zaLAhgB&cbvp=2&vis=1 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	it ams3-ib.adnxs.com/ Frame ABD1	0 658 B	116ms 115ms	Image text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QKXB-iXAwAAAwDWAAUBCIqfqK8GEPuAqN2RvYK7DBgAKjYJ6g3Gsl_Njz8RIqX6GPsJjz8ZAAAAYI_CC0AhIg0SACkRJMgxAAAAgOtRyD8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABo3AF49_MFgAEBigEDVVNEkgEBBvBpmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIlaHR0cHM6Ly93d3cud2Vid2lraS5mci9oaXBub3RlcmFwaS5pZIADAIgDAZADAJgDCaADAaoDnAMKswJodBk78IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04MmM3YzYzMS05ZmU3LTQyZjgtYjY5Ny1lZjI3ZGEzMjRkOWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOI5xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViNhkA8D5fZ3puayZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEjg5NzkxNjA3MjUwMzE0ODY2NyIJMzgxODQ2NzE0KgQhT_CBOjhVMlZoY21Ob1FXUWpOekl4TlRVM05qTXpOamd6TlRNak1qTXlNemsxTlRJMk5EWXhPREkyTUE9PcAD2ATIAwDYA6mKM-ADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukFpWIgFAZgFAKAFy9L20efVwLBswAUAyQUABQEU8D_SBQkJBQtAAAAA2AUB4AUB8AXOmwH6BQQBXCiQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_fzBdIHDRVlASYI2gcGAV60GADgBwDqBwIIAPAH36O_AYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=599263fcb7b9bb1c011bfc6c912be31d295d60ed&pp=ZeoPiQAN_fMIEcwfAAHczmuso36g98s50NuKGA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFKmiQ_qZfP7N5-Yx_APzrmHuAvS4Nfgbo-ktpOTCsCNtwEQASAAYPm69IOcEIIBF2NhLXB1Yi05MzA0ODk5MTAwNjI4MDc1yAEJ4AIAqAMByAMCqgSsAk_Q_6Z2vz3VqX1yRhSpVQNCowoIZyKAaNtVBVHAGPkFK2IJdfTjR5qkMmBXf_3qqRPCsTXYNIpIT2MNAfGky3rcOi27BZXp5yGtgxhqyUhzPYdgKMOs40ZCLTsus-H981iF06nSyKZI5ehhp1OXRpVUAAdCT0oWbYJH34QEvQ61wyHZ3j3yUP5Smc4ymUrYtzABDT_i83JtaJ5jM_vvWRWDfTqKxaLNUoYTBKmvpiY3j-cMlMK5PL6US4rplKU5A75X94dTq3crbQM-apA_qDZezKEaJ4XdMk3cTG3YCmIJhzrygdoRgtrCHzTT2fJlwaf3_W7KRkID_rkkrn0ErcR91ubp-gSEQ5HX6ASNHvMIqT2kwmlMDjEBMz7aUVQw6_HO1JdIjebrs9X0MeAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WKjb59zr4oQD-gsCCAGADAHiDRMIo4bo3OvihAMVH8wRCB3O3AG30BUBgBcB%26num%3D1%26sig%3DAOD64_1vi6RNPoPaT5gJIffDhwwG1HRqBQ%26client%3Dca-pub-9304899100628075%26adurl%3D&cbvp=2 Requested by Host: aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com URL: https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT an-x-request-uuid 91c76ee4-2b42-4568-a7aa-ea8290f9c8bb server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 230E	0 708 B	117ms 117ms	Ping text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QK9B8i9AwAAAwDWAAUBCImfqK8GEM_SodLk36GqShgAKjYJ6islQ6pgwT8RxlH7qeX1wD8ZAAABAgz4PyHGDRIAKREk0DEAAABA4XqUPzDX9uIDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjL8QWAAQGKAQNVU0SSBQbwTJgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMMS13ZWJ3aWtpLmZy2ALwBuACoqgx6gIlaHR0cHM6Ly93d3cud2ViDSKoL2hpcG5vdGVyYXBpLmlkgAMAiAMBkAMAmAMJoAMBqgOuAwrEAmh0dHBzOgk78IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kN2VhMDcxMS04YThmLTRhODEtOTI2ZS1lZDAzYjEyMDBiYTgmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZI5xALhydHlwZT1udXJsJnRhZ0lkPTc5MTIyNzkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_D1X2d2cnEtcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUzNTYwNTQyODM1NzY0MzcwNzEiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpjek56Z3pNVGszTXpNd056RWpNak15T1RFM056azBORGMxT0RFd05RPT3AA9gEyAMA2AOpijPgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWQ66b9xqLPkG7ABQDJBQAAAAAAAPA_0gUJCQAAQeZ4AADYBQHgBQHwBYygAfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfL8QXSBw0JESgBJgjaBwYBXrQYAOAHAOoHAggA8Affo78BiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0838ed318ad4a6e63c7b62b8b312ece38396fe3e&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=336&bh=176&sid=7552324311651410020&vd=ct~0|rr~0&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7912279&sw=1600&sh=1200&pw=336&ph=376&ww=336&wh=280&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/243/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:39 GMT an-x-request-uuid b12e748d-5e65-4406-a5e3-4a3804ad2060 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	386ms 159ms	XHR application/json	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403050101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 65c33c6043c4ba02b9924550b9d5cc145280442ec4199082175bfa79a5cfa3e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12180 x-xss-protection 0
GET H3	200	c.gif www.bing.com/aes/ Frame 230E Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a8e7100f-043b-41df-9126-d4b8d4f744d0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=d7ea0711-8a8f-4a81... https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c4c66202d7d2469795674d8abfd5f08f&tids=15000&med=10	0 18 B	184ms 184ms	Image text/plain	80.239.150.35 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c4c66202d7d2469795674d8abfd5f08f&tids=15000&med=10 Protocol H3 Server 80.239.150.35 , Netherlands, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS web.horst-witte.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A47573A7991B4AF0AB130F5D2BC7167E Ref B: STOEDGE1216 Ref C: 2024-03-07T19:03:40Z x-cdn-traceid 0.1f96ef50.1709838220.177be69 vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 quic-version 0x00000001 Redirect headers expires 0 pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Thu, 07 Mar 2024 19:03:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 448E72E4022B40E9A75F77C41BB43E46 Ref B: STOEDGE1008 Ref C: 2024-03-07T19:03:40Z x-cdn-traceid 0.1f96ef50.1709838219.177bda0 vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c4c66202d7d2469795674d8abfd5f08f&tids=15000&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 146 quic-version 0x00000001
GET H3	200	c.gif www.bing.com/aes/ Frame ABD1 Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2283ba3-355c-4a39-bcc7-4b7e8e4ac257&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=82c7c631-9fe7-42f8... https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=05a47972aec749aab787f1ff1fed74d7&tids=15000&med=10	0 18 B	189ms 189ms	Image text/plain	80.239.150.35 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=05a47972aec749aab787f1ff1fed74d7&tids=15000&med=10 Protocol H3 Server 80.239.150.35 , Netherlands, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS web.horst-witte.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 98AFFF7BE5384466B1957FEC17D2DE4B Ref B: STOEDGE1006 Ref C: 2024-03-07T19:03:40Z x-cdn-traceid 0.1f96ef50.1709838220.177be91 vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 quic-version 0x00000001 Redirect headers expires 0 pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Thu, 07 Mar 2024 19:03:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: ECA8E8473EBE456887F88C8974E73477 Ref B: STOEDGE0914 Ref C: 2024-03-07T19:03:40Z x-cdn-traceid 0.1f96ef50.1709838220.177bdbc vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=05a47972aec749aab787f1ff1fed74d7&tids=15000&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 146 quic-version 0x00000001
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	140ms 140ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 07 Mar 2024 19:03:40 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame E237	13 KB 5 KB	112ms 112ms	Document text/html	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.webwiki.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers accept-ranges bytes age 29447 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 10:52:53 GMT expires Fri, 07 Mar 2025 10:52:53 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame DE0F	829 B 1 KB	356ms 124ms	Document text/html	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software GSE / Resource Hash ed6c6397ea003c3495052511ba1bccba956614be5d63f86e48d7954619f2ff22 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-lpXu2dvLLgc-PcIXOvw3Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.webwiki.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-lpXu2dvLLgc-PcIXOvw3Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 19:03:40 GMT expires Thu, 07 Mar 2024 19:03:40 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response pagead2.googlesyndication.com/bg/ Frame E237	39 KB 15 KB	114ms 114ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash 3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 10:20:41 GMT content-encoding br x-content-type-options nosniff age 31379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15541 x-xss-protection 0 last-modified Mon, 04 Mar 2024 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 07 Mar 2025 10:20:41 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 230E	42 B 64 B	265ms 265ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPT2Gf0GkjtY0teOZbJzL2XTdepjUN30SmYiFdAmGC1ZS7NK6jnv9NT9SnMZHfPsexTw0Qt0B9BUDiALNwNmehY33gYz58EHdvpzTHE4JLSHN_pNLl5gCRh48eSKSbyhR08Cf8aWc&sig=Cg0ArKJSzKViKxVfja9oEAE&id=lidar2&mcvt=1000&p=210,335,490,671&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2443396842&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=577101900&rst=1709838218424&rpt=1018&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:40 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame ABD1	0 708 B	116ms 115ms	Ping text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QKXB-iXAwAAAwDWAAUBCIqfqK8GEPuAqN2RvYK7DBgAKjYJ6g3Gsl_Njz8RIqX6GPsJjz8ZAAAAYI_CC0AhIg0SACkRJMgxAAAAgOtRyD8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABo3AF49_MFgAEBigEDVVNEkgEBBvBpmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIlaHR0cHM6Ly93d3cud2Vid2lraS5mci9oaXBub3RlcmFwaS5pZIADAIgDAZADAJgDCaADAaoDnAMKswJodBk78IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04MmM3YzYzMS05ZmU3LTQyZjgtYjY5Ny1lZjI3ZGEzMjRkOWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOI5xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViNhkA8D5fZ3puayZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEjg5NzkxNjA3MjUwMzE0ODY2NyIJMzgxODQ2NzE0KgQhT_CBOjhVMlZoY21Ob1FXUWpOekl4TlRVM05qTXpOamd6TlRNak1qTXlNemsxTlRJMk5EWXhPREkyTUE9PcAD2ATIAwDYA6mKM-ADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukFpWIgFAZgFAKAFy9L20efVwLBswAUAyQUABQEU8D_SBQkJBQtAAAAA2AUB4AUB8AXOmwH6BQQBXCiQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_fzBdIHDRVlASYI2gcGAV60GADgBwDqBwIIAPAH36O_AYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=599263fcb7b9bb1c011bfc6c912be31d295d60ed&type=pv&jm=1140|1141|1003&px=0&py=0&bw=336&bh=176&sf=1&sid=7552324311651410020&vd=ct~0|rr~5&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/243/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:40 GMT an-x-request-uuid e13f6286-4047-476a-974e-4e67661b6559 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame ABD1	42 B 64 B	266ms 266ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZAo-0dCyE5rygyfcDz2hSwHyPSF12-gVw5y_Xk2NHBJbDdYKiPREA94D2KUm8yvMrKZDkS7fotQb2wJ6eK2nLNhVflVd9KUMVuw0SUvjgrCVfIQ7IaaBAvf7yrKwB3n1fWexpMgg&sig=Cg0ArKJSzLU6bGO5WbbkEAE&id=lidar2&mcvt=1000&p=210,695,490,1031&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=877410538&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=577101900&rst=1709838218347&rpt=1136&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:40 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 230E	0 708 B	116ms 116ms	Ping text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.webwiki.fr%2Fhipnoterapi.id&e=wqT_3QK9B8i9AwAAAwDWAAUBCImfqK8GEM_SodLk36GqShgAKjYJ6islQ6pgwT8RxlH7qeX1wD8ZAAABAgz4PyHGDRIAKREk0DEAAABA4XqUPzDX9uIDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjL8QWAAQGKAQNVU0SSBQbwTJgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMMS13ZWJ3aWtpLmZy2ALwBuACoqgx6gIlaHR0cHM6Ly93d3cud2ViDSKoL2hpcG5vdGVyYXBpLmlkgAMAiAMBkAMAmAMJoAMBqgOuAwrEAmh0dHBzOgk78IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kN2VhMDcxMS04YThmLTRhODEtOTI2ZS1lZDAzYjEyMDBiYTgmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZI5xALhydHlwZT1udXJsJnRhZ0lkPTc5MTIyNzkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_D1X2d2cnEtcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUzNTYwNTQyODM1NzY0MzcwNzEiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpjek56Z3pNVGszTXpNd056RWpNak15T1RFM056azBORGMxT0RFd05RPT3AA9gEyAMA2AOpijPgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWQ66b9xqLPkG7ABQDJBQAAAAAAAPA_0gUJCQAAQeZ4AADYBQHgBQHwBYygAfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfL8QXSBw0JESgBJgjaBwYBXrQYAOAHAOoHAggA8Affo78BiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0838ed318ad4a6e63c7b62b8b312ece38396fe3e&type=pv&jm=1140|1141|1003&px=0&py=0&bw=336&bh=176&sf=1&sid=7552324311651410020&vd=ct~0|rr~5&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7912279&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/243/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 19:03:40 GMT an-x-request-uuid 57be24b3-e257-4b97-8fb7-2bdb0ccafdf8 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://aff92941d8f15c6faf0e862d98ae2e5d.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 31.187.78.235; 31.187.78.235; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame E237	0 10 B	111ms 111ms	Image text/plain	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?wWIZBA Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 07 Mar 2024 19:03:40 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame DE0F	0 0	145ms 144ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403050101&jk=3693047731378215&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	148ms 148ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403050101&jk=3693047731378215&bg=!2dql2pXNAAZsmiNCTJo7ADQBe5WfOKpDGMVjy4TfofFqNMk1yDogzrnNbWhjosbAB0HuQ_Zw9cZfYr5ltbvD2KUgyQbzAgAAADBSAAAAA2gBB5kCvXlfiRfKq3HA6znL6rbEmZRdeilOUjZ6ebFeEWWvLh7GWh8FQh_JINJqhf0BXHHj4nzz5DgYjNNh5rN-qNFhnah3zgfPz9KiFAxfi1lgdzs27tXIKPw1w0x9t36VWFLofDo0oqvIKxP_fRnadb7XLPzvvLd3oCRM8hGHTjsRc4-fl38cOf_KkXmkkneuvkM_V1xpCf5tswpnJLAh_7K9rOeQ7z8PfvCD2UckU4WLjDgFmk9BeSNBl3Y4kPmyVMPQBiT_h-c4qsjUL-Pom3nyVzDa6YdHb47ZmoUG8LsyASp0KHtd41ey_W02g1uMuw8d9--MuPyDlWD-oxYXEDSz39HsRbAYyH5rDnG0zCvyWbivIyzdcmKB8lhylSkOJAOAm0DEgbrnVPoldArTSRlHX-l9eZ9x5jyJJnUezJmVwmP0_Yo_M9_ZB727HQG3jtDZptLqctx4AA9GOqtcS-GDQDvUDVhSnrwzqXExi6gENa_QPdeJsNPF0mFdNnXTqDwVXB_C8jwTVo24xjycMNaFVWMzkh-2QLqDAdL9GmC464NdQxp5QTq6UKltn-y4YwT4G3wdwwC7YF_GgdM7ql40NcDrD9qzMFpNBhE_ERsK1DAwBo0Svy3L-VypMfUTrCXpzKwRm6oXJKm6nMxi2-ylYqsMkUZoTAe7hmJwXMX6gjQ6YEIc62vTu5XeVMJOOSRg0kxS4Q90jpLjRdmb459tUc2LelcXt8r_8iO6-APCTgX_iyJXgJLlfKN9dQxxSIxwHrOYahbSEMYwby66NVImZlaBHkLTJP9gNdmcFQeHFczjxkpXxLkQGR7eCrQ1qQqk1dq4cU3cZSVGOCgRRAdOQAP2yaYJ3Er5jrzZFy3oW0P3wgmxgf8eg-n7OYdlHQdkD_x9mxE3UNg5f_fu4YSTicUDj6yI3YkYRR3oQg3k Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://www.webwiki.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers