www.minitool.com Open in urlscan Pro
2606:4700::6812:14b2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
Submission: On January 14 via manual (January 14th 2023, 6:00:03 pm UTC) from FR — Scanned from FR

Summary HTTP 127 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 20 domains to perform 127 HTTP transactions. The main IP is 2606:4700::6812:14b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.minitool.com. The Cisco Umbrella rank of the primary domain is 96059.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2022. Valid for: a year.

This is the only time www.minitool.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700::68... 2606:4700::6812:14b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7	13.32.27.45 13.32.27.45	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:31a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:230... 2600:9000:2304:9600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
24	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
7	2.18.37.133 2.18.37.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1	52.19.157.131 52.19.157.131	16509 (AMAZON-02) (AMAZON-02)
1	34.241.144.75 34.241.144.75	16509 (AMAZON-02) (AMAZON-02)
7	104.111.217.133 104.111.217.133	16625 (AKAMAI-AS) (AKAMAI-AS)
127	32

12 2606:4700::6812:14b2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.minitool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

minitool.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.27.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-45.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:31a9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.linkconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:9600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.37.133 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.157.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-157-131.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.144.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-144-75.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.217.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-133.deploy.static.akamaitechnologies.com

havasfrorangedcmdisplay758646212611.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	127 KB
23	googlesyndication.com e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	134 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	210 KB
12	minitool.com www.minitool.com — Cisco Umbrella Rank: 96059	386 KB
11	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8242 va.tawk.to — Cisco Umbrella Rank: 8003	138 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 446 geo.moatads.com — Cisco Umbrella Rank: 744 mb.moatads.com — Cisco Umbrella Rank: 720 px.moatads.com — Cisco Umbrella Rank: 531	115 KB
7	moatpixel.com havasfrorangedcmdisplay758646212611.s.moatpixel.com — Cisco Umbrella Rank: 221694	2 KB
7	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4865	43 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	3 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 207	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22 region1.google-analytics.com — Cisco Umbrella Rank: 2439	21 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 24460 www.google.fr — Cisco Umbrella Rank: 14679	1 KB
2	linkconnector.com www.linkconnector.com — Cisco Umbrella Rank: 43135	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	128 KB
2	disqus.com minitool.disqus.com — Cisco Umbrella Rank: 218864	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	49 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 3605	10 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
127	20

	Domain	Requested by
24	s0.2mdn.net	www.minitool.com s0.2mdn.net
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	www.minitool.com	www.minitool.com
8	embed.tawk.to	www.minitool.com embed.tawk.to
7	havasfrorangedcmdisplay758646212611.s.moatpixel.com	e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
7	widget.trustpilot.com	www.minitool.com widget.trustpilot.com
6	px.moatads.com	e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	www.minitool.com securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	va.tawk.to	embed.tawk.to
2	googleads4.g.doubleclick.net	www.minitool.com
2	googleads.g.doubleclick.net	e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	www.google.com	www.minitool.com tpc.googlesyndication.com
2	e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.linkconnector.com	www.minitool.com www.linkconnector.com
2	www.googletagmanager.com	www.minitool.com www.googletagmanager.com
2	minitool.disqus.com	www.minitool.com minitool.disqus.com
1	mb.moatads.com	z.moatads.com
1	geo.moatads.com	z.moatads.com
1	z.moatads.com	s0.2mdn.net
1	www.googletagservices.com	e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
1	www.google.fr	www.minitool.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.dwin1.com	www.minitool.com
1	fonts.googleapis.com	www.minitool.com
127	33

This site contains links to these domains. Also see Links.

Domain
utilities.minitool.com
moviemaker.minitool.com
videoconvert.minitool.com
youtubedownload.minitool.com
de.minitool.com
jp.minitool.com
www.minitool.fr
cdn2.minitool.com
twitter.com
en.wikipedia.org
www.partitionwizard.com
ctt.ac
www.facebook.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.minitool.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-06` - `2023-11-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.dwin1.com Amazon	`2022-11-03` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
Frame ID: 1A2504C94B3FC5412A3872195FBFD227
Requests: 51 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Frame ID: CADD03541FF897863D3A0489FFEE62BB
Requests: 2 HTTP requests in this frame

Frame: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C85AD66774DDD9F643A21AA74F0A459
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Frame ID: 095F1DF5CCEDB7BFF719896634255FA6
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F43E88265B2794156693B9E25304553D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F036EDA84BA57AB33E9EDB37E52F9F4
Requests: 2 HTTP requests in this frame

Frame: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04712FD38397C58B2C22006996FB3B99
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGPbBit0BMAE&v=APEucNUFLVlNvnkG8BJsAdjZ87gXKzZtPUS8x9BGKBzkEd7Nbiv1Xfube1ekRrNeERC6D2gJoDuZkIqmGNByvmh9HiRUIuce9YIKpBHteQ-wnHbnJuwbChur0Spw11beKHlAJv0sc_lOptrfnMbSJtQDfC-SLQnuFvwoOGo4KpXX1Lc809_JOLQ
Frame ID: 550A4D85E41EE5141875050E4DC5DD9C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A11D0EEFAB8D809549E34A10C89B5FFA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
Frame ID: BEC78E519BAA425A21DA4B401CD11820
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What Is Shadow Copy and How to Use Shadow Copy Windows 10?

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

97 %
HTTPS

68 %
IPv6

20
Domains

33
Subdomains

32
IPs

6
Countries

1437 kB
Transfer

3378 kB
Size

18
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://utilities.minitool.com/data-repair/photo-repair-software.html?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: Photo Repair Repair corrupted images of different formats in one go.

Search URL Search Domain Scan URL

URL: https://utilities.minitool.com/data-repair/excel-repair-software.html?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: Excel Repair Repair corrupt Excel files and recover all the data with 100% integrity.

Search URL Search Domain Scan URL

URL: https://utilities.minitool.com/data-repair/outlook-repair-software.html?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: Outlook Repair Repair corrupt Outlook PST files & recover all mail items.

Search URL Search Domain Scan URL

URL: https://utilities.minitool.com/data-repair/video-repair-software.html?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: Video Repair Repairs 4k, 8k corrupted, broken, or unplayable video files.

Search URL Search Domain Scan URL

URL: https://moviemaker.minitool.com/?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: MiniTool MovieMaker

Search URL Search Domain Scan URL

URL: https://videoconvert.minitool.com/?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: MiniTool Video Converter

Search URL Search Domain Scan URL

URL: https://youtubedownload.minitool.com/?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu
Title: MiniTool uTube Downloader

Search URL Search Domain Scan URL

URL: https://moviemaker.minitool.com/?utm_source=minitool.com&utm_medium=redirection&utm_campaign=mainmenu-recommend-ad

Search URL Search Domain Scan URL

URL: https://de.minitool.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://jp.minitool.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.minitool.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://cdn2.minitool.com/?p=sm&e=sm-free
Title: ShadowMaker

Search URL Search Domain Scan URL

URL: https://cdn2.minitool.com/?p=sm&e=sm-pro
Title: Download Shadowmaker

Search URL Search Domain Scan URL

URL: https://twitter.com/Echo66875812

Search URL Search Domain Scan URL

URL: https://jp.minitool.com/backup-tips/shadow-copy-windows-10-017.html
Title: 日本語

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Shadow_Copy
Title: Shadow Copy

Search URL Search Domain Scan URL

URL: https://www.partitionwizard.com/clone-disk/volume-shadow-copy-service-error.html
Title: Quick Solved Volume Shadow Copy Service Errors (for Windows 10/8/7)

Search URL Search Domain Scan URL

URL: https://ctt.ac/meern
Title: I want to turn on Shadow Copy in my Windows 10, but I don’t know how to use it. Thankfully, this article shows me the clear steps and I successfully enable Shadow Copy.Click to Tweet

Search URL Search Domain Scan URL

URL: https://www.partitionwizard.com/clone-disk/types-of-backup.html
Title: 3 Types of Backup: Full, Incremental, Differential - MiniTool

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/MiniTool/230388176998483

Search URL Search Domain Scan URL

URL: https://twitter.com/minitool_

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/minitool-solution-ltd-?trk=biz-companies-cym

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRGo-0E8thf9KsrNB3Mqhuw?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://moviemaker.minitool.com/
Title: MiniTool MovieMaker

Search URL Search Domain Scan URL

URL: https://youtubedownload.minitool.com/
Title: MiniTool uTube Downloader

Search URL Search Domain Scan URL

URL: https://videoconvert.minitool.com/
Title: MiniTool Video Converter

Search URL Search Domain Scan URL

URL: https://youtubedownload.minitool.com/youtube/
Title: YouTube Tips

Search URL Search Domain Scan URL

URL: https://moviemaker.minitool.com/moviemaker/
Title: Movie Maker Tips

Search URL Search Domain Scan URL

URL: https://videoconvert.minitool.com/video-converter/
Title: Video Convert Tips

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOedIx7ZUKOb1BPtGty-8&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8LtoMlCVmTVswmPJLQyigAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXtZQcipNPK9f0EtdnCfik&google_cver=1

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMwaNQub-TUHl6MHIouzABo&google_cver=1

Request Chain 75

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NDUyMDYyMDg3NzI1NDkzMQ%3D%3D

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request shadow-copy-windows-10-017.html Show response
www.minitool.com/backup-tips/ 102 KB
23 KB 90ms
32ms Document
text/html 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57908eabc33586d57f3b0695f631a479e6021e64a7d437b8e5ba50b0d5c81600

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2943
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: HIT
cf-ray: 789844ba4c91f0df-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 17:59:57 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Sat, 14 Jan 2023 17:10:57 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1;mode=block

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 163ms
63ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 17:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 17:59:58 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
www.minitool.com/js/ 87 KB
31 KB 31ms
30ms Script
application/javascript 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/js/jquery-3.6.0.min.js

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 06:46:28 GMT
server: cloudflare
age: 4047
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: max-age=86400
cf-ray: 789844babd3cf0df-CDG
x-xss-protection: 1;mode=block
expires: Sun, 15 Jan 2023 16:52:33 GMT

GET
H2 200 article.css
www.minitool.com/css/ 23 KB
5 KB 28ms
27ms Stylesheet
text/css 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/css/article.css?v=20220628144625

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b6e7bda0445481b20c3df30e61c061831f474108f019def255ba7f98ecc59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
content-encoding: br
age: 4047
cf-polished: origSize=28257
x-xss-protection: 1;mode=block
cf-bgj: minify
last-modified: Tue, 28 Jun 2022 06:46:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 789844babd3ef0df-CDG
expires: Sun, 15 Jan 2023 16:52:33 GMT

GET
H2 200 main.min.js Show response
www.minitool.com/js/ 9 KB
3 KB 35ms
34ms Script
application/javascript 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/js/main.min.js?v=20220628144628

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d11fd86d522fe722b3ba8049f3bcaf42a287036a515d507d62516df47b0b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 06:46:28 GMT
server: cloudflare
age: 4047
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: max-age=86400
cf-ray: 789844bb0dbbf0df-CDG
x-xss-protection: 1;mode=block
expires: Sun, 15 Jan 2023 16:52:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 159ms
68ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0282f51c51c165b5844a759c59b6d8c2b4564233d1b955b6d1a21544d7a40d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27635
x-xss-protection: 0
server: sffe
etag: "1451 / 95 of 1000 / last-modified: 1673651143"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Jan 2023 17:59:58 GMT

GET
H2 200 logo-light.png
www.minitool.com/images/ 3 KB
3 KB 36ms
35ms Image
image/png 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.minitool.com/images/logo-light.png

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219540d334db27bc55469e6d3d1fbf2d16255179cb5f1733e09756eff63796c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
age: 11086
cf-polished: origSize=5354
content-length: 3381
x-xss-protection: 1;mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jun 2022 06:46:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 789844bb0dc0f0df-CDG
expires: Sat, 21 Jan 2023 14:55:14 GMT

GET
H2 200 email-decode.min.js Show response
www.minitool.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
802 B 21ms
21ms Script
application/javascript 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 10:27:05 GMT
server: cloudflare
etag: W/"63bd3d79-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 789844bafd9bf0df-CDG
expires: Mon, 16 Jan 2023 17:59:57 GMT

GET
H2 200 other.min.js Show response
www.minitool.com/js/ 17 KB
6 KB 35ms
34ms Script
application/javascript 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/js/other.min.js?v=20220707105302

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22020da2bec052173464c303fe6dbcad9579dfb950eeb6177d32b2a6534f313

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 02:53:02 GMT
server: cloudflare
age: 4047
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: max-age=86400
cf-ray: 789844bb0dc2f0df-CDG
x-xss-protection: 1;mode=block
expires: Sun, 15 Jan 2023 16:52:33 GMT

GET
H/1.1 200
OK count.js Show response
minitool.disqus.com/ 1 KB
2 KB 84ms
19ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://minitool.disqus.com/count.js

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 17:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 9
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 27 Dec 2022 19:33:22 GMT
Server: nginx
ETag: "63ab4882-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: p_kVW9kbKCe8ky8utagM5bXeO7jgvbbkrwjzICKiT3z7tczrI1wJEQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
49 KB 113ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d13b53bed3c445f39890d4923e216cf4bf6a09e7876f941053131d084c1489d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50083
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Jan 2023 17:59:58 GMT

GET
H2 200 fontawesome-webfont.woff2
www.minitool.com/fonts/awesome/ 75 KB
76 KB 27ms
27ms Font
font/woff2 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
age: 6989
content-length: 77160
x-xss-protection: 1;mode=block
last-modified: Mon, 02 Oct 2017 01:49:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=0
accept-ranges: bytes
cf-ray: 789844bb1dc5f0df-CDG
expires: Sat, 14 Jan 2023 16:03:31 GMT

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b537a26aa913602cf89943589dab0adce3c6e2f2137d31e28c685c5c043f2886

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame CADD 6 KB
2 KB 106ms
24ms Document
text/html 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.minitool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 37852
cache-control: max-age=86400
content-encoding: gzip
content-length: 1930
content-type: text/html
date: Sat, 14 Jan 2023 07:33:09 GMT
etag: "1b1a56d9c9fcf8acab07f238231461df"
last-modified: Tue, 04 Oct 2022 10:33:40 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-id: lxvk-UK2nfFAnhrU-ICxG3A1nWKBkkYKiyWWPnPRvgGcyFIhCNuuWQ==
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 uts_lp.php Show response
www.linkconnector.com/ 9 KB
3 KB 246ms
189ms Script
text/javascript 2606:4700:10::6816:31a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkconnector.com/uts_lp.php?cgid=901602

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/js/other.min.js?v=20220707105302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3817f26e3959d1c76826844a8eaf65cdbf14fb277192a129cd52190fb9e258ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.minitool.com
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
x-server: lcweb1
timing-allow-origin: *
cf-ray: 789844bbdd4199c9-CDG
content-length: 2622

GET
H2 200 19038.js Show response
www.dwin1.com/ 37 KB
10 KB 153ms
36ms Script
application/javascript 2600:9000:2304:9600:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/19038.js
Requested by: Host: www.minitool.com
URL: https://www.minitool.com/js/other.min.js?v=20220707105302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60b9d89174ccda856c02f444a6a87b77732d8c04bc22f33dceb5124c4ab7131e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 8X1olk9pzFr7ihYN5CsACtfzv60pAay7
content-encoding: gzip
via: 1.1 ac02b9a9a93754a9f85004c4c9792fee.cloudfront.net (CloudFront)
date: Sat, 14 Jan 2023 17:50:47 GMT
x-amz-cf-pop: VIE50-P1
age: 551
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 06 Jan 2023 12:03:22 GMT
server: AmazonS3
etag: W/"4e89cb39b157c6c509587a36accf3d00"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: i1IJrPAQK6z9PdJOoDmKK5jIjTgnw_lB7SCbFu2_yH-yIEOpxb3aSA==

GET
H2 200 cate-sm-article-top-banner-bg.png
www.minitool.com/images/uploads/cates-tags-banners/2022/ 142 KB
142 KB 29ms
28ms Image
image/png 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.minitool.com/images/uploads/cates-tags-banners/2022/cate-sm-article-top-banner-bg.png

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f303c7951daa3299ba9126167909f9a0167dd06a3bc11af286f41c51ff5c4cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
age: 5079
cf-polished: origSize=146248
content-length: 145395
x-xss-protection: 1;mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jun 2022 06:46:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 789844bb8e48f0df-CDG
expires: Sat, 21 Jan 2023 16:35:22 GMT

GET
H2 200 google_logo_color.png
www.minitool.com/images/icon/ 4 KB
4 KB 36ms
36ms Image
image/png 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.minitool.com/images/icon/google_logo_color.png

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd4d9d732e7a4af52746ebabe6bb16941ee71ae3e919131af700cf4e1228a16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
age: 9667
cf-polished: status=not_needed
content-length: 3831
x-xss-protection: 1;mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 26 Sep 2019 01:45:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 789844bb8e4bf0df-CDG
expires: Sat, 21 Jan 2023 15:18:55 GMT

GET
H2 200 promotion.php Show response
www.minitool.com/promotions/landing/ 286 B
309 B 393ms
392ms XHR
text/html 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.minitool.com/promotions/landing/promotion.php?lang=en

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/js/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93b5b6aae661c254a8fe74b913555639e9f4c52d4ed1938cad392105c91a5615

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: max-age=0
cf-ray: 789844bb8e5cf0df-CDG
x-xss-protection: 1;mode=block
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H/1.1 200
OK count-data.js Show response
minitool.disqus.com/ 305 B
886 B 138ms
137ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://minitool.disqus.com/count-data.js?2=https%3A%2F%2Fwww.minitool.com%2Fbackup-tips%2Fshadow-copy-windows-10-017.html

Requested by

Host: minitool.disqus.com
URL: https://minitool.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c1ed00f45ddc7c0c6d3217d80d3a3f322e3c2baae68e232858e878c6d44944d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 17:59:58 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 305
X-XSS-Protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 92ms
33ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:42:15 GMT
x-content-type-options: nosniff
age: 166663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 19:42:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 84ms
27ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 436506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 116ms
62ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 09:07:05 GMT
x-content-type-options: nosniff
age: 31973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 09:07:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 96ms
54ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 76754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 20:40:44 GMT

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame CADD 50 KB
16 KB 27ms
27ms Script
application/x-javascript 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4760bf61bd6fc2e1e83d862478607dd6df56552ab7fa2cc5ac2e5a8f2929c092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 00:03:32 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 64586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15505
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 10:33:42 GMT
server: AmazonS3
etag: "7634c5de39bff7b73e2df27262caface"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: N3VsWJpp1vzauKzTtQpmU0_kOSqwaI1dxFtr9MOtXXlRUDOTexUCnA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 17:50:29 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 569
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 14 Jan 2023 19:50:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
78 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W6RNX75Q2P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

241cac87419f376d95f9717222955bdda3665f189185cbf2d278158a31fc12c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 17:59:58 GMT

GET
H2 200 pubads_impl_2023010501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 16:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132895
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Jan 2024 16:40:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 98 B
96 B 116ms
62ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.minitool.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8404324c3f1a04512d8c1eddab00b0a21a01e53df0ac5720ca5ad0ecde78f425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Sat, 14 Jan 2023 17:59:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 70ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W6RNX75Q2P&gtm=2oe1a1&_p=1189394349&cid=1229451472.1673719198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673719198&sct=1&seg=0&dl=https%3A%2F%2Fwww.minitool.com%2Fbackup-tips%2Fshadow-copy-windows-10-017.html&dt=What%20Is%20Shadow%20Copy%20and%20How%20to%20Use%20Shadow%20Copy%20Windows%2010%3F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.path_clean=%2Fbackup-tips%2Fshadow-copy-windows-10-017.html
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6RNX75Q2P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 17:59:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.minitool.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 33ms
32ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1189394349&t=pageview&_s=1&dl=https%3A%2F%2Fwww.minitool.com%2Fbackup-tips%2Fshadow-copy-windows-10-017.html&ul=en-us&de=UTF-8&dt=What%20Is%20Shadow%20Copy%20and%20How%20to%20Use%20Shadow%20Copy%20Windows%2010%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2081250542&gjid=1301570811&cid=1229451472.1673719198&tid=UA-686301-28&_gid=1218988316.1673719198&_r=1&gtm=2wg1a1PPJRVD9&cd1=Echo&cd2=2022-11&cd3=2019-07&z=1309160863

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 17:59:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.minitool.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 198ms
62ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.minitool.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 100ms
35ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.minitool.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
15 KB 1754ms
1754ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1224915852825168&correlator=28615482024101&eid=31071144&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&iu_parts=22630280940%2Cglobal.mt%2Cpage-top-1%2Carticle-sidebar-2%2Cpage-bottom-fixed&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%2C728x90%7C970x90&ifi=1&adks=1391017988%2C3713715544%2C228627258&sfv=1-0-40&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1673719198271&lmt=1673716257&dlt=1673719197838&idt=392&adxs=-9%2C1080%2C-9&adys=-9%2C596%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.minitool.com%2Fbackup-tips%2Fshadow-copy-windows-10-017.html&frm=20&vis=1&psz=0x-1%7C300x250%7C0x-1&msz=0x-1%7C300x250%7C0x-1&fws=2%2C516%2C2&ohw=0%2C300%2C0&ga_vid=1229451472.1673719198&ga_sid=1673719198&ga_hid=1189394349&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5afe883491b76facec71678c6e99660c9d66afe09d7dbdde04a3f6766b637a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15738
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.minitool.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C85 6 KB
3 KB 248ms
72ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.minitool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 17:59:58 GMT
expires: Sun, 14 Jan 2024 17:59:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uts_clickcounts.php Show response
www.linkconnector.com/ 0
93 B 193ms
193ms Script
text/html 2606:4700:10::6816:31a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkconnector.com/uts_clickcounts.php?cgid=901602&mid=156919&MerchantURL=https%3A%2F%2Fwww.minitool.com%2F&cid=&Mode=js&AffiliateReferer=&uts_lcid_arr=[]&uts_mlcid=LC1673719198.217
Requested by: Host: www.linkconnector.com
URL: https://www.linkconnector.com/uts_lp.php?cgid=901602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR NID CUR OUR NOR"
x-server: lcweb1
cf-ray: 789844bd5f1f99c9-CDG

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 85ms
24ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-686301-28&cid=1229451472.1673719198&jid=2081250542&gjid=1301570811&_gid=1218988316.1673719198&_u=YADAAEAAAAAAACAAI~&z=1617291171

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 17:59:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.minitool.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 127ms
51ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-686301-28&cid=1229451472.1673719198&jid=2081250542&_u=YADAAEAAAAAAACAAI~&z=1616557979

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 17:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 194ms
76ms Image
image/gif 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-686301-28&cid=1229451472.1673719198&jid=2081250542&_u=YADAAEAAAAAAACAAI~&z=1616557979

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 17:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 new-year-sale-en.png
www.minitool.com/promotions/images/banner/2022-year-end/ 91 KB
91 KB 32ms
31ms Image
image/png 2606:4700::6812:14b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.minitool.com/promotions/images/banner/2022-year-end/new-year-sale-en.png

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c0530c4711da4f7e41b4821cd365f773a999d569c44d1d373ba22c1f514049

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
age: 26299
cf-polished: origSize=105899
content-length: 93374
x-xss-protection: 1;mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 19:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 789844be09d5f0df-CDG
expires: Sat, 21 Jan 2023 10:41:42 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 25ms
24ms Script
application/x-javascript 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/js/main.min.js?v=20220628144628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:04:59 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 50100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: _BIra88VDcq-dD4iU1yRqUVqAH9DPMwNbySDNPnkUsAfUR4MO4nhEQ==

GET
H2 200 default Show response
embed.tawk.to/5ba07739c666d426648ada8d/ 2 KB
943 B 87ms
31ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5ba07739c666d426648ada8d/default

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/js/main.min.js?v=20220628144628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcaba7f46c8c22b0fca3bcf2ab26ccc886460eee996ffeed19e45eea55ff145

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 4484
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 789844bf7a32f18f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 439ms
87ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49dea8e55df60639c6273382757e8e6cb69f922dc363cf3b8ce50ee1b49b1838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10939
x-xss-protection: 0

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 095F 6 KB
2 KB 24ms
24ms Document
text/html 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.minitool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 37852
cache-control: max-age=86400
content-encoding: gzip
content-length: 1930
content-type: text/html
date: Sat, 14 Jan 2023 07:33:09 GMT
etag: "1b1a56d9c9fcf8acab07f238231461df"
last-modified: Tue, 04 Oct 2022 10:33:40 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-id: sByFOrNfL-0jcwGk4CKZeJDx7ygZ2vf8wz9xqlDpltF7Uv4JVv_sEQ==
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 095F 50 KB
16 KB 27ms
27ms Script
application/x-javascript 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4760bf61bd6fc2e1e83d862478607dd6df56552ab7fa2cc5ac2e5a8f2929c092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 00:03:32 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 64586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15505
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 10:33:42 GMT
server: AmazonS3
etag: "7634c5de39bff7b73e2df27262caface"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: KKYV32e190fWsW5UGqiSGrKoP520MH94_Odr8rrbi_eaZ3myRVMoGQ==

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 121 B
367 B 55ms
33ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844bfda07f108-CDG

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 76 KB
27 KB 74ms
52ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844bfda05f108-CDG

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 206 KB
61 KB 59ms
38ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"70dac54eca3bb2143032bc4db3237623"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844bfda08f108-CDG

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 192 KB
40 KB 114ms
93ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"385105148a50079bafff97e9c9476109"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844bfda0bf108-CDG

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 2 KB
1 KB 56ms
35ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844bfda0df108-CDG

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 151 B
427 B 50ms
30ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
Origin: https://www.minitool.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844bfda10f108-CDG

GET
H2 200 53aa8807dec7e10d38f59f32 Show response
widget.trustpilot.com/trustbox-data/ Frame 095F 914 B
833 B 25ms
25ms XHR
application/json 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=548e932b00006400057c2827&locale=en-US

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

bb519bc6646b797b18c560bb73c54aa3da4625210e81ee158b2cb0aae2afcefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 17:58:36 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 116
x-cache: Hit from cloudfront
content-length: 402
x-xss-protection: 1; mode=block
server: Kestrel
etag: "149adbdfa8a891985beb8326d34b5f32"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: 4S4mjyxfvE_rIjm7mzd2kS18fcznSNrTTfG7Xx_G3xFYuZp9gkF8Ng==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 095F 0
322 B 53ms
53ms XHR
text/plain 13.32.27.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.minitool.com%2Fbackup-tips%2Fshadow-copy-windows-10-017.html&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=548e932b00006400057c2827&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-45.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 17:59:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: exW0WqM-McXKT4WxYIagCxjUobo3TUXiSN1wq2k4Z2sNzJ1cVx8wgw==
x-xss-protection: 1; mode=block

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 90ms
33ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5ba07739c666d426648ada8d&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e37e7fe19544adee2096b300794eb4fc3b8f566b1349e6c2b4c1daf283eb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1763
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-s8f8
server: cloudflare
etag: W/"2-65-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 789844c108ae2a4d-CDG
access-control-allow-headers: content-type,x-tawk-token

POST
H3 400 start Show response
va.tawk.to/v1/session/ 60 B
370 B 150ms
149ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

138180bb51412a7b5c7d22ac7aeff4b8450080a6588984807afa9618dafff7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.minitool.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 14 Jan 2023 17:59:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.minitool.com
access-control-allow-credentials: true
cf-ray: 789844c23c33d4f6-CDG
access-control-allow-headers: content-type,x-tawk-token
content-length: 60
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-p4x9

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 238ms
190ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.minitool.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.minitool.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 789844c108b12a4d-CDG
date: Sat, 14 Jan 2023 17:59:59 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-fmkn

GET
H2 200 en.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/languages/ 16 KB
4 KB 28ms
28ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 376506
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 789844c14d2bf18f-CDG

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 225ms
84ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 17:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 17:59:59 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F43E 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.minitool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 209975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 07:40:24 GMT
expires: Fri, 12 Jan 2024 07:40:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8F03 783 B
967 B 36ms
35ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9006e757c24d0dc8b8c6f213de9fd6f795cc376d332ecf8ff55d6fc0b772fed5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0NdHnp7KcsMygxOw_OmvaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.minitool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-0NdHnp7KcsMygxOw_OmvaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 17:59:59 GMT
expires: Sat, 14 Jan 2023 17:59:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8F03 0
0 805ms
154ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010501&jk=1224915852825168&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame F43E 36 KB
16 KB 693ms
44ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:03:30 GMT

GET
H2 200 container.html Show response
e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0471 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.minitool.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 17:59:58 GMT
expires: Sun, 14 Jan 2024 17:59:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 550A 624 B
919 B 199ms
75ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGPbBit0BMAE&v=APEucNUFLVlNvnkG8BJsAdjZ87gXKzZtPUS8x9BGKBzkEd7Nbiv1Xfube1ekRrNeERC6D2gJoDuZkIqmGNByvmh9HiRUIuce9YIKpBHteQ-wnHbnJuwbChur0Spw11beKHlAJv0sc_lOptrfnMbSJtQDfC-SLQnuFvwoOGo4KpXX1Lc809_JOLQ

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 18:00:00 GMT
expires: Sat, 14 Jan 2023 18:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0471 76 KB
27 KB 95ms
94ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 14 Jan 2023 18:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0471 42 B
173 B 154ms
152ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-6pOakBqY9lW-x6C07mTSHCmurCyPX0SOxa-I62UlNXFp0glNSIzjraavKrwJK7bFr0d3xDj5bZ6TSkeV9Uz8NXpPHwSp_Tovr07SWNFImFixTk8

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0471 0
56 B 155ms
154ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7429291610933349522&x=1&ct=76

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 0471 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 0471 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0471 157 KB
49 KB 124ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 18:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0471 0
56 B 153ms
153ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2992915931973&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0471 0
56 B 154ms
153ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2992915931973&version=m202209210101&ct=76&x=1&cor=7429291610933349000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0471 83 KB
35 KB 99ms
98ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOCp2yM9DHpAkOSzlZes4T48TOMXQEVGyhrzYlbFEb-dwigE7JTm711wclnwG2WBn7YFX8fTPb8TcPSBiVlMVyZJarp1aiQWv1hY8MorBqY9CoWWogKvAGgQEZ4VKXVajhKbqMmSt_YoChM8neovd0CcnS-v_deJ48CoUMliyvDFEAtaw&dbm_d=AKAmf-BF40vuNKKTI-dS8IupB_Ri2SBrTaAD9ukETx6LRvbFEEe2FcY_Y3hrlB99_E0F_JqQYm8v2M-3OFvYeJGQjXjTaJNsWBzEoQQ0QRYpMmogOxs77Itvba8Z6J5DqixjRc03xF9-YnjgsLdzA_9DSYL8tHbnZKq9RbGgYts9WeNsiw7jaoH20hqDtuL1SYsU1qMonkUNrJCHl3LXA3qAlzBYeBtU_eiZxqtj_6efbVTqCZffavNQ81tKSG4ihCyYwCfKZ9GtdoiOU3fMLPX5K5hv_RmFNUecQDxeWLudkQJVPCOcQJdQicePpsLbUpgtB7RHIPBQWyY7tSbffzm-4aQjWkPW3g0jEPfOtRGeQXWzSRV-SAbZ2E_WKA6upECaV116LyFwF2LRlrsC1St6dIALic1cxHx0gW9QFLrYNozu7qgwwUg_Mb7IHwSTvoS0XP5ZiZmzH7KTEOu6MOLW7Czsg4DER8Q_0J3Oef-ML-dHWbGNXCmzBdf0Xuvba4Yhu6ZVav_lgNBB_avwqC-OGh-KgQPHfNq1UWLSo9GqR6YNmA9coENgN3PSLEdz_McMyO4Yl9va8PGicU-okJcovC5pGW9833Jk5Fw8g6SGklVACgPEElv-3xign_grfCVeCjuDHQDhfhYkoPkdh-mEs91QPpL13jcHNN_uiOUaILhDVHEEaVPrfnBGbuE03tnb3MINXuKSTN7SKkaN37JzMF1VhvO3uAxG2nonLi1kWVgze3wFFJ7PbuMIjf-QAyPnswayCpfs886AmjQlc8sgp9MuKlJ0nGjnku750ya6BlZbaBq61fW08NtwqJCTsR9lBRpu_bYNr8ZqSUAu0psG2qA4eHk0JIrMs6H2HHDe7Fn4qpcuxZsuJlPKQR1HE00ePxqyVRSX-msCB7yQKGsMgux-sGMuC785qnFnUkAu1YhpVDO_UxcQBjalDnx7mHAPNI-QUORWje6tG7a63-GErDIei2JAwC4QSn0bW3CpB6pttKeNjxs3OCHq6yw4BfZFnokyF9bisn9GA6Ma4vckRy62jbXzJfAx69RDtW0Mng9otELKZINDg2t_C4H3fordWf12JgEAFkqnj8_qq-91VKxrrEt6Vjxy1j7X3E-vWl3L0SwqrI5MlgfYhNBxCuPUktLZOJaB4Nzqw0GYrNc_slAM2cYmGtPa0UWJocRAISyiZuM7DdBB428iU97AU7R5BgIvnX-NE8hwLYD4Lyy6nR_P9QFZa3JsYhJ_DeJb5aodHXp9shD_JsINIRAgYHXrPS_BkEvwZUstREayFpauvY84XstTuffkIhKrJ9PgcA4TeUmr3yAWF9fv7B-jCbiNO1FqGmJDDkUqiU82pywYLcEgYq0Hy8Sap9KfhlOHuAHkTa4l_06tExSpBbjiI-2wqBOLuKWM5YZ6bWwXZJDKdsddELVvQGDDn3dVxnchzF5PUJEk2AzeKjaUsUroxCC4J7ylIBz9VadtE6bSQv5MQnQyFQ7k6QWSGTweA7ZzgLhu-F2YWQLmLeyo0tYvh2j5-MX5VYvZmyWi43OpaRv7qYpbc07-5MJKGgcFAwwyocnjC_viOwwiuJMRuRunv3tBHkjGeieTlJv2HTPfMKqNLhGTP9YPmNgriIystUcHME0aN403lnZ3nRcI0MYm2BmmIFZC1UbBpWHHqj7hTBbdymPKFNZzmatofdn0pqU3zzMg_zJj6DynmO-_tlsHvbePRc1vq1QbpAUuqka7ggd56Sd4x0Nmmtcb34EA9ws6LDnohHNucCqSyS_27sRCRCwtsISEiy6ODmZu326JjMvHZTwh0UeIKQRpaOUGTiQLxf4fw-2l96Ak8qCdp-1v05Fs5uFM0-Ab5pQG1bffUIunOp7dBIev9BSb32AoqOth8WQtIUhoP4UVXjLy5KrctqpPTLKQ1APg1jaqXwH4641LiL1PeXlGdM37-XtKQKiHVIqBoxakQ_lq9xqMO4ERsnf7D0pLMKjjCR5vqG1Z-tAmsFWKxnLpjuawiH851kmCs3yliVizZLTvjbGCsEDzNDXTw5ZwAU2jLSmT6CJxw4S-vOQvjeBysNRMGPEvRvUh0fA3Mnu-JAUvNCYsRC9muEaNCApHW-TQ_9O43ZSiioWn2Dbt5X1rS7DE9bEJyy9jwR_kMFwbUBn03JxHxIOhlhONWA4Opp7LSMM56JsPx84BXLu7PaZHDw2rgos5r7qJgzgITydug6DAcpY8caXcrEhmV6598mK8Kq0wrJBHDUvuly4WG13RUD81jt2K3xjTpFEbBq7lr5Z6zkrVHKxJsgn8WAZSTJrig6TrW0aVFAVZa4Yk4dbY_72HTT0ZKVtQLTy7ZCsFLWxP7zNLyzvLxQU29OklwocsPY32Rh4Ttmev499zggspwNprwwhBkjR4aqnqZcm_VrTgvcP-8kFuXJi2SYISa4i8ORWAIgc6Jtg6ayoviyGyLS45HCXkkAo10wYBskv4P0CL2cH9UpBwvolQH7JCsVcHCtqiiuIPM276KaYmsGsBGOy7y_s6rMvhgauFw0P9joToGs1KxLxBwKUJX2jqWGdXLoRmdqwDoeFIZUS9s7rKRCnFUY7-rV70oco-b9NLGV9frqPoJIs71sAPqtug-v_nvjU10SO32MFqNaJZxP8icMgTu69r9k-TTA-4rs4U153ucVv-cQzi3TrWCsjSR96uVmzAPeEvSn6J0jjNX4TFj7I7l-uQSZQzsHV-JKhCQQNa1y72n9KuxQOxxWNwtxsk1NMnc7oErYrPqxTVBesW685IatWmPksr71aBww-j3Fno1FRy_dKDJ0LzzZgrytzeGlkA0oWDHc7R_iAH_Wy8H_zHjxdlzFPtYtFA1TLi6XGtKB4sXYGGPcpAnVNZmIca8EZwJVKpaCEeoZPHMTQrEzZVDcmtVZQPPKToOsAUhE0tL4TLYei_RlJ39rCzP7RHOaT1GtB3hFMvFeATMdC8bTClOgKDxEYR9zHjnjBBbHsJq8cu-wrknQolSKOdGhJu5gDgAe9d-2iWURTqYK_jm2hFrfHF1dk8Fx2P7-9Avzokc92jDr9DXKIaD8yWnZ7_5rCwwhewbqsc7gexdgfiSSgDWnevL-NW2ayHnBlusDHliwruIl1L8jFE9vcdRr4GlJJPz1_io-TqbZFh0MNkB6gSEYIQAuYNeZUxRiHGt9FUqN9pjqRT9KKssQAlaYTuTbD1kuxX_1xH-DaRKdyhH6b-2Y7F8E69sDihgLHe-uxs9bs_Rl9ZzzMem_ZyVYJjan-V-WqrXflk1wHnigLoLdoTtuixq8NYJl4AJx6bL9qsb7maX-k0pRrp_PhwoJAnwqF6qfmGYwBigBLhXQTZrMR-gqSSIuD4mQzLwnDv7DpkIFKUCGtqJgKg6bHVZAQUFuUPjiTrmz7zeTRzIsxwYp_EDe-p5rhzB1cMjreRLVU&cid=CAQSTADq26N9g3BjCFeA2-wYvLdIamR3x1ZJ9KlMNngWFw5JqgNk3VptmI-oLU9GO2wl7JehqWWkLzgyEHFygcN28NP1FgmZWnDQhZApPiYYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=7429291610933349000&adk=1964084972&idt=118&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfcd530efe5ce8f63929c7bea068428f5131b17542ad33e11f9b6970c4b82326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35507
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 550A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOedIx7ZUKOb1BPtGty-8&google_cver=1

43 B
766 B

34ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOedIx7ZUKOb1BPtGty-8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGPbBit0BMAE&v=APEucNUFLVlNvnkG8BJsAdjZ87gXKzZtPUS8x9BGKBzkEd7Nbiv1Xfube1ekRrNeERC6D2gJoDuZkIqmGNByvmh9HiRUIuce9YIKpBHteQ-wnHbnJuwbChur0Spw11beKHlAJv0sc_lOptrfnMbSJtQDfC-SLQnuFvwoOGo4KpXX1Lc809_JOLQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 18:00:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOedIx7ZUKOb1BPtGty-8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 550A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8LtoMlCVmTVswmPJLQyigAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXtZQcipNPK9f0EtdnCfik&google_cver=1

43 B
766 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXtZQcipNPK9f0EtdnCfik&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGPbBit0BMAE&v=APEucNUFLVlNvnkG8BJsAdjZ87gXKzZtPUS8x9BGKBzkEd7Nbiv1Xfube1ekRrNeERC6D2gJoDuZkIqmGNByvmh9HiRUIuce9YIKpBHteQ-wnHbnJuwbChur0Spw11beKHlAJv0sc_lOptrfnMbSJtQDfC-SLQnuFvwoOGo4KpXX1Lc809_JOLQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 18:00:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXtZQcipNPK9f0EtdnCfik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 550A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMwaNQub-TUHl6MHIouzABo&google_cver=1

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMwaNQub-TUHl6MHIouzABo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGPbBit0BMAE&v=APEucNUFLVlNvnkG8BJsAdjZ87gXKzZtPUS8x9BGKBzkEd7Nbiv1Xfube1ekRrNeERC6D2gJoDuZkIqmGNByvmh9HiRUIuce9YIKpBHteQ-wnHbnJuwbChur0Spw11beKHlAJv0sc_lOptrfnMbSJtQDfC-SLQnuFvwoOGo4KpXX1Lc809_JOLQ

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 18:00:00 GMT
AN-X-Request-Uuid: f8fa9b63-ed91-4e6c-aac9-a1806c5c6f70
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 92.222.212.16; 92.222.212.16; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMwaNQub-TUHl6MHIouzABo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 550A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NDUyMDYyMDg3NzI1NDkzMQ%3D%3D

170 B
502 B

62ms
62ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NDUyMDYyMDg3NzI1NDkzMQ%3D%3D

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 18:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 92.222.212.16; 92.222.212.16; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 64c32a8f-2893-470a-926e-eb16527215bc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NDUyMDYyMDg3NzI1NDkzMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0471 106 KB
38 KB 99ms
25ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
Origin: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 15 Jan 2023 15:17:48 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 0471 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOCp2yM9DHpAkOSzlZes4T48TOMXQEVGyhrzYlbFEb-dwigE7JTm711wclnwG2WBn7YFX8fTPb8TcPSBiVlMVyZJarp1aiQWv1hY8MorBqY9CoWWogKvAGgQEZ4VKXVajhKbqMmSt_YoChM8neovd0CcnS-v_deJ48CoUMliyvDFEAtaw&dbm_d=AKAmf-BF40vuNKKTI-dS8IupB_Ri2SBrTaAD9ukETx6LRvbFEEe2FcY_Y3hrlB99_E0F_JqQYm8v2M-3OFvYeJGQjXjTaJNsWBzEoQQ0QRYpMmogOxs77Itvba8Z6J5DqixjRc03xF9-YnjgsLdzA_9DSYL8tHbnZKq9RbGgYts9WeNsiw7jaoH20hqDtuL1SYsU1qMonkUNrJCHl3LXA3qAlzBYeBtU_eiZxqtj_6efbVTqCZffavNQ81tKSG4ihCyYwCfKZ9GtdoiOU3fMLPX5K5hv_RmFNUecQDxeWLudkQJVPCOcQJdQicePpsLbUpgtB7RHIPBQWyY7tSbffzm-4aQjWkPW3g0jEPfOtRGeQXWzSRV-SAbZ2E_WKA6upECaV116LyFwF2LRlrsC1St6dIALic1cxHx0gW9QFLrYNozu7qgwwUg_Mb7IHwSTvoS0XP5ZiZmzH7KTEOu6MOLW7Czsg4DER8Q_0J3Oef-ML-dHWbGNXCmzBdf0Xuvba4Yhu6ZVav_lgNBB_avwqC-OGh-KgQPHfNq1UWLSo9GqR6YNmA9coENgN3PSLEdz_McMyO4Yl9va8PGicU-okJcovC5pGW9833Jk5Fw8g6SGklVACgPEElv-3xign_grfCVeCjuDHQDhfhYkoPkdh-mEs91QPpL13jcHNN_uiOUaILhDVHEEaVPrfnBGbuE03tnb3MINXuKSTN7SKkaN37JzMF1VhvO3uAxG2nonLi1kWVgze3wFFJ7PbuMIjf-QAyPnswayCpfs886AmjQlc8sgp9MuKlJ0nGjnku750ya6BlZbaBq61fW08NtwqJCTsR9lBRpu_bYNr8ZqSUAu0psG2qA4eHk0JIrMs6H2HHDe7Fn4qpcuxZsuJlPKQR1HE00ePxqyVRSX-msCB7yQKGsMgux-sGMuC785qnFnUkAu1YhpVDO_UxcQBjalDnx7mHAPNI-QUORWje6tG7a63-GErDIei2JAwC4QSn0bW3CpB6pttKeNjxs3OCHq6yw4BfZFnokyF9bisn9GA6Ma4vckRy62jbXzJfAx69RDtW0Mng9otELKZINDg2t_C4H3fordWf12JgEAFkqnj8_qq-91VKxrrEt6Vjxy1j7X3E-vWl3L0SwqrI5MlgfYhNBxCuPUktLZOJaB4Nzqw0GYrNc_slAM2cYmGtPa0UWJocRAISyiZuM7DdBB428iU97AU7R5BgIvnX-NE8hwLYD4Lyy6nR_P9QFZa3JsYhJ_DeJb5aodHXp9shD_JsINIRAgYHXrPS_BkEvwZUstREayFpauvY84XstTuffkIhKrJ9PgcA4TeUmr3yAWF9fv7B-jCbiNO1FqGmJDDkUqiU82pywYLcEgYq0Hy8Sap9KfhlOHuAHkTa4l_06tExSpBbjiI-2wqBOLuKWM5YZ6bWwXZJDKdsddELVvQGDDn3dVxnchzF5PUJEk2AzeKjaUsUroxCC4J7ylIBz9VadtE6bSQv5MQnQyFQ7k6QWSGTweA7ZzgLhu-F2YWQLmLeyo0tYvh2j5-MX5VYvZmyWi43OpaRv7qYpbc07-5MJKGgcFAwwyocnjC_viOwwiuJMRuRunv3tBHkjGeieTlJv2HTPfMKqNLhGTP9YPmNgriIystUcHME0aN403lnZ3nRcI0MYm2BmmIFZC1UbBpWHHqj7hTBbdymPKFNZzmatofdn0pqU3zzMg_zJj6DynmO-_tlsHvbePRc1vq1QbpAUuqka7ggd56Sd4x0Nmmtcb34EA9ws6LDnohHNucCqSyS_27sRCRCwtsISEiy6ODmZu326JjMvHZTwh0UeIKQRpaOUGTiQLxf4fw-2l96Ak8qCdp-1v05Fs5uFM0-Ab5pQG1bffUIunOp7dBIev9BSb32AoqOth8WQtIUhoP4UVXjLy5KrctqpPTLKQ1APg1jaqXwH4641LiL1PeXlGdM37-XtKQKiHVIqBoxakQ_lq9xqMO4ERsnf7D0pLMKjjCR5vqG1Z-tAmsFWKxnLpjuawiH851kmCs3yliVizZLTvjbGCsEDzNDXTw5ZwAU2jLSmT6CJxw4S-vOQvjeBysNRMGPEvRvUh0fA3Mnu-JAUvNCYsRC9muEaNCApHW-TQ_9O43ZSiioWn2Dbt5X1rS7DE9bEJyy9jwR_kMFwbUBn03JxHxIOhlhONWA4Opp7LSMM56JsPx84BXLu7PaZHDw2rgos5r7qJgzgITydug6DAcpY8caXcrEhmV6598mK8Kq0wrJBHDUvuly4WG13RUD81jt2K3xjTpFEbBq7lr5Z6zkrVHKxJsgn8WAZSTJrig6TrW0aVFAVZa4Yk4dbY_72HTT0ZKVtQLTy7ZCsFLWxP7zNLyzvLxQU29OklwocsPY32Rh4Ttmev499zggspwNprwwhBkjR4aqnqZcm_VrTgvcP-8kFuXJi2SYISa4i8ORWAIgc6Jtg6ayoviyGyLS45HCXkkAo10wYBskv4P0CL2cH9UpBwvolQH7JCsVcHCtqiiuIPM276KaYmsGsBGOy7y_s6rMvhgauFw0P9joToGs1KxLxBwKUJX2jqWGdXLoRmdqwDoeFIZUS9s7rKRCnFUY7-rV70oco-b9NLGV9frqPoJIs71sAPqtug-v_nvjU10SO32MFqNaJZxP8icMgTu69r9k-TTA-4rs4U153ucVv-cQzi3TrWCsjSR96uVmzAPeEvSn6J0jjNX4TFj7I7l-uQSZQzsHV-JKhCQQNa1y72n9KuxQOxxWNwtxsk1NMnc7oErYrPqxTVBesW685IatWmPksr71aBww-j3Fno1FRy_dKDJ0LzzZgrytzeGlkA0oWDHc7R_iAH_Wy8H_zHjxdlzFPtYtFA1TLi6XGtKB4sXYGGPcpAnVNZmIca8EZwJVKpaCEeoZPHMTQrEzZVDcmtVZQPPKToOsAUhE0tL4TLYei_RlJ39rCzP7RHOaT1GtB3hFMvFeATMdC8bTClOgKDxEYR9zHjnjBBbHsJq8cu-wrknQolSKOdGhJu5gDgAe9d-2iWURTqYK_jm2hFrfHF1dk8Fx2P7-9Avzokc92jDr9DXKIaD8yWnZ7_5rCwwhewbqsc7gexdgfiSSgDWnevL-NW2ayHnBlusDHliwruIl1L8jFE9vcdRr4GlJJPz1_io-TqbZFh0MNkB6gSEYIQAuYNeZUxRiHGt9FUqN9pjqRT9KKssQAlaYTuTbD1kuxX_1xH-DaRKdyhH6b-2Y7F8E69sDihgLHe-uxs9bs_Rl9ZzzMem_ZyVYJjan-V-WqrXflk1wHnigLoLdoTtuixq8NYJl4AJx6bL9qsb7maX-k0pRrp_PhwoJAnwqF6qfmGYwBigBLhXQTZrMR-gqSSIuD4mQzLwnDv7DpkIFKUCGtqJgKg6bHVZAQUFuUPjiTrmz7zeTRzIsxwYp_EDe-p5rhzB1cMjreRLVU&cid=CAQSTADq26N9g3BjCFeA2-wYvLdIamR3x1ZJ9KlMNngWFw5JqgNk3VptmI-oLU9GO2wl7JehqWWkLzgyEHFygcN28NP1FgmZWnDQhZApPiYYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=7429291610933349000&adk=1964084972&idt=118&cac=0&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 20:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 20:28:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 0471 28 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:57:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10849
x-xss-protection: 0
server: cafe
etag: 12554467027428251666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 05:57:56 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0471 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:33:36 GMT

GET
DATA 200
OK truncated
/ Frame 0471 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f46ca46272a650e3d0450d0c4272389cf89388d7581d79c633c22bc0b959b0e1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A11D 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 324795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 23:46:45 GMT
expires: Wed, 10 Jan 2024 23:46:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatad.js Show response
z.moatads.com/havasfrorangedcmdisplay758646212611/ Frame 0471 330 KB
112 KB 166ms
37ms Script
application/x-javascript 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 16110b12e50e2cb6631e2c3089178fb1091511b333e2e20b5bfd3b7da6d498d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:00 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 14:33:10 GMT
server: AmazonS3
x-amz-request-id: RE1Q3EKJDWSD0018
etag: "8ef5c82e1f4c93bdf0be59ad60fc2c9b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46011
accept-ranges: bytes
content-length: 114413
x-amz-id-2: LdhaaKnFvaIpOWFTF2CTT9j0acjSc7+wOWaRLPwjPb1DkAWwEE2yl3Q0ZbHmXJfd3Cn4tmdOx+E=

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12639228944793608365/ Frame BEC7 10 KB
3 KB 82ms
27ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28304f8ac4aedf546cf7767f532ea39abb53d0a6379c393b3ba427584eaf3cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 372880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3332
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 10:25:20 GMT
expires: Wed, 10 Jan 2024 10:25:20 GMT
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0471 0
0 215ms
79ms Fetch
image/gif 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWsPYFDF1mGV1adugMH5daBDthCC8_Mmwg2aoUKx1aFRBnuUJVZDkFrpS_mdmA4y8d9scJbPpjong2lSL78UWM0k-tuVhfI1TNst9vAwTKhRbmpII92LkDUJYX7JGh_QmcNA_ZDT7QsnJYzAiLltOsG_3EULLWgM319JkOKYUbZf39Dt9xbp-wsYjoFV8Ep-BOm4y4SsEp9EcS0-xCt4eUVCzwZlcP7hFnRue4gBzVxNmZEy7Ubbkvg9nbAOYocKgZ96cDcbT4QodbEWoBMyxpadvEhdWKxvOiRf5ef8EjuL_jSUujJeDEttbPWij66O2_JxBULO7a16HN-g6jdioK5mTBb6dZOeWyYBGy55sbTAfb8RtSbkGxyJseFeJ_8XtTpIMdsPFPQRY9Fvdx1kWrGitITA0HZP2Obo_VuOZ6WrcosvfIJ2QQ6__xVkcAHf9oVViM-qViMlU24O5lghalCZIhVn-AEleKCBDarRlbBl0oR5FoIYzsSaVKncoRaPYnjvDsTClVMw6mNZfSsi0eozg-OMuWUB_SL0OFnQChDbv33QyIaHEy3_Q6fOunF1zEAlKuIiRgtEOMa5eYRcKTraBkez0VkNI8WPyGC2Bj6YMqA11znMPt9K8c_0J44amtXcsWvH5OMuP3QTBg2OafWAJGliSFQ9cVfUfJCmBhp_0tQ58yl85Qd7X12qQJM0Iacu6m3UPKmFNTx_w7UT1SvqH4EucVPnPh0N-A-wNNSYICgErUNVXuVEjpiM7UIGJVy5kEJEH6aSSjzjWJ2Q48TRp7oOKJI-owK6bvXD1g_UQJn__KDQUfSVygjF2yyViiLzAmerEjHDL_kVPzulTXo_YLeedDRSJFaNiaPI7NH9xaCqbnuNDc6w1l0-NqfSdhziU78JNe0Xxv1S29MTaXg2pim5xbrx3oOvrYtBRLLlfPJIDIuAPD6b1-2g3gG3KUwxcB_CEvXYtADWQVUk1wPfYYdn7I5huJMlh_YOQNvNY8Sd5I3LwqQTI9HaMTCjEIy_ImLKrReoQb0godJJEMXoCD6p-eUhXiwx47cOVyDT9c-Z4uTvr6U1GVhzvzWjp1-TWzjpQIYcOK427kR6p_FkxiRIfjzQQU_xZ0kaJbIxehkqmYoFeswlrY7Yg0s5eaiTaq57RKCFhGE7vnQlAkc_fnNELRGqbgmHjauRbh--2EfV4fghD_gWiXjWuythpP3OEde0GnEwdD5784Ht-46DePPcniEuTej_WHl8wBlq5DQTiSQeiWfTnIIIFSgikBHhA&sai=AMfl-YSSif2_ywTvqnt0ICWQ1KOgPM40Zl74W9SQt3Bpo8f0OMsFkAAG2mZ2PeRFdji93qtgUSSAlJGPLlVXliOzDZflmd-NCXbahwCyDVlDNstamJjG1vLG_p5LhGiURQ2e_XVS_yYpliZHbeArBUP8o5shUuMfOlErxfgcP6jgoGn5ps31rQo4wpwi71flKCZB3Iiy5AfY0ESWMbuDW8HqUKLF-_giyqZDMlGbmmHmQ9iyr3yreHczJo4R8uHPNmstPXmoiTEuzaV-Bw0EozNY0-wwT6lvvpQOKRVFlB4OA_lhPU3CYJFQ6owUk16tc67-coM&sig=Cg0ArKJSzIVfCkZFOzvQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=138&cisv=r20230111.03034&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Jan 2023 18:00:00 GMT

GET
H2 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame A11D 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:03:30 GMT

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/12639228944793608365/ Frame BEC7 4 KB
1 KB 27ms
26ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c424dc0d07cf8392ed88d1f1c67416c38f7053dd5e26feeaa065337fba825a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1328
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 visu.jpg
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 11 KB
11 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/visu.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a19e09b41691788ed5da8fc7b5fbef3ea0426a8fa4ce87d1d3d58c0cdffb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11512
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 visu1.jpg
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 11 KB
11 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/visu1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7949cfdb7f0b9dd8417bd39f7c12f4bbc9701ae50e83c8058f936c39b72f07c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:42:45 GMT
x-content-type-options: nosniff
age: 321435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11438
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 00:42:45 GMT

GET
H3 200 visu2.jpg
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 8 KB
8 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/visu2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be50d7d588cac0c60d808308aa428550f37b3cffd7e5271d533ef82ab4f961f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:42:45 GMT
x-content-type-options: nosniff
age: 321435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8640
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 00:42:45 GMT

GET
H3 200 pastille.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 3 KB
3 KB 47ms
43ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/pastille.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c364b659cd5a1527edb3a48ab095ca3ac425c0950bdc35d36fcc9b2e9e46ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 06:01:35 GMT
x-content-type-options: nosniff
age: 388705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3007
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 06:01:35 GMT

GET
H3 200 cartouche.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 770 B
797 B 52ms
49ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/cartouche.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe27e4d46b374e29227ff6ef86ca76d5b40e64dfd91b162bca61a2280f3f450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 11:58:25 GMT
x-content-type-options: nosniff
age: 367295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 770
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 11:58:25 GMT

GET
H3 200 box.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 1 KB
1 KB 50ms
47ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/box.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c8c6c63955281a2a03de571280a7e6c6e663ac8326e85218e5b2aaa7c225a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 09:03:00 GMT
x-content-type-options: nosniff
age: 377820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1253
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 09:03:00 GMT

GET
H3 200 txta.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 1 KB
1 KB 51ms
48ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/txta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a915611da176162e969bc76580f4ecbe4046330e4855686a1c606b856b55b08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 txta1.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 441 B
468 B 50ms
47ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/txta1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6a48378b6cc79b48c5c20381c40622ebd48c3908724e07d0a7e6d5de79627f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 441
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 mobile.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 3 KB
3 KB 48ms
45ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/mobile.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebdabb093a0108cf8939bc26fc4c742e422fa0ca36748e095bcd22df7c512a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 10:13:55 GMT
x-content-type-options: nosniff
age: 373565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2714
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 10:13:55 GMT

GET
H3 200 txtb.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 673 B
700 B 47ms
44ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/txtb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

855827860ef85c8926b28916edd98ec7380ec466456af29d822eb245f7bc3176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 673
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 txtb1.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 807 B
834 B 47ms
44ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/txtb1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c05b30dbd4fbb943836058f44466bb79aeed131c93bb784d8d5f63e39b6ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 07:17:06 GMT
x-content-type-options: nosniff
age: 297774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 807
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 07:17:06 GMT

GET
H3 200 txtc.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 627 B
657 B 59ms
56ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/txtc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394ce148cc5e22a69a27d94d6a407e6c9e67bebe2d20d26d9f7198e69f4dc497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 627
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 txtc1.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 641 B
675 B 61ms
58ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/txtc1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a439ecfbb37bc08be6ffc65ad907c4df866794a0a12a292cb2da1fa4724cba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 09:03:00 GMT
x-content-type-options: nosniff
age: 377820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 641
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 09:03:00 GMT

GET
H3 200 mobile1.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 2 KB
2 KB 59ms
56ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/mobile1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b8888cd7943be3f8767f421d75e2492900f9c750243163055a0bba1d6b7baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:53:39 GMT
x-content-type-options: nosniff
age: 356781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2482
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 14:53:39 GMT

GET
H3 200 box1.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 1 KB
1 KB 60ms
57ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/box1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ed6726c0d79f55bb7ba2de9a119a4d79bd2537d5724e099f7b6f94691ecce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 06:48:13 GMT
x-content-type-options: nosniff
age: 385907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1483
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 06:48:13 GMT

GET
H3 200 prod.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 2 KB
2 KB 56ms
53ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/prod.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64725f99e6665ddd9fee4e3ece19177682b16e9b75d6072b9ce422cdc2f4112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:20:24 GMT
x-content-type-options: nosniff
age: 596376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1584
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 20:20:24 GMT

GET
H3 200 claim.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 603 B
630 B 57ms
54ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/claim.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df689bfca17e9592cd68e20d8d8f59cc651cc44f5dac1650469733a1219a01a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:05:06 GMT
x-content-type-options: nosniff
age: 302094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:05:06 GMT

GET
H3 200 claim1.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 794 B
823 B 58ms
55ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/claim1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c78bb7df52a0199dee44c115538353b6a44d166216d786a4a66283487cccaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:16:59 GMT
x-content-type-options: nosniff
age: 330181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 794
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 22:16:59 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 452 B
479 B 56ms
54ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/footer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da7549f66be6678a28b03037cc3ef474de4bdac6e80df06b87999aed1bebf0e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 10:34:07 GMT
x-content-type-options: nosniff
age: 372353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 452
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 10:34:07 GMT

GET
H3 200 ml.png
s0.2mdn.net/sadbundle/12639228944793608365/img/ Frame BEC7 8 KB
8 KB 51ms
48ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/img/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf23cd807d235bc0e080e3e00ff47632a0623c948a0a55f00ecf5770b1935a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 07:15:01 GMT
x-content-type-options: nosniff
age: 384299
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8168
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 07:15:01 GMT

GET
H3 200 scripts.min.js Show response
s0.2mdn.net/sadbundle/12639228944793608365/ Frame BEC7 71 KB
26 KB 27ms
26ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12639228944793608365/scripts.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6c4a3bc34ae7ab24d4ff1597a3fdd61801b2d1943f8c9f4eaa147b91afb6e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12639228944793608365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 07:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26968
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 23:26:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 07:17:06 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 159ms
159ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010501&jk=1224915852825168&bg=!9fal9rLNAAYDMoyoIzI7ACkAdvg8Wk2npZ301nBLv80bU0e_qMRfNQKa15no1NddTO445W-2qptL-wIAAABwUgAAAAJoAQcKAFrQwhZ7DPkXIbtByGKO8psnzYDzYi-zZ8C8EQFlMN-vFYQnU9JU7MriF15-xdt8I-GWW4hLYD_Ih7cPdPLnviaakUbOKgJ73M_BvKerC1DJMoh6NZV9iswoqA-ZAqaJNU0cW9FWVJCe5lfWCHQ0aefjVPzGiiTZiHbvxJ_OtBYuoxB8uw1LU2-Hl_FNsLJzc4M26OI8a40begynlZ5EHN_CaH_AeV8po5AI8ejoqY5iYsZUm2tSQ98IfWYjuLH6X3TvvqD9Gukdo9Zy3iiW7lhBuAytQZqQNmg6mh0hCUE5j70c1U5yc84J9slRKmXqlsSmie0DRFpuOl_7MD2pcpWMPqhWyEZpf546_fhCMa2ppCRiLcqyyFOTiEBhUqxxEXMZBerSDEG0Lj_Y5P-m0usRRG5uzEuttmO30GHKWpBmYSnWT5WvBCzudXAnad813jtQmXh-AUvRcReYsg5fA3pcRGGiUmIOA69QJfeo2JLYfhAJKQI2AQEe_qk2CYboKL9donnxgblX-RTHtXCyh2ehD_-01nQppSpf5NsV0IxPbviIrfpDtmpHm3CbFR9zezgIR7-p6N8DIZrTwrWip-pQlq_rr9t8GepGuPaZnXHhfcyq5jcXiikVKRQThqP5L7rQ-90d5IuVB1W_MAnLUv9DIGng9KiRUNVcl3K9svcuSOZ4cPum2HwO5c0I0-1i2Oa182c337VkYxHsyCLdPbYWEM1Ejq528Ixy-KncpG1VodT7P2hI2LzqLOf2K8SmdXZk10G-bwM3NUJ-N3fii170jDbFkJ9K4_FK6bIYoifVU5Ya3HJ_zngA0JsrBLbgKx-9-TE5OtYJwP0sLuQnsaKtWlxHwxzTDJey0X7IvrVQWQ5QN7XUh9aO7PyQG-kxzoL54nKikZzOwafhx2F_ULv4n6zOw0ODzHwgOkbENTwxx74RnTqdV2IunXFIeK-L_lICY_sX4wJCveB_8017y8MJITHELwHxfuK_Iz9pEtGZISeY-anvPMpd098wyOqvTBEAif8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.minitool.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BEC7 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A11D 0
56 B 158ms
158ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMh-UoO3CY5XBEom_x_APl6aN8AgAAAAAOAHgBAI&bg=!j4yljMjNAAYDMoyoIzI7ACkAdvg8WhlTVeS3gueIT2coWH5BB_6G3lCkJLlM9KHcZ8FSniMU5x0uwQIAAABrUgAAAARoAQeZAvMWo3gkgSrsXvsODxA_Nbz9xNgY007-UGAUy2R01lJ3yOMlCMz_PQaFFh9dNZnylq-90ue6MKgiGuNN9Wbc4V5cNeBNgQlZGbm47iPKJku8Wrz0GGqoCYRHeXRn-zB7S1RAvGg7sr4lVoMvXqoOAMlnmJBWOO_buR8skjXtF1PnhSBJ_B2_orGHrMNDspP4g8sA-jgmmZO2S4h4EbVdMReBVfoM95rcaLFBpbKeG3JbxjGe3XcEfvwMhIb_ZDKi0l9ToGztojYXhFEw9shwSSBsXZ2YvaJP10p1uxxWjPU0tCPmtoykx90f60_igyiQzix9FOxoUv5VacuX-0YWijzDmkbOCH_Pd34bnyswcN_v5yp53Iu3UHKiGl82rKAttWN0hjRB0qpcHWo55atdjNftnQB3nhFLURExAXf1NXivExQKRdQn-giba--eHkDASJS21IRkcidF_kbWa73wkDEVnUoS21DMQDtEFTaMOyy_vCGlq1VshITuzFUJKdo2SgXDO0ulThBSTGvO9UYb_q9OBY6ZVRxXGZUlmDS3vL4vsZ9vaidTudeoL63ssZ2qfXIr-30BDyBgYYfpMKU0OrZBlZddxIhjZjLtAFqdyhPbrqM6FB2TrlRVGxrfyS_MTCuBSA3OlgS7sUWY71leZU0-lX_i58cfOtUm_PVY7UEtgWm5iDD2C9WelGGGsS-rflBq8UDThBiTuKU9I60QKHD9YoNU7p9bHtqmJaRTtdJhemX9rnOM66KU3DjcyYQ1pFka3RW768GPyfJTPtsRvb8PCfj_7vmMDTvnH-BHwbcpGaZmNkULCWPtsUVMV99IIrK-gCXP79A-x6RYp8mKOq8BpiYKcS69JREiEehwtrAV6hjfMsXru1xWX-d-5biNEbdcEgaqI14n_p2FcizmxmC9Wa31f_dSy-rqTYgfCpIhtSc5xH-NMdNgFVTr8_eS6kHZjKFQT9yTNxWGIoI2Dn1R0b4kyNRvFOsQmx34sVG-Lr9nKA

Requested by

Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0471 0
0 76ms
75ms Fetch
image/gif 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWsPYFDF1mGV1adugMH5daBDthCC8_Mmwg2aoUKx1aFRBnuUJVZDkFrpS_mdmA4y8d9scJbPpjong2lSL78UWM0k-tuVhfI1TNst9vAwTKhRbmpII92LkDUJYX7JGh_QmcNA_ZDT7QsnJYzAiLltOsG_3EULLWgM319JkOKYUbZf39Dt9xbp-wsYjoFV8Ep-BOm4y4SsEp9EcS0-xCt4eUVCzwZlcP7hFnRue4gBzVxNmZEy7Ubbkvg9nbAOYocKgZ96cDcbT4QodbEWoBMyxpadvEhdWKxvOiRf5ef8EjuL_jSUujJeDEttbPWij66O2_JxBULO7a16HN-g6jdioK5mTBb6dZOeWyYBGy55sbTAfb8RtSbkGxyJseFeJ_8XtTpIMdsPFPQRY9Fvdx1kWrGitITA0HZP2Obo_VuOZ6WrcosvfIJ2QQ6__xVkcAHf9oVViM-qViMlU24O5lghalCZIhVn-AEleKCBDarRlbBl0oR5FoIYzsSaVKncoRaPYnjvDsTClVMw6mNZfSsi0eozg-OMuWUB_SL0OFnQChDbv33QyIaHEy3_Q6fOunF1zEAlKuIiRgtEOMa5eYRcKTraBkez0VkNI8WPyGC2Bj6YMqA11znMPt9K8c_0J44amtXcsWvH5OMuP3QTBg2OafWAJGliSFQ9cVfUfJCmBhp_0tQ58yl85Qd7X12qQJM0Iacu6m3UPKmFNTx_w7UT1SvqH4EucVPnPh0N-A-wNNSYICgErUNVXuVEjpiM7UIGJVy5kEJEH6aSSjzjWJ2Q48TRp7oOKJI-owK6bvXD1g_UQJn__KDQUfSVygjF2yyViiLzAmerEjHDL_kVPzulTXo_YLeedDRSJFaNiaPI7NH9xaCqbnuNDc6w1l0-NqfSdhziU78JNe0Xxv1S29MTaXg2pim5xbrx3oOvrYtBRLLlfPJIDIuAPD6b1-2g3gG3KUwxcB_CEvXYtADWQVUk1wPfYYdn7I5huJMlh_YOQNvNY8Sd5I3LwqQTI9HaMTCjEIy_ImLKrReoQb0godJJEMXoCD6p-eUhXiwx47cOVyDT9c-Z4uTvr6U1GVhzvzWjp1-TWzjpQIYcOK427kR6p_FkxiRIfjzQQU_xZ0kaJbIxehkqmYoFeswlrY7Yg0s5eaiTaq57RKCFhGE7vnQlAkc_fnNELRGqbgmHjauRbh--2EfV4fghD_gWiXjWuythpP3OEde0GnEwdD5784Ht-46DePPcniEuTej_WHl8wBlq5DQTiSQeiWfTnIIIFSgikBHhA&sai=AMfl-YSSif2_ywTvqnt0ICWQ1KOgPM40Zl74W9SQt3Bpo8f0OMsFkAAG2mZ2PeRFdji93qtgUSSAlJGPLlVXliOzDZflmd-NCXbahwCyDVlDNstamJjG1vLG_p5LhGiURQ2e_XVS_yYpliZHbeArBUP8o5shUuMfOlErxfgcP6jgoGn5ps31rQo4wpwi71flKCZB3Iiy5AfY0ESWMbuDW8HqUKLF-_giyqZDMlGbmmHmQ9iyr3yreHczJo4R8uHPNmstPXmoiTEuzaV-Bw0EozNY0-wwT6lvvpQOKRVFlB4OA_lhPU3CYJFQ6owUk16tc67-coM&sig=Cg0ArKJSzIVfCkZFOzvQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=358&vt=11&dtpt=216&dett=3&cstd=138&cisv=r20230111.03034&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.minitool.com
URL: https://www.minitool.com/backup-tips/shadow-copy-windows-10-017.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Jan 2023 18:00:00 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 0471 98 B
271 B 217ms
35ms Script
text/html 52.19.157.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1639234888&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHB3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-LQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&m=0&ar=3b5b3eaa-clean&iw=2fa7962&q=2&cb=0&ym=0&cu=1673719200824&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=29150715%3A4440622%3A355875177%3A184640910&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&bo=minitool.com&bd=minitool.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&it=500&ti=0&ih=2&pe=0%3A445%3A445%3A0%3A446&jk=-1&jm=-1&fs=112&na=522950863&cs=0&ord=1673719200824&jv=1000421613&callback=DOMlessLLDcallback_16897589
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.157.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-157-131.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 9da8b2e46083c9a7a87e6ef921708fe39e7eb15a6ac5243842f6250116309fc2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:01 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "28772200fbfa5f6936222b5952e6c5cc6478c755"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 0471 371 B
545 B 208ms
34ms Script
text/html 34.241.144.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.minitool.com%2F&pcode=havasfrorangedcmdisplay758646212611&ord=1673719200824&jv=911621212&callback=BrandSafetyNadoscallback_16897589
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.144.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-144-75.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 280607094ed607273b7e8e7f1e40dc8e247907f4868ee2ded64bd21da4926387

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:00:01 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "412c9f44e3681285c739ea9989f71820c9c8737a"
content-length: 371
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0471 43 B
260 B 72ms
38ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&m=0&ar=3b5b3eaa-clean&iw=2fa7962&q=3&cb=0&ym=0&cu=1673719200824&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=29150715%3A4440622%3A355875177%3A184640910&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&bo=minitool.com&bd=minitool.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&it=500&ti=0&ih=2&pe=0%3A445%3A445%3A0%3A446&jk=-1&jm=-1&fs=112&na=927956878&cs=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0471 43 B
260 B 37ms
37ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F12639228944793608365%2Findex.html&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=1639234888&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHB3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-LQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&cu=1673719200824&m=84&ar=3b5b3eaa-clean&iw=2fa7962&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A445%3A445%3A0%3A446&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=61&cd=0&ah=61&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=29150715%3A4440622%3A355875177%3A184640910&bo=minitool.com&bd=minitool.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=112&na=1265841135&cs=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0471 43 B
260 B 37ms
37ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=1639234888&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHB3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-LQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&cu=1673719200824&m=209&ar=3b5b3eaa-clean&iw=2fa7962&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lh=29&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A445%3A445%3A0%3A446&aa=0&ad=67&cn=0&gk=67&gl=0&ik=67&ic=67&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=61&cd=61&ah=61&am=61&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=29150715%3A4440622%3A355875177%3A184640910&bo=minitool.com&bd=minitool.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=112&na=127947559&cs=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 170ms
28ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=61&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=1&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 170ms
29ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=61&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=2&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 171ms
29ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=67&fi=1&apd=195&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=3&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 172ms
30ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=67&fi=1&apd=195&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=4&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 43ms
30ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=271&fi=1&apd=399&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=5&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
URL: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:01 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0471 42 B
174 B 162ms
161ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJWstHUjo5fh49r2Hxli3XA0DclPaB2_R1Pa55fMyrUBur7BGl1CW-NfF0D2NGjIoXsBr1mFNvcozWr4cnck64XpsoJuIODQtff7qnu_1s4sjZwX2zmm32IpiNXGPFmzC-ktsJBg&sai=AMfl-YRMpASgHUrqK3y7OsT_DH5tdDbEu3wxkN1KkqP2VbblNu5z9SHvgfz9qxPiR6qyM_TJJ8ee0et6EAN0FzUjeQcE_kJ7Ud3yoy5R_Pw80WVfIaQWAQA8j08tCuvu-4ha4qNVRBlcwgoCbfeAilDy&sig=Cg0ArKJSzAN7-5i9zt_7EAE&cid=CAQSTADq26N9g3BjCFeA2-wYvLdIamR3x1ZJ9KlMNngWFw5JqgNk3VptmI-oLU9GO2wl7JehqWWkLzgyEHFygcN28NP1FgmZWnDQhZApPiYYASAT&id=lidar2&mcvt=1000&p=596,1080,846,1380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3713715544&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673719200062&rpt=436&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0471 43 B
260 B 40ms
37ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=1639234888&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHB3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-LQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&cu=1673719200824&m=1218&ar=3b5b3eaa-clean&iw=2fa7962&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=220&lg=1&lh=29&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A445%3A445%3A1223%3A446&aa=1&ad=1076&cn=67&gn=1&gk=1076&gl=67&ik=1076&ic=1076&ez=1&co=1076&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=61&ah=1003&am=61&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=29150715%3A4440622%3A355875177%3A184640910&bo=minitool.com&bd=minitool.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=112&na=922596326&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:02 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 28ms
26ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1003&tet=1076&fi=1&apd=1204&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=6&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0471 43 B
260 B 44ms
42ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=1639234888&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHB3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-LQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&cu=1673719200824&m=1220&ar=3b5b3eaa-clean&iw=2fa7962&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=220&lg=1&lh=29&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A445%3A445%3A1223%3A446&aa=1&ad=1076&cn=1076&gn=1&gk=1076&gl=1076&ik=1076&ic=1076&ez=1&co=1076&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=29150715%3A4440622%3A355875177%3A184640910&bo=minitool.com&bd=minitool.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=112&na=1793202090&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0471 43 B
260 B 37ms
36ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=1639234888&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHB3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-LQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.minitool.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.minitool.com&lp=https%3A%2F%2Fwww.minitool.com&t=1673719200824&de=390534701358&cu=1673719200824&m=1222&ar=3b5b3eaa-clean&iw=2fa7962&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=220&lg=1&lh=29&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A445%3A445%3A1223%3A446&aa=1&ad=1076&cn=1076&gn=1&gk=1076&gl=1076&ik=1076&ic=1076&ez=1&co=1076&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=29150715%3A4440622%3A355875177%3A184640910&bo=minitool.com&bd=minitool.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=19474492031&zMoatDBMIOID=1010062650&zMoatDBMCreaID=463642870&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=112&na=1881875914&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:02 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0471 0
56 B 154ms
154ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2992915931973&version=m202209210101&ct=76&x=1&cor=7429291610933349000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 18:00:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 0471 43 B
274 B 26ms
26ms Image
image/gif 104.111.217.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1003&tet=2089&fi=1&apd=2217&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=minitool.com&L1id=29150715&L2id=4440622&L3id=355875177&L4id=184640910&S1id=minitool.com&S2id=minitool.com&ord=1673719200824&r=390534701358&t=civ&os=1&fi2=1&div1=1&ait=0&zMoatADV=8364571&url=https%253A%252F%252Fwww.minitool.com%252F&bedc=1&q=7&BSD=safe&BSC=gs_tech_consumer_smartphone,gs_tech_compute_net,gs_shopping_misc,gs_entertain,gs_tech_compute,gs_busfin,gs_tech_consumer,moat_safe,gs_tech_compute_apps_os,gs_tech,gs_shopping_sales,gs_shopping,gs_tech_compute_apps&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sat, 14 Jan 2023 18:00:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 14 Jan 2023 18:00:03 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.minitool.com/	1969-12-31 23:59:59	Name: __b_t_article Value: /backup-tips/shadow-copy-windows-10-017.html_20230014175957
.minitool.com/	1970-01-20 18:31:19	Name: _ga_W6RNX75Q2P Value: GS1.1.1673719198.1.0.1673719198.0.0.0
.linkconnector.com/	1970-01-20 08:55:22	Name: uts_901602_lpcheck Value: 1
.minitool.com/	1970-01-20 18:31:19	Name: _ga Value: GA1.2.1229451472.1673719198
.minitool.com/	1970-01-20 08:56:45	Name: _gid Value: GA1.2.1218988316.1673719198
.minitool.com/	1970-01-20 08:55:19	Name: _gat_UA-686301-28 Value: 1
.minitool.com/	1970-01-20 18:31:19	Name: uts_id Value: uts1673719198.953
.minitool.com/	1970-01-20 08:55:22	Name: LCUTS_UID_901602 Value: 901602
www.minitool.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: 9DcgvBGyDuXNa5jRHGOK3
www.minitool.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.minitool.com/	1970-01-20 18:16:55	Name: __gads Value: ID=ab932fbc969771aa:T=1673719198:S=ALNI_MaXL4_wM9otryqRVTrmMEgqiraNpg
.minitool.com/	1970-01-20 18:16:55	Name: __gpi Value: UID=00000ba254c5c53f:T=1673719198:RT=1673719198:S=ALNI_MbriUBu43uH6T9KxxZPQFdJGuAA2Q
.doubleclick.net/	1970-01-20 18:16:55	Name: IDE Value: AHWqTUmZnzr4DWZeruEmMz3mcQYVyvmnXSr2QVwZwY5NSX4RCtR6A7k1VUd3_akoqx4
.adnxs.com/	1970-01-20 11:04:55	Name: uuid2 Value: 5394520620877254931
.casalemedia.com/	1970-01-20 17:40:55	Name: CMID Value: Y8LtoMlCVmTVswmPJLQyigAA
.casalemedia.com/	1970-01-20 11:04:55	Name: CMPS Value: 5156
.casalemedia.com/	1970-01-20 11:04:55	Name: CMPRO Value: 5156
.adnxs.com/	1970-01-20 11:04:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>0l`r[p!]tbPl1M>e)ZlrFUfJ+tGXxo]Ls^VFu-D+[5q=^H9gBFuKKqc?/CXmAO<IbpRzqF1`b_3r$<nn

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://va.tawk.to/v1/session/start Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js(Line 140) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
cm.g.doubleclick.net
dsum-sec.casalemedia.com
e7497cc3e6ce9a010220d8980771e245.safeframe.googlesyndication.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
havasfrorangedcmdisplay758646212611.s.moatpixel.com
ib.adnxs.com
mb.moatads.com
minitool.disqus.com
pagead2.googlesyndication.com
px.moatads.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
va.tawk.to
widget.trustpilot.com
www.dwin1.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
www.linkconnector.com
www.minitool.com
z.moatads.com
104.111.217.133
13.32.27.45
142.250.180.194
142.250.201.194
185.80.39.216
199.232.196.134
2.18.37.133
2001:4860:4802:34::36
2600:9000:2304:9600:f:8ce2:fb80:93a1
2606:4700:10::6816:1883
2606:4700:10::6816:31a9
2606:4700::6812:14b2
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2006
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9a
2a00:1450:400d:804::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
34.241.144.75
37.252.171.52
52.19.157.131
0282f51c51c165b5844a759c59b6d8c2b4564233d1b955b6d1a21544d7a40d04
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be50d7d588cac0c60d808308aa428550f37b3cffd7e5271d533ef82ab4f961f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138180bb51412a7b5c7d22ac7aeff4b8450080a6588984807afa9618dafff7fb
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16110b12e50e2cb6631e2c3089178fb1091511b333e2e20b5bfd3b7da6d498d8
17d11fd86d522fe722b3ba8049f3bcaf42a287036a515d507d62516df47b0b51
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1fcaba7f46c8c22b0fca3bcf2ab26ccc886460eee996ffeed19e45eea55ff145
219540d334db27bc55469e6d3d1fbf2d16255179cb5f1733e09756eff63796c9
241cac87419f376d95f9717222955bdda3665f189185cbf2d278158a31fc12c2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
280607094ed607273b7e8e7f1e40dc8e247907f4868ee2ded64bd21da4926387
28304f8ac4aedf546cf7767f532ea39abb53d0a6379c393b3ba427584eaf3cc5
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bf23cd807d235bc0e080e3e00ff47632a0623c948a0a55f00ecf5770b1935a7
2c78bb7df52a0199dee44c115538353b6a44d166216d786a4a66283487cccaf7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c8c6c63955281a2a03de571280a7e6c6e663ac8326e85218e5b2aaa7c225a0
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3817f26e3959d1c76826844a8eaf65cdbf14fb277192a129cd52190fb9e258ff
394ce148cc5e22a69a27d94d6a407e6c9e67bebe2d20d26d9f7198e69f4dc497
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4760bf61bd6fc2e1e83d862478607dd6df56552ab7fa2cc5ac2e5a8f2929c092
47a19e09b41691788ed5da8fc7b5fbef3ea0426a8fa4ce87d1d3d58c0cdffb49
49dea8e55df60639c6273382757e8e6cb69f922dc363cf3b8ce50ee1b49b1838
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
53c364b659cd5a1527edb3a48ab095ca3ac425c0950bdc35d36fcc9b2e9e46ff
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57908eabc33586d57f3b0695f631a479e6021e64a7d437b8e5ba50b0d5c81600
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5afe883491b76facec71678c6e99660c9d66afe09d7dbdde04a3f6766b637a36
5fe27e4d46b374e29227ff6ef86ca76d5b40e64dfd91b162bca61a2280f3f450
60b9d89174ccda856c02f444a6a87b77732d8c04bc22f33dceb5124c4ab7131e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
65b6e7bda0445481b20c3df30e61c061831f474108f019def255ba7f98ecc59a
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70ed6726c0d79f55bb7ba2de9a119a4d79bd2537d5724e099f7b6f94691ecce0
7949cfdb7f0b9dd8417bd39f7c12f4bbc9701ae50e83c8058f936c39b72f07c3
8404324c3f1a04512d8c1eddab00b0a21a01e53df0ac5720ca5ad0ecde78f425
855827860ef85c8926b28916edd98ec7380ec466456af29d822eb245f7bc3176
9006e757c24d0dc8b8c6f213de9fd6f795cc376d332ecf8ff55d6fc0b772fed5
93b5b6aae661c254a8fe74b913555639e9f4c52d4ed1938cad392105c91a5615
9da8b2e46083c9a7a87e6ef921708fe39e7eb15a6ac5243842f6250116309fc2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2c05b30dbd4fbb943836058f44466bb79aeed131c93bb784d8d5f63e39b6ccd
a439ecfbb37bc08be6ffc65ad907c4df866794a0a12a292cb2da1fa4724cba4f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64725f99e6665ddd9fee4e3ece19177682b16e9b75d6072b9ce422cdc2f4112
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
a915611da176162e969bc76580f4ecbe4046330e4855686a1c606b856b55b08b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b537a26aa913602cf89943589dab0adce3c6e2f2137d31e28c685c5c043f2886
bb519bc6646b797b18c560bb73c54aa3da4625210e81ee158b2cb0aae2afcefe
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bf6a48378b6cc79b48c5c20381c40622ebd48c3908724e07d0a7e6d5de79627f
c1ed00f45ddc7c0c6d3217d80d3a3f322e3c2baae68e232858e878c6d44944d6
c22020da2bec052173464c303fe6dbcad9579dfb950eeb6177d32b2a6534f313
c424dc0d07cf8392ed88d1f1c67416c38f7053dd5e26feeaa065337fba825a45
c7b8888cd7943be3f8767f421d75e2492900f9c750243163055a0bba1d6b7baa
cb6c4a3bc34ae7ab24d4ff1597a3fdd61801b2d1943f8c9f4eaa147b91afb6e9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d13b53bed3c445f39890d4923e216cf4bf6a09e7876f941053131d084c1489d9
d3e37e7fe19544adee2096b300794eb4fc3b8f566b1349e6c2b4c1daf283eb89
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51
da7549f66be6678a28b03037cc3ef474de4bdac6e80df06b87999aed1bebf0e2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df689bfca17e9592cd68e20d8d8f59cc651cc44f5dac1650469733a1219a01a0
dfcd530efe5ce8f63929c7bea068428f5131b17542ad33e11f9b6970c4b82326
e1c0530c4711da4f7e41b4821cd365f773a999d569c44d1d373ba22c1f514049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ebdabb093a0108cf8939bc26fc4c742e422fa0ca36748e095bcd22df7c512a7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f303c7951daa3299ba9126167909f9a0167dd06a3bc11af286f41c51ff5c4cf8
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f46ca46272a650e3d0450d0c4272389cf89388d7581d79c633c22bc0b959b0e1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd4d9d732e7a4af52746ebabe6bb16941ee71ae3e919131af700cf4e1228a16a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.minitool.com Open in urlscan Pro 2606:4700::6812:14b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

97 %HTTPS

68 %IPv6

20 Domains

33 Subdomains

32 IPs

6 Countries

1437 kBTransfer

3378 kBSize

18 Cookies

29 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.minitool.com Open in urlscan Pro
2606:4700::6812:14b2 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

97 %
HTTPS

68 %
IPv6

20
Domains

33
Subdomains

32
IPs

6
Countries

1437 kB
Transfer

3378 kB
Size

18
Cookies

127 HTTP transactions
3 data transactions