urlscan.io logo urlscan.io
SecurityTrails logo

restore.hdvar.fr Open in urlscan Pro
109.234.165.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.restore.hdvar.fr/
Effective URL: https://restore.hdvar.fr/
Submission: On September 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 57 HTTP transactions. The main IP is 109.234.165.74, located in France and belongs to O2SWITCH, FR. The main domain is restore.hdvar.fr.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time restore.hdvar.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    109.234.165.74 (France)

ASN50474 (O2SWITCH, FR)
PTR: barracuda.o2switch.net
www.restore.hdvar.fr
restore.hdvar.fr
1    2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.36.62.124 (France)

ASN16276 (OVH, FR)
PTR: ns3090718.ip-54-36-62.eu
www.lourdes-france.org
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
10    2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
Domain Requested by
26 restore.hdvar.fr restore.hdvar.fr
10 www.youtube.com restore.hdvar.fr
www.youtube.com
3 translate.googleapis.com translate.google.com
translate.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 ssl.google-analytics.com restore.hdvar.fr
1 translate.google.com restore.hdvar.fr
1 www.lourdes-france.org restore.hdvar.fr
1 fonts.googleapis.com restore.hdvar.fr
1 www.restore.hdvar.fr 1 redirects
0 www.gstatic.com Failed www.youtube.com
restore.hdvar.fr
translate.googleapis.com
0 i.ytimg.com Failed www.youtube.com
0 yt3.ggpht.com Failed www.youtube.com
0 www.google.com Failed www.youtube.com
0 static.doubleclick.net Failed www.youtube.com
0 googleads.g.doubleclick.net Failed www.youtube.com
57 15

This site contains links to these domains. Also see Links.

Domain
translate.google.com
wordpress.org
themeisle.com
Subject Issuer Validity Valid
restore.hdvar.fr
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
lourdes-france.org
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-06 -
2022-09-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://restore.hdvar.fr/
Frame ID: 224839B669C34F74D06B90C89A6786D0
Requests: 42 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Frame ID: 2DCA72FEA223F6C9D1BAF4CEC676E172
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Frame ID: 431F7D81C40C9F1D311091E91779DA33
Requests: 16 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3C4855DF86B485419CBAF820B4BEFD84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hospitalité Diocésaine Var

Page URL History Show full URLs

  1. https://www.restore.hdvar.fr/ HTTP 301
    https://restore.hdvar.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <div class=(?:"|')[^"']*elementor
  • <section class=(?:"|')[^"']*elementor
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

57
Requests

82 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

10
IPs

3
Countries

1469 kB
Transfer

4012 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.restore.hdvar.fr/ HTTP 301
    https://restore.hdvar.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
restore.hdvar.fr/
Redirect Chain
  • https://www.restore.hdvar.fr/
  • https://restore.hdvar.fr/
34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
0b3523acfc68d4907101a400f375c178f704653279c9097c376ffa19658c71f0

Request headers

:method
GET
:authority
restore.hdvar.fr
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://restore.hdvar.fr/xmlrpc.php
link
<https://restore.hdvar.fr/wp-json/>; rel="https://api.w.org/", <https://restore.hdvar.fr/>; rel=shortlink
server
o2switch-PowerBoost-v3
content-encoding
br

Redirect headers

date
Wed, 15 Sep 2021 07:35:11 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://restore.hdvar.fr/
x-pingback
https://restore.hdvar.fr/xmlrpc.php
server
o2switch-PowerBoost-v3
style.min.css
restore.hdvar.fr/wp-includes/css/dist/block-library/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-includes/css/dist/block-library/style.min.css?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
content-encoding
br
last-modified
Sat, 05 Jan 2019 00:49:52 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
justifiedGallery.min.css
restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/css/ 		2 KB
770 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/css/justifiedGallery.min.css?ver=v3.6
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
c5313f13ffe3f06ab735c56ef2bef329419f70327b67468277cdfc71e0cf09c3

Request headers

:path
/wp-content/plugins/flickr-justified-gallery/css/justifiedGallery.min.css?ver=v3.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:35 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
flickrJustifiedGalleryWPPlugin.css
restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/css/ 		180 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/css/flickrJustifiedGalleryWPPlugin.css?ver=v3.6
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
2bde3296218a2975cfe2c9e4ed31cd4d240f43ac8fbdb0522f9e9a963715cc28

Request headers

:path
/wp-content/plugins/flickr-justified-gallery/css/flickrJustifiedGalleryWPPlugin.css?ver=v3.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
last-modified
Thu, 14 Feb 2019 18:14:35 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
180
content-type
text/css
swipebox.min.css
restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/swipebox.min.css?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595

Request headers

:path
/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/swipebox.min.css?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:35 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
style.css
restore.hdvar.fr/wp-content/plugins/google-language-translator/css/ 		126 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/google-language-translator/css/style.css?ver=5.0.48
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
b0537b4e263df1ee8fba6d8f5d31ef8d25ccbf41d5bbcd75aff9d4f42d6a7fb5

Request headers

:path
/wp-content/plugins/google-language-translator/css/style.css?ver=5.0.48
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:27 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
toolbar.css
restore.hdvar.fr/wp-content/plugins/google-language-translator/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/google-language-translator/css/toolbar.css?ver=5.0.48
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce

Request headers

:path
/wp-content/plugins/google-language-translator/css/toolbar.css?ver=5.0.48
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:27 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dancing%20Script%7COpen%20Sans%7COpen%20Sans%20Condensed%7COpen%20Sans%20Condensed
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f91361eb6bd3862d4acfedcca4d33211b4936fb7066223d8ea3e6f3647754b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:35:22 GMT
server
ESF
date
Wed, 15 Sep 2021 07:35:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 07:35:22 GMT
flat.min.css
restore.hdvar.fr/wp-content/themes/flat/assets/css/ 		160 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
d5f22e815007b49ea5513511970f1d697f899de2cc616833d17876ba2da44edc

Request headers

:path
/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:09 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
style.css
restore.hdvar.fr/wp-content/themes/flat/ 		762 B
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/themes/flat/style.css?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
524832a4229add733fea344d5cbc9f6f5625abd232188791cb0c04900dd7d787

Request headers

:path
/wp-content/themes/flat/style.css?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:16 GMT
last-modified
Thu, 14 Feb 2019 18:14:09 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
762
content-type
text/css
ytprefs.min.css
restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.0.1
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
f26f25b2f2912649fa287ac8d63663520b2416c1fcff52edf2908fece0aa0870

Request headers

:path
/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:23 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
jquery.js
restore.hdvar.fr/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 05 Sep 2019 12:16:43 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
restore.hdvar.fr/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Fri, 20 May 2016 09:41:28 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
flat.min.js
restore.hdvar.fr/wp-content/themes/flat/assets/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/themes/flat/assets/js/flat.min.js?ver=1.7.11
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
8aecee7aa74144bd766b8c2a7391407e4dd9e02f5ed4207731c78399ec88eb66

Request headers

:path
/wp-content/themes/flat/assets/js/flat.min.js?ver=1.7.11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:09 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
ytprefs.min.js
restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.0.1
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
19fc1c1b06d3954501bb90222f38e0f28f94c187c3c673c18f114e1f59e65eca

Request headers

:path
/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:24 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
logoh.gif
restore.hdvar.fr/wp-content/uploads/2014/08/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restore.hdvar.fr/wp-content/uploads/2014/08/logoh.gif
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
409376984d17de8a93747e474296a212ede22fa2d0f252182a46b9ef0a07ee35

Request headers

:path
/wp-content/uploads/2014/08/logoh.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:22 GMT
last-modified
Thu, 14 Feb 2019 18:14:17 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
14552
content-type
image/gif
livre-60-ans-hospitalit%C3%A9-de-lourdes-du-diocese-frejus-toulon-mini.jpg
restore.hdvar.fr/wp-content/uploads/2014/07/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restore.hdvar.fr/wp-content/uploads/2014/07/livre-60-ans-hospitalit%C3%A9-de-lourdes-du-diocese-frejus-toulon-mini.jpg
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
6791b0bf84c2397d30dbb8535d9c3d3caf644a1e7898ce6fbc11e1fda2ccd861

Request headers

:path
/wp-content/uploads/2014/07/livre-60-ans-hospitalit%C3%A9-de-lourdes-du-diocese-frejus-toulon-mini.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:22 GMT
last-modified
Thu, 14 Feb 2019 18:14:21 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
28507
content-type
image/jpeg
visuelvdefdef-731x1024.jpg
www.lourdes-france.org/wp-content/uploads/2018/09/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lourdes-france.org/wp-content/uploads/2018/09/visuelvdefdef-731x1024.jpg
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.36.62.124 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3090718.ip-54-36-62.eu
Software
nginx / PleskLin
Resource Hash
7425af065b9bcf147740b1bc770cc055bc62e55c129ade69a2f360fa5f8bb4f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:27 GMT
last-modified
Wed, 22 Jan 2020 22:00:14 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e28c5ee-34278"
content-type
image/jpeg
accept-ranges
bytes
content-length
213624
jquery.swipebox.min.js
restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/jquery.swipebox.min.js?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d

Request headers

:path
/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/jquery.swipebox.min.js?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:35 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
jquery.justifiedGallery.min.js
restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/js/jquery.justifiedGallery.min.js?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb

Request headers

:path
/wp-content/plugins/flickr-justified-gallery/js/jquery.justifiedGallery.min.js?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:35 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
flickrJustifiedGalleryWPPlugin.js
restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/js/ 		658 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/flickr-justified-gallery/js/flickrJustifiedGalleryWPPlugin.js?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
d8bd0cf569d9e34a7ce707907f38194869300c1ae935ff3575ed148c4985b4ed

Request headers

:path
/wp-content/plugins/flickr-justified-gallery/js/flickrJustifiedGalleryWPPlugin.js?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
last-modified
Thu, 14 Feb 2019 18:14:35 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
658
content-type
application/javascript
scripts.js
restore.hdvar.fr/wp-content/plugins/google-language-translator/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/google-language-translator/js/scripts.js?ver=5.0.48
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
28314281d6e3a68c310bc841e92f535af0aba98b401884bd3b177755df2ea363

Request headers

:path
/wp-content/plugins/google-language-translator/js/scripts.js?ver=5.0.48
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:17 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:27 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
element.js
translate.google.com/translate_a/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
43ea59e4976f35315cccb9ddea2839915d4976eb902d39a7bb9fdfc0cdebb4f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 07:35:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
de
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3856
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fitvids.min.js
restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/scripts/ 		2 KB
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.0.1
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
9aa8a04fabdda76673b068b2f5e6f5fb3b82039baa72f80b0582a58bbfd10395

Request headers

:path
/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:21 GMT
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:14:23 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
wp-embed.min.js
restore.hdvar.fr/wp-includes/js/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-includes/js/wp-embed.min.js?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:21 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 18:42:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
wp-emoji-release.min.js
restore.hdvar.fr/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-includes/js/wp-emoji-release.min.js?ver=5.0.13
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.0.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:22 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 18:42:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
hRP1FjEf0Gg
www.youtube.com/embed/ Frame 2DCA 		0
0
fond-papier-bleu1.jpg
restore.hdvar.fr/wp-content/uploads/2014/08/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restore.hdvar.fr/wp-content/uploads/2014/08/fond-papier-bleu1.jpg
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
07eea707d6859f89c9594871cf5c8a336c34d1cbdb86df7aacfb79c51a7e8e14

Request headers

:path
/wp-content/uploads/2014/08/fond-papier-bleu1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:22 GMT
last-modified
Thu, 14 Feb 2019 18:14:20 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
83492
content-type
image/jpeg
If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
fonts.gstatic.com/s/dancingscript/v16/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dancing%20Script%7COpen%20Sans%7COpen%20Sans%20Condensed%7COpen%20Sans%20Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ab0c7c666e9a8b826ec40ce02b69ca270c33e157eb4b48dbca5ecf107bcbd22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://restore.hdvar.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:20:52 GMT
x-content-type-options
nosniff
age
173675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23496
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:39:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 07:20:52 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dancing%20Script%7COpen%20Sans%7COpen%20Sans%20Condensed%7COpen%20Sans%20Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://restore.hdvar.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 14:18:31 GMT
x-content-type-options
nosniff
age
235016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 14:18:31 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2168
date
Wed, 15 Sep 2021 06:59:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 15 Sep 2021 08:59:19 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 15 Sep 2021 08:28:58 GMT
main_de.js
translate.googleapis.com/translate_static/js/element/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main_de.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2431
x-xss-protection
0
last-modified
Mon, 24 May 2021 18:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 15 Sep 2021 08:28:58 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1368d75ee5fe253d7d899d4674aa73d81a0d4b5339435e4dd2fe3268256f0d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Wed, 15 Sep 2021 07:35:27 GMT
truncated
/ 		475 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
fontawesome-webfont.woff2
restore.hdvar.fr/wp-content/themes/flat/assets/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://restore.hdvar.fr/wp-content/themes/flat/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

:path
/wp-content/themes/flat/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
pragma
no-cache
origin
https://restore.hdvar.fr
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://restore.hdvar.fr/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11
Origin
https://restore.hdvar.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:22 GMT
last-modified
Thu, 14 Feb 2019 18:14:09 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
56780
content-type
font/woff2
flags.png
restore.hdvar.fr/wp-content/plugins/google-language-translator/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restore.hdvar.fr/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/wp-content/plugins/google-language-translator/css/style.css?ver=5.0.48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.165.74 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
barracuda.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

:path
/wp-content/plugins/google-language-translator/images/flags.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
restore.hdvar.fr
referer
https://restore.hdvar.fr/wp-content/plugins/google-language-translator/css/style.css?ver=5.0.48
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/wp-content/plugins/google-language-translator/css/style.css?ver=5.0.48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:35:22 GMT
last-modified
Thu, 14 Feb 2019 18:14:27 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
54996
content-type
image/png
hRP1FjEf0Gg
www.youtube.com/embed/ Frame 431F 		56 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6dbbbb8151bdc65c68deabeca21e771025a5a30f886aa2a53765117332e3079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://restore.hdvar.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 15 Sep 2021 07:35:27 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=98EzkvQmQmk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=8XyZB83rwFU; Domain=.youtube.com; Expires=Mon, 14-Mar-2022 07:35:27 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+014; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-widgetapi.js
www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 02:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
18267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44724
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Sep 2022 02:31:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=945650172&utmhn=restore.hdvar.fr&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Hospitalit%C3%A9%20Dioc%C3%A9saine%20Var&utmhid=1745111869&utmr=-&utmp=%2F&utmht=1631691327443&utmac=UA-15659895-1&utmcc=__utma%3D16491701.1837482921.1631691327.1631691327.1631691327.1%3B%2B__utmz%3D16491701.1631691327.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=772641610&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: restore.hdvar.fr
URL: https://restore.hdvar.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 07:35:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/1cc7c82c/ Frame 431F 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:01:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
488054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46331
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 16:01:13 GMT
www-embed-player.js
www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/ Frame 431F 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
488004
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67231
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:02:03 GMT
base.js
www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 431F 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:03:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
487906
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515566
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:03:41 GMT
fetch-polyfill.js
www.youtube.com/s/player/1cc7c82c/fetch-polyfill.vflset/ Frame 431F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
488004
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:02:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 431F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:58:13 GMT
x-content-type-options
nosniff
age
128234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 19:58:13 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 431F 		0
0
ad_status.js
static.doubleclick.net/instream/ Frame 431F 		0
0
remote.js
www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 431F 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
487572
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29899
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:09:15 GMT
Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js
www.google.com/js/th/ Frame 431F 		0
0
embed.js
www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 431F 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:03:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
487906
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7358
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:03:41 GMT
truncated
/ Frame 431F 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRoynDFQjavcWL2-wZM4G_yrlN-MNYv3vGfHQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 431F 		0
0
maxresdefault.webp
i.ytimg.com/vi_webp/hRP1FjEf0Gg/ Frame 431F 		0
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 431F 		0
0
element_main.js
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 		252 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://restore.hdvar.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 13:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91906
x-xss-protection
0
last-modified
Mon, 03 May 2021 09:56:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 13:28:59 GMT
truncated
/ Frame 3C48 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		0
0
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		0
0
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 431F 		28 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
X-YouTube-Client-Version
1.20210908.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs4WHlaQjgzcndGVSi_xIaKBg%3D%3D
X-YouTube-Ad-Signals
dt=1631691327557&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C450&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 15 Sep 2021 07:35:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 15 Sep 2021 07:35:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/hRP1FjEf0Gg?enablejsapi=1&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=0&rel=1&showinfo=1&fs=1&playsinline=0&controls=2&color=red&autohide=2&theme=dark&
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/id
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/instream/ad_status.js
Domain
www.google.com
URL
https://www.google.com/js/th/Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js
Domain
yt3.ggpht.com
URL
https://yt3.ggpht.com/ytc/AKedOLRoynDFQjavcWL2-wZM4G_yrlN-MNYv3vGfHQ=s68-c-k-c0x00ffffff-no-rj
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi_webp/hRP1FjEf0Gg/maxresdefault.webp
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| jQuery11240999165180618419 object| _EPYT_ object| _EPADashboard_ function| onYouTubeIframeAPIReady object| _gaq function| GoogleLanguageTranslatorInit function| fjgwppDisableContextMenu function| GLTFireEvent function| doGoogleLanguageTranslator object| twemoji object| wp function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| epdofitvids object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| _gat object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| closure_lm_416430

7 Cookies

Domain/Path Name / Value
.restore.hdvar.fr/ Name: __utma
Value: 16491701.1837482921.1631691327.1631691327.1631691327.1
.restore.hdvar.fr/ Name: __utmc
Value: 16491701
.restore.hdvar.fr/ Name: __utmz
Value: 16491701.1631691327.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.restore.hdvar.fr/ Name: __utmt
Value: 1
.restore.hdvar.fr/ Name: __utmb
Value: 16491701.1.10.1631691327
.youtube.com/ Name: YSC
Value: 98EzkvQmQmk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8XyZB83rwFU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
restore.hdvar.fr
ssl.google-analytics.com
static.doubleclick.net
translate.google.com
translate.googleapis.com
www.google.com
www.gstatic.com
www.lourdes-france.org
www.restore.hdvar.fr
www.youtube.com
yt3.ggpht.com
googleads.g.doubleclick.net
i.ytimg.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
109.234.165.74
2a00:1450:4001:802::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
2a00:1450:400d:804::200a
2a00:1450:400d:805::200e
2a00:1450:400d:807::2008
54.36.62.124
07eea707d6859f89c9594871cf5c8a336c34d1cbdb86df7aacfb79c51a7e8e14
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0ab0c7c666e9a8b826ec40ce02b69ca270c33e157eb4b48dbca5ecf107bcbd22
0b3523acfc68d4907101a400f375c178f704653279c9097c376ffa19658c71f0
0f91361eb6bd3862d4acfedcca4d33211b4936fb7066223d8ea3e6f3647754b7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1368d75ee5fe253d7d899d4674aa73d81a0d4b5339435e4dd2fe3268256f0d33
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
19fc1c1b06d3954501bb90222f38e0f28f94c187c3c673c18f114e1f59e65eca
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
28314281d6e3a68c310bc841e92f535af0aba98b401884bd3b177755df2ea363
2bde3296218a2975cfe2c9e4ed31cd4d240f43ac8fbdb0522f9e9a963715cc28
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1
306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
409376984d17de8a93747e474296a212ede22fa2d0f252182a46b9ef0a07ee35
43ea59e4976f35315cccb9ddea2839915d4976eb902d39a7bb9fdfc0cdebb4f5
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
524832a4229add733fea344d5cbc9f6f5625abd232188791cb0c04900dd7d787
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb
6791b0bf84c2397d30dbb8535d9c3d3caf644a1e7898ce6fbc11e1fda2ccd861
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
7425af065b9bcf147740b1bc770cc055bc62e55c129ade69a2f360fa5f8bb4f9
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aecee7aa74144bd766b8c2a7391407e4dd9e02f5ed4207731c78399ec88eb66
9aa8a04fabdda76673b068b2f5e6f5fb3b82039baa72f80b0582a58bbfd10395
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a6dbbbb8151bdc65c68deabeca21e771025a5a30f886aa2a53765117332e3079
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b0537b4e263df1ee8fba6d8f5d31ef8d25ccbf41d5bbcd75aff9d4f42d6a7fb5
b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5
c5313f13ffe3f06ab735c56ef2bef329419f70327b67468277cdfc71e0cf09c3
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d5f22e815007b49ea5513511970f1d697f899de2cc616833d17876ba2da44edc
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8bd0cf569d9e34a7ce707907f38194869300c1ae935ff3575ed148c4985b4ed
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
f26f25b2f2912649fa287ac8d63663520b2416c1fcff52edf2908fece0aa0870