freetoolonline.com Open in urlscan Pro
2600:9000:2490:9e00:1d:3318:1dc0:93a1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freetoolonline.com/heic-to-jpg.html
Effective URL:
https://freetoolonline.com/heic-to-jpg.html
Submission: On October 16 via api (October 16th 2023, 7:08:15 am UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 16 domains to perform 111 HTTP transactions. The main IP is 2600:9000:2490:9e00:1d:3318:1dc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is freetoolonline.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 1st 2023. Valid for: a year.

This is the only time freetoolonline.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:249... 2600:9000:2490:1400:1d:3318:1dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2490:9e00:1d:3318:1dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:225... 2600:9000:2251:2200:12:bca1:1580:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:8000:d:640e:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.83.180.156 3.83.180.156	14618 (AMAZON-AES) (AMAZON-AES)
2	52.7.236.171 52.7.236.171	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
1 12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	18.204.143.103 18.204.143.103	14618 (AMAZON-AES) (AMAZON-AES)
16	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	52.206.154.146 52.206.154.146	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
111	27

1 2600:9000:2490:1400:1d:3318:1dc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

freetoolonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:9e00:1d:3318:1dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

freetoolonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2251:2200:12:bca1:1580:21 (United States)

ASN16509 (AMAZON-02, US)

dkbg1jftzfsd2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

api.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8000:d:640e:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.freetool.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.83.180.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-180-156.compute-1.amazonaws.com

downloader01.us-east-1a.freetool.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.236.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-236-171.compute-1.amazonaws.com

downloader02.us-east-1a.freetool.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.204.143.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-143-103.compute-1.amazonaws.com

uploader.us-east-1a.freetool.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.154.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-154-146.compute-1.amazonaws.com

worker.us-east-1a.freetool.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	351 KB
18	cloudfront.net dkbg1jftzfsd2.cloudfront.net	150 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	97 KB
10	freetool.online config.freetool.online downloader01.us-east-1a.freetool.online downloader02.us-east-1a.freetool.online uploader.us-east-1a.freetool.online worker.us-east-1a.freetool.online	7 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	128 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 998 c.clarity.ms — Cisco Umbrella Rank: 1548 y.clarity.ms — Cisco Umbrella Rank: 7907	27 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	129 KB
4	unsplash.com api.unsplash.com — Cisco Umbrella Rank: 79193 images.unsplash.com — Cisco Umbrella Rank: 6741	609 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	609 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
3	freetoolonline.com 1 redirects freetoolonline.com	16 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	145 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 257	760 B
111	16

	Domain	Requested by
18	dkbg1jftzfsd2.cloudfront.net	freetoolonline.com dkbg1jftzfsd2.cloudfront.net
16	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	dkbg1jftzfsd2.cloudfront.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	region1.google-analytics.com	www.googletagmanager.com
4	www.google-analytics.com	freetoolonline.com www.google-analytics.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	uploader.us-east-1a.freetool.online	dkbg1jftzfsd2.cloudfront.net
3	y.clarity.ms	www.clarity.ms
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	freetoolonline.com googleads.g.doubleclick.net
3	freetoolonline.com	1 redirects dkbg1jftzfsd2.cloudfront.net
2	www.googleadservices.com
2	worker.us-east-1a.freetool.online	dkbg1jftzfsd2.cloudfront.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	images.unsplash.com	dkbg1jftzfsd2.cloudfront.net
2	downloader02.us-east-1a.freetool.online	dkbg1jftzfsd2.cloudfront.net
2	downloader01.us-east-1a.freetool.online	dkbg1jftzfsd2.cloudfront.net
2	api.unsplash.com	dkbg1jftzfsd2.cloudfront.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	freetoolonline.com www.clarity.ms
2	www.googletagmanager.com	freetoolonline.com www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	config.freetool.online	dkbg1jftzfsd2.cloudfront.net
1	c.bing.com	1 redirects
111	27

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
www.linkedin.com
www.reddit.com
en.wikipedia.org
www.facebook.com
unsplash.com

Subject Issuer	Validity	Valid
freetoolonline.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-05` - `2024-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.freetool.online Amazon RSA 2048 M02	`2023-02-19` - `2024-03-19`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
downloader01.us-east-1a.freetool.online R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
downloader02.us-east-1a.freetool.online R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-12` - `2024-04-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
uploader.us-east-1a.freetool.online R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
worker.us-east-1a.freetool.online R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://freetoolonline.com/heic-to-jpg.html
Frame ID: EC5520283CC754919138107948939E2E
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 61AD94D770F9657D2E417BC4C5CC452B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=6433735850&adk=2389920682&adf=80405017&pi=t.ma~as.6433735850&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084152&bpp=4&bdt=748&idt=211&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=1452915370496&frm=20&pv=2&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KeuBHrsNsd&p=https%3A//freetoolonline.com&dtd=234
Frame ID: 1AE24BF4D1FC1E390DC84BDA28683730
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=2501575265&adk=4179162951&adf=1881974171&pi=t.ma~as.2501575265&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084157&bpp=1&bdt=753&idt=242&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQkmBNxBcr&p=https%3A//freetoolonline.com&dtd=260
Frame ID: BA24BABEA0F18FF086999B57D4BEAE58
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=90&slotname=8788466333&adk=2596948215&adf=673552559&pi=t.ma~as.8788466333&w=728&lmt=1697432884&rafmt=12&format=728x90&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084158&bpp=1&bdt=753&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VeD2ps1wvp&p=https%3A//freetoolonline.com&dtd=291
Frame ID: 5D441CDEEAE4AB4A09C6C9C13AFD8FEB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&adk=1812271804&adf=3025194257&lmt=1697432884&plat=1%3A16777216%2C2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_l&format=0x0&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084162&bpp=2&bdt=758&idt=298&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C728x90&nras=1&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=324
Frame ID: CFC8C07F7B28CC9351240B61E1ED650E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5CC1C965434D864981795B17962A2C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B91AC9E314A038B170E05544B7F6188
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D88E876F342A8FDCE5E3F44DA4B3A392
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5A4660976756685E475BBE3C0F833112
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 11CA52F4038E4E43276DF31F68EF0DF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 73B716D65408348E0504047C489A5BC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Convert HEIC to JPG - Free Tool Online

Page URL History Show full URLs

http://freetoolonline.com/heic-to-jpg.html HTTP 301
https://freetoolonline.com/heic-to-jpg.html Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

98 %
HTTPS

71 %
IPv6

16
Domains

27
Subdomains

27
IPs

3
Countries

1804 kB
Transfer

4034 kB
Size

19
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/sharer.php?u=https://freetool.online/heic-to-jpg.html
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://freetool.online/heic-to-jpg.html
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://freetool.online/heic-to-jpg.html
Title: Share

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https://freetool.online/heic-to-jpg.html&title=Post%20to%20Reddit%20via%20https://freetool.online/heic-to-jpg.html
Title: Post

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/High_Efficiency_Image_File_Format
Title: Wikipedia

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/JPEG
Title: Wikipedia

Search URL Search Domain Scan URL

URL: https://www.facebook.com/freetoolonline
Title: Follow Us

Search URL Search Domain Scan URL

URL: https://unsplash.com/@oulashin
Title: Image by Sean

Search URL Search Domain Scan URL

URL: https://unsplash.com/photos/KMn4VEeEPR8
Title: seashore during golden hour

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freetoolonline.com/heic-to-jpg.html HTTP 301
https://freetoolonline.com/heic-to-jpg.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=460E00073E6D4F14A49F4946ED09440F&RedC=c.clarity.ms&MXFR=1F8F4378ABC7602C3C8450D4AFC76E4A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=460E00073E6D4F14A49F4946ED09440F&MUID=2F4A5CB42FCE646130444F182E1C656A

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://googleads.g.doubleclick.net/pagead/adview?ai=CXc31VOEsZZuRHoqx6wTpsZr4DfLO46lzreeErZEQ7s2_0sUxEAEg_Nf_SWCV4pCCoAegAe-whdwoyAEBqQLe9ToZ5KGxPqgDAcgDywSqBOABT9ALUfvbUfo2WVMsV8aip4yEjVzJDQT47JITO40ee_6eYah238zscm9KMHF-PD5Z-13cOKMJeULZjQBbLVBMlZY2sOI7iA-ek9GOLiwQXK3q_kvMEmQAn0MKJqbQb4ZkFULY8RAd3w72P0M8e_76cchl-7dtKiFDuxqE6n9-udSli6zUa-iAUaGevKFwj3St9cZJVCjycpeESqkz3fYY-5SnVcxidtzz7sLCHU6kycR9CO1la1Rn7pMxU7nrmt7fZ1L9aMgP5DpB8SdWaOza1iYF4oRNmqmjEyTjOqSsNI3ABJfNkYySBIgF3aK3xEKSBQQIBBgBkgUECAUYBIAH7-jVuwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCY_zPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkiaHR0cHM6Ly9tZXZpeS5taXN1bWktZWMuY29tL2RlLWRlL4AKAcgLAdgTDYgUCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMzE3NDYwMjgwNTU3NzYwGAA&sigh=ZQjWT-02Tb4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNWQIzqFDrp76WlOEeXL7RJHmBF-M_gVg4m9lwq6wuM-z-sbnKpt3Va7osp1sprXEJXpgBvAZ8TsnRnJbDVFgHAaZx7UEFiQ8YAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224017262502314000584%22,%22debug_reporting%22:true,%22destination%22:%22https://misumi-ec.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930444399%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211340172228032137185%22}&andc=true

111 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request heic-to-jpg.html Show response
freetoolonline.com/
Redirect Chain

http://freetoolonline.com/heic-to-jpg.html
https://freetoolonline.com/heic-to-jpg.html

43 KB
15 KB

26ms
7ms

Document
text/html

2600:9000:2490:9e00:1d:3318:1dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9e00:1d:3318:1dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e749f4bfabded13027b121ebd4b1c786284425774d82ee6ca3c0021fc18ea661

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81529
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Sun, 15 Oct 2023 08:29:14 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
x-amz-cf-id: dQ2MaY77Bf_5CB206jUxwq6i0ZcL8xYQgxyGz7Sz0IIbpl10DBuFVw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 16 Oct 2023 07:08:03 GMT
Location: https://freetoolonline.com/heic-to-jpg.html
Server: CloudFront
Via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Q6XzPxB-os_9_myM3FdTIF-DCZp_q7yAppq6CocmGDNsJSjQV-FzMQ==
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront

GET
H2 200 common.css
dkbg1jftzfsd2.cloudfront.net/style/ 26 KB
6 KB 50ms
9ms Stylesheet
text/css 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/style/common.css?v=23.10.14.19.40
Requested by: Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef906f48c786691fdaff6ec2016dfe3119ad35e89137504ed987e7adfa36b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 04:04:13 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sun, 08 Oct 2023 01:31:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 11031
etag: W/"94da4b9c16d5b40b238ddb1bfff6c140"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
x-amz-cf-id: MsWKwC3pqY3fX5KMvEJ874iMySLIBhepY7zUfVYFv6rcfShsbz1b0Q==

GET
H2 200 utils.js Show response
dkbg1jftzfsd2.cloudfront.net/script/ 4 KB
2 KB 51ms
10ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Requested by: Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ba293a1b437f8fadb779e0be5a9d959cefe0da0ffa43a69c9a1092e1ae362f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 00:31:52 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sat, 17 Sep 2022 07:09:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 23772
etag: W/"038020a0938079090bdb9432517e6243"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ATBiZg-6oH_5WTMwmO6mS16Y0I9uyqWwswGZE0BWphibSEUBQVBULw==

GET
H2 200 upload-style.css
dkbg1jftzfsd2.cloudfront.net/style/ 11 KB
3 KB 49ms
8ms Stylesheet
text/css 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/style/upload-style.css?v=23.10.14.19.40
Requested by: Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec272d2d44f2c211e6b75b0127e69358598d15d556b74aafcd2bae6d5e25df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 06:15:23 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 11:40:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 3161
etag: W/"bd949c12c03b87396d6868ef3f2d870b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
x-amz-cf-id: 5Ozf0obl6_kt-Eyipe712vlEDh6edZYIPWqnip2VJAecGdxhnaiRYw==

GET
H2 200 upload-controls.js Show response
dkbg1jftzfsd2.cloudfront.net/script/ 11 KB
4 KB 35ms
10ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/upload-controls.js?v=23.10.14.19.40
Requested by: Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e12da558b470389f6cc056b09ff37f98fd5eae7dc32c0794b23de86027737675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 10:50:40 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sat, 14 Oct 2023 10:30:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 73044
etag: W/"80f5421aa7a985b5eee64fddea3e051b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: YLp2Uvm_KWHXBTlehICKqmqPHqXeDO3pOYGDXJGmLdzdvqF5S7wtnA==

GET
H2 200 fa-load.css
dkbg1jftzfsd2.cloudfront.net/style/ 2 KB
1 KB 50ms
10ms Stylesheet
text/css 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/style/fa-load.css
Requested by: Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18365b5090a7bd32c1e719c5faca1a6dc5dcff3815a294f29ab5d0ea21f638c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 05:38:19 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 16:35:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5385
etag: W/"fca295ade53485017f48d04cf37dea15"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
x-amz-cf-id: xpt0qx8QJKszxTGgRn_uSW1uXfjRPKax7m6R33VQDlax4EHaiIueFA==

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c477554edcac016cd96d296e222a73e4e55bd1847cc834de04538b80e6ae02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 07:08:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 07:08:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
61 KB 137ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7C3HB4

Requested by

Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d827882a5dda7aee1425e2c78e18840cdd92a0aab9eed7148952d693ca7b263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61590
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Oct 2023 07:08:03 GMT

GET
H2 200 bg.svg
dkbg1jftzfsd2.cloudfront.net/image/ 2 KB
1010 B 8ms
8ms Image
image/svg+xml 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkbg1jftzfsd2.cloudfront.net/image/bg.svg
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/style/common.css?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkbg1jftzfsd2.cloudfront.net/style/common.css?v=23.10.14.19.40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 07:07:59 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Mon, 15 Mar 2021 06:10:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1987205
etag: W/"bc3d32a696895f78c19df6c717586a5d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: oWDLj_-ueogZ5hmbTKjXO75BbePxz6FNvggkv96fH-v1A5FftkNECQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Oct 2023 05:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4701
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 16 Oct 2023 07:49:42 GMT

GET
H2 200 fontawesome-webfont.woff2
dkbg1jftzfsd2.cloudfront.net/fonts/ 75 KB
76 KB 25ms
9ms Font
binary/octet-stream 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/style/fa-load.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://dkbg1jftzfsd2.cloudfront.net/style/fa-load.css
Origin: https://freetoolonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 03:05:38 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Sun, 05 Jul 2020 11:03:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1569746
etag: "af7ae505a9eed503f8b8e6982036873e"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 77160
x-amz-cf-id: iegTqvpZbUwvcGXBosJXe88gSTErzRISEQpmtgU_8jB1yUF9OMUwfg==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freetoolonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 305404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:17:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 45ms
45ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1701633643&t=pageview&_s=1&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&ul=en-us&de=UTF-8&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1069341900&gjid=1882056277&cid=1723943846.1697440084&tid=UA-98483938-2&_gid=912607463.1697440084&_r=1&_slc=1&z=1410551766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g6pqi0gu6d Show response
www.clarity.ms/tag/ 700 B
1 KB 129ms
100ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/g6pqi0gu6d?ref=gtm2
Requested by: Host: freetoolonline.com
URL: https://freetoolonline.com/heic-to-jpg.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d28a4f1da81575d82e00fdde06a07c7edfa9c9139fe35e7c4ac3a66136c4e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: -1
date: Mon, 16 Oct 2023 07:08:03 GMT
x-azure-ref: 20231016T070803Z-3au19y9fc96gp840nwm871srpc00000001v000000001cqwp
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 700
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
84 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7C3HB4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8aba6b4a68c6cb4d4bb32e8ce0db1cb60885575af824c45d49a6854a5f555f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Oct 2023 07:08:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-050LTR8TST&gtm=45je3ab0&_p=1701633643&cid=1723943846.1697440084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697440083&sct=1&seg=0&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.12/ 58 KB
25 KB 17ms
17ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.12/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/g6pqi0gu6d?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:03 GMT
content-encoding: br
last-modified: Thu, 12 Oct 2023 01:51:26 GMT
etag: W/"0x8DBCAC5BF4C06D9"
vary: Accept-Encoding
x-azure-ref: 20231016T070803Z-3au19y9fc96gp840nwm871srpc00000001v000000001cqxc
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: eaaf15fb-801e-0077-1479-fefb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 jquery.min.js Show response
dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/ 95 KB
34 KB 8ms
8ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:26:34 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sun, 05 Jul 2020 11:06:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1122090
etag: W/"4f252523d4af0b478c810c2547a63e19"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: SUqfKAwqafmQ9gCoo6FphGBDLjGJLXO3k7SXe2fWSs1kSi1TXJDMvg==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=460E00073E6D4F14A49F4946ED09440F&RedC=c.clarity.ms&MXFR=1F8F4378ABC7602C3C8450D4AFC76E4A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=460E00073E6D4F14A49F4946ED09440F&MUID=2F4A5CB42FCE646130444F182E1C656A

42 B
444 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=460E00073E6D4F14A49F4946ED09440F&MUID=2F4A5CB42FCE646130444F182E1C656A
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:03 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C562638AC7246CB8D00B7F92252F0A4 Ref B: FRAEDGE1219 Ref C: 2023-10-16T07:08:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=460E00073E6D4F14A49F4946ED09440F&MUID=2F4A5CB42FCE646130444F182E1C656A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 module-loader.js Show response
dkbg1jftzfsd2.cloudfront.net/script/ 4 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/module-loader.js?v=23.10.14.19.40
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9412545b596981ce6a63613f6f06dc97d4f62654e8d7fd5aa5b63c62a09b199d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 06:15:23 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Wed, 07 Jun 2023 11:07:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 3161
etag: W/"384c27e9038081a7415ac8f8d24e6fea"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: A7jiU23k5x34VY3P32WJugDpN08oHIyko3-MFHZ2kVlOdzVtAn2d5w==

GET
H2 200 base-script.js Show response
dkbg1jftzfsd2.cloudfront.net/script/ 10 KB
4 KB 8ms
8ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/base-script.js?v=23.10.14.19.40
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1b4c0ae91bbfcd1b3e86ae0f319670b4519240d10f9145eb9d33d6e0015faa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 12:45:52 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sat, 14 Oct 2023 12:39:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 66132
etag: W/"24b55fa3a256dca2f0deb8b3e02b2fac"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: BtfweF9LQdaTjnrZdRfHyBbomDATtGz95-qVaKLj4PyP_XEi-OZD8A==

OPTIONS
H2 200 photos
api.unsplash.com/search/ Frame 0
0 135ms
100ms Preflight 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unsplash.com/search/photos?query=wallpapers&page=1&per_page=30&content_filter=high&orientation=landscape&client_id=0fded05dc29e00f3a22e79c451bbbf4905f3d17d9ba2d5348398c648bd1603ca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://freetoolonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Link, X-Total, X-Per-Page, X-RateLimit-Limit, X-RateLimit-Remaining
access-control-max-age: 7200
content-length: 0
date: Mon, 16 Oct 2023 07:08:03 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697440083&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=D1%2FUgm6z9RnCQZOajEi9XzKCsI%2BJHyPEkQqNaxJ4JLk%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697440083&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=D1%2FUgm6z9RnCQZOajEi9XzKCsI%2BJHyPEkQqNaxJ4JLk%3D
server: Cowboy
vary: Authorization,Accept-Language,client-geo-region,Accept
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-iad-kjyo7100104-IAD, cache-fra-eddf8230118-FRA
x-timer: S1697440084.889552,VS0,VE94

GET
H2 200 cookie-info.html Show response
dkbg1jftzfsd2.cloudfront.net/view/ 3 KB
1 KB 9ms
9ms XHR
text/html 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/view/cookie-info.html?v=23.10.14.19.40
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ff80d220a1ecaf0fdac4b7a5123a1c83ecaff9c54a7d6cb6dfee1f616a18fbf

Request headers

Accept: text/html, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 04:53:55 GMT
content-encoding: br
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Sat, 16 Sep 2023 07:54:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 8049
etag: W/"e1816d8520444702fa978d4cf571adad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: hGlhGXzdjydQzvCfU8Ysl3ZZgwbNPswzuo0d3D05knIEXZs6p5hiaQ==

GET
H2 200 related-tools.js Show response
dkbg1jftzfsd2.cloudfront.net/script/ 13 KB
4 KB 8ms
7ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/related-tools.js?v=23.10.14.19.40
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45b52685217c7807b43282d2137078038a655ee4d70e65dc7f793fb17837e9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 05:42:19 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 12:08:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5145
etag: W/"77e6d91e24d7bd67ea3e4c46ce59e64a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Y9Gc1jLsbhJJVNgizSlIYOTMlU9o6sAC9IoMicfIU7_LWbJCrtdAaQ==

GET
H2 200 rating.html Show response
dkbg1jftzfsd2.cloudfront.net/view/ 20 KB
5 KB 9ms
8ms XHR
text/html 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/view/rating.html?v=23.10.14.19.40
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07c46921175e3153d023f31b016ba95ff174a324074dd14cc5cbe869113bd363

Request headers

Accept: text/html, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:07:52 GMT
content-encoding: br
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified: Sat, 14 Oct 2023 06:51:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 263
etag: W/"d34ae45be1883ac8fcd0fe9e1d8097e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: grXsOnQvvmRoxrTKe4eo2yyiDp8FmRtvhPQ_HeoesfuAZgPyXulM9A==

GET
H2 200 photos Show response
api.unsplash.com/search/ 399 KB
27 KB 8ms
8ms XHR
application/json 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.unsplash.com/search/photos?query=wallpapers&page=1&per_page=30&content_filter=high&orientation=landscape&client_id=0fded05dc29e00f3a22e79c451bbbf4905f3d17d9ba2d5348398c648bd1603ca

Requested by

Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy / hero-app

Resource Hash

c77b50017559bfb895d06f31c1f45c8df39c323e29fd6ed0df2432ec849b1544

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: br
age: 46524
x-served-by: cache-iad-kjyo7100121-IAD, cache-fra-eddf8230118-FRA
x-timer: S1697440084.990878,VS0,VE1
etag: W/"c77b50017559bfb895d06f31c1f45c8d"
x-ratelimit-remaining: 4692
vary: Accept-Encoding,Authorization,Accept-Language,client-geo-region,Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Link,X-Total,X-Per-Page,X-RateLimit-Limit,X-RateLimit-Remaining
cache-control: max-age=86400,stale-if-error=3600,stale-while-revalidate=60
content-language: en
x-ratelimit-limit: 5000
access-control-allow-headers: *
link: <https://api.unsplash.com/search/photos?client_id=0fded05dc29e00f3a22e79c451bbbf4905f3d17d9ba2d5348398c648bd1603ca&content_filter=high&orientation=landscape&page=334&per_page=30&query=wallpapers>; rel="last", <https://api.unsplash.com/search/photos?client_id=0fded05dc29e00f3a22e79c451bbbf4905f3d17d9ba2d5348398c648bd1603ca&content_filter=high&orientation=landscape&page=2&per_page=30&query=wallpapers>; rel="next"
x-cache-hits: 1, 1
strict-transport-security: max-age=63072000; includeSubDomains
access-control-request-method: *
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
date: Mon, 16 Oct 2023 07:08:03 GMT
x-total: 10000
x-powered-by: hero-app
x-cache: HIT, HIT
content-length: 26236
x-request-id: 7cb639a3-b45f-4604-b0bc-c2e18d25f337
x-per-page: 30
x-runtime: 0.127815
server: Cowboy
access-control-max-age: 7200
warning: The tags property in this endpoint is deprecated. https://changelog.unsplash.com/deprecations/2021/07/12/tags-search-deprecation.html
x-unsplash-version: v1
accept-ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 180ms
94ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535ca8edc2a5874748ddba5693de182f5d5ed1a27833060d45d81b0129bb56e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51223
x-xss-protection: 0
server: cafe
etag: 3144381274052571471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:03 GMT

GET
H2 200 formstone-core-upload-1.1.3.min.190820.js Show response
dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/ 13 KB
5 KB 8ms
7ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/formstone-core-upload-1.1.3.min.190820.js?v=23.10.14.19.40
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6008fac0f60133a3e7d1ed0a33109f603ab41023ddd76579a489074cc93e5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:26:37 GMT
content-encoding: br
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 14:45:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 952887
etag: W/"769f7157d4fbbd6028ed0cd22df4701a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 5SjmVFSgBBpFjuBfrXCIC4fEMcdztphquphS1hxRIKBiYk7vwP1VqQ==

GET
H2 200 heic-to-jpg.css
dkbg1jftzfsd2.cloudfront.net/style/convert/ 130 B
475 B 8ms
8ms Stylesheet
text/css 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/style/convert/heic-to-jpg.css
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9252c46b4e72bb60daa094e9bb18ca4b4c20512fb4a646772306022ff0c07d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 22:39:16 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sun, 05 Jul 2020 11:06:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 7115328
etag: "f90af49ac3efba9e0e85238923de3aa1"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
content-length: 130
x-amz-cf-id: 5Kt0UJAAzwcHYbbfDKBIS87RG8mlZUaXGIHfVQdfZALsTotvWsjnDA==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fc999280ee104d13f2dd631522d06ad68ea15c109394cd6ff58e48b34489e30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 close.png
dkbg1jftzfsd2.cloudfront.net/image/ 321 B
668 B 8ms
8ms Image
image/png 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkbg1jftzfsd2.cloudfront.net/image/close.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52d0760190ab2602c33806574b752dae8646440d87c3a9d90c374328cc7baa1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:37:01 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Mon, 15 Mar 2021 06:10:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1035063
etag: "c6b46bbd990e76d77ae79a7cc8225e71"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 321
x-amz-cf-id: 1ZqVDpUyRHxUim2oN4tO7OgLRr8dYcvZHHvwuCwNEOCSua7TTzHk_Q==

GET
H2 200 heic-to-jpg.css
dkbg1jftzfsd2.cloudfront.net/style/convert/ 130 B
475 B 8ms
8ms Stylesheet
text/css 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/style/convert/heic-to-jpg.css
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9252c46b4e72bb60daa094e9bb18ca4b4c20512fb4a646772306022ff0c07d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 22:39:16 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sun, 05 Jul 2020 11:06:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 7115328
etag: "f90af49ac3efba9e0e85238923de3aa1"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
content-length: 130
x-amz-cf-id: 6P4kRDh2Q1mkzs0KSYYf_95QXE8UccyiPzIC_7OBqoKPcwv3qGbMMA==

GET
H2 200 IOInfos.txt Show response
config.freetool.online/ 178 B
658 B 44ms
7ms XHR
text/plain 2600:9000:223f:8000:d:640e:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.freetool.online/IOInfos.txt?v=21.02.15
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8000:d:640e:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a52d5dccf8e8c99c6a2aa5342a46a83c82bd8309f7022919e3be15cfb60cc676

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Tue, 10 Oct 2023 17:06:56 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 482468
x-cache: Hit from cloudfront
content-length: 178
last-modified: Mon, 04 Jan 2021 14:55:09 GMT
server: AmazonS3
etag: "7e7520392b5fec26c0e4e4c619d0e85a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=604800
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: X9qDXvEoKYYwbYUXvouAJQXH_h20y3uPJvqKZh3q2d3h7EyM8SHOAA==

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
298 B 410ms
184ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://freetoolonline.com
Date: Mon, 16 Oct 2023 07:08:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

OPTIONS
H/1.1 200 heath-check-alive
downloader01.us-east-1a.freetool.online/ Frame 0
0 456ms
101ms Preflight 3.83.180.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://downloader01.us-east-1a.freetool.online/heath-check-alive
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 3.83.180.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-180-156.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freetoolonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
Access-Control-Allow-Methods: HEAD,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Access-Control-Max-Age: 10
Connection: keep-alive
Content-Length: 0
Date: Mon, 16 Oct 2023 07:08:04 GMT
Keep-Alive: timeout=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,origin,access-control-request-method

POST
H/1.1 200 heath-check-alive Show response
downloader01.us-east-1a.freetool.online/ 3 B
376 B 103ms
103ms XHR
application/json 3.83.180.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://downloader01.us-east-1a.freetool.online/heath-check-alive
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 3.83.180.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-180-156.compute-1.amazonaws.com
Software: /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 16 Oct 2023 07:08:04 GMT
vary: Origin
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=3600
Content-Length: 3

POST
H/1.1 200 heath-check-alive Show response
downloader02.us-east-1a.freetool.online/ 3 B
376 B 108ms
107ms XHR
application/json 52.7.236.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://downloader02.us-east-1a.freetool.online/heath-check-alive
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.7.236.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-236-171.compute-1.amazonaws.com
Software: /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 16 Oct 2023 07:08:04 GMT
vary: Origin
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=3600
Content-Length: 3

OPTIONS
H/1.1 200 heath-check-alive
downloader02.us-east-1a.freetool.online/ Frame 0
0 425ms
101ms Preflight 52.7.236.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://downloader02.us-east-1a.freetool.online/heath-check-alive
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.7.236.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-236-171.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freetoolonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
Access-Control-Allow-Methods: HEAD,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Access-Control-Max-Age: 10
Connection: keep-alive
Content-Length: 0
Date: Mon, 16 Oct 2023 07:08:04 GMT
Keep-Alive: timeout=3600
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,origin,access-control-request-method

GET
H2 200 photo-1507525428034-b723cf961d3e Show response
images.unsplash.com/ 291 KB
291 KB 51ms
9ms XHR
image/jpeg 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://images.unsplash.com/photo-1507525428034-b723cf961d3e?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3w0NTMzNXwwfDF8c2VhcmNofDEwfHx3YWxscGFwZXJzfGVufDF8MHx8fDE2OTczOTM1NjB8MA&ixlib=rb-4.0.3&q=80&w=1080&w=1920

Requested by

Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/module-loader.js?v=23.10.14.19.40

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

75dd74d5d466f857117f1dd4166a2f4822542d5997d9c4ed73538176e8a52053

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
x-content-type-options: nosniff
age: 2396420
x-cache: HIT, HIT
x-imgix-id: 379a0114308238e1f3ee06fba304f73416ca5891
cross-origin-resource-policy: cross-origin
content-length: 297640
x-served-by: cache-sjc10048-SJC, cache-fra-etou8220057-FRA
x-imgix-render-farm: 01.140360
last-modified: Mon, 18 Sep 2023 13:27:43 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 photo-1507525428034-b723cf961d3e
images.unsplash.com/ 291 KB
291 KB 24ms
9ms Image
image/jpeg 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

75dd74d5d466f857117f1dd4166a2f4822542d5997d9c4ed73538176e8a52053

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
x-content-type-options: nosniff
age: 2396420
x-cache: HIT, HIT
x-imgix-id: 379a0114308238e1f3ee06fba304f73416ca5891
cross-origin-resource-policy: cross-origin
content-length: 297640
x-served-by: cache-sjc10048-SJC, cache-fra-etou8220095-FRA
x-imgix-render-farm: 01.140360
last-modified: Mon, 18 Sep 2023 13:27:43 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 61AD 10 KB
5 KB 148ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 09:30:01 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 09:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
134 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2317460280557760&plah=freetoolonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feb4a130ba142e40bdf9002f0b5404cd7285601d7d6043c56e88a39ff4858148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136613
x-xss-protection: 0
server: cafe
etag: 11310083239198361337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
609 B 141ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=freetoolonline.com&callback=_gfp_s_&client=ca-pub-2317460280557760

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2317460280557760&plah=freetoolonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4882aa362def9c5947aeff053dacea8526fba9077be9e657333b4e213da89935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AE2 50 KB
12 KB 1293ms
1292ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=6433735850&adk=2389920682&adf=80405017&pi=t.ma~as.6433735850&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084152&bpp=4&bdt=748&idt=211&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=1452915370496&frm=20&pv=2&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KeuBHrsNsd&p=https%3A//freetoolonline.com&dtd=234

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d827163bfff3281af45908a40a231eed1805ed64aa61dbe55e0738df1f79de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12441
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:05 GMT
expires: Mon, 16 Oct 2023 07:08:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 163ms
84ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a9f4f3c2dfd6801e36f792e703faf7f08211aae38fc30cb68ce346f25cfdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12242
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA24 122 KB
40 KB 846ms
844ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=2501575265&adk=4179162951&adf=1881974171&pi=t.ma~as.2501575265&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084157&bpp=1&bdt=753&idt=242&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQkmBNxBcr&p=https%3A//freetoolonline.com&dtd=260

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c7472f9e8f5180bdbe8d77f5745b6a3af347c65bcf4dc6e388f282bc33ecc8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40653
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:05 GMT
expires: Mon, 16 Oct 2023 07:08:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D44 123 KB
40 KB 1252ms
1251ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=90&slotname=8788466333&adk=2596948215&adf=673552559&pi=t.ma~as.8788466333&w=728&lmt=1697432884&rafmt=12&format=728x90&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084158&bpp=1&bdt=753&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VeD2ps1wvp&p=https%3A//freetoolonline.com&dtd=291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec8df56f6e2c406a8afc7e7e53a46f39ac3e8ca3e6b82768b517e35e41aa14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40597
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:05 GMT
expires: Mon, 16 Oct 2023 07:08:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFC8 0
19 B 48ms
45ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&adk=1812271804&adf=3025194257&lmt=1697432884&plat=1%3A16777216%2C2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_l&format=0x0&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084162&bpp=2&bdt=758&idt=298&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C728x90&nras=1&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=324

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:04 GMT
expires: Mon, 16 Oct 2023 07:08:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ccInfo&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=w3-top%20navBarContainer&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 get-availabel-page-id Show response
uploader.us-east-1a.freetool.online/ 2 KB
2 KB 107ms
106ms XHR
application/json 18.204.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uploader.us-east-1a.freetool.online/get-availabel-page-id?pageName=heic-to-jpg
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-143-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7fe81e75c5a6c7c3d2e0b70543aa7446d0b8585adf073ef498183bba733e452e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 16 Oct 2023 07:08:04 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H/1.1 200 get-availabel-page-id
uploader.us-east-1a.freetool.online/ Frame 0
0 389ms
104ms Preflight 18.204.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uploader.us-east-1a.freetool.online/get-availabel-page-id?pageName=heic-to-jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-143-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freetoolonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://freetoolonline.com
Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Mon, 16 Oct 2023 07:08:04 GMT
Server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 130ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 07:08:04 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5CC 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 01:50:24 GMT
expires: Tue, 15 Oct 2024 01:50:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B91 829 B
1 KB 141ms
50ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22b4c6af7f23851ad2c161b478866318fa3d592096ccf4e3e8d99cab2afc562e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pq7uoWHVAdUXHhTePS2bUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freetoolonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Pq7uoWHVAdUXHhTePS2bUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:04 GMT
expires: Mon, 16 Oct 2023 07:08:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame E5CC 37 KB
14 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Oct 2024 09:56:25 GMT

POST
H2 200 get-rating Show response
freetoolonline.com/ajax/ 76 B
568 B 190ms
190ms XHR
application/json 2600:9000:2490:9e00:1d:3318:1dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freetoolonline.com/ajax/get-rating?pageName=heic-to-jpg
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9e00:1d:3318:1dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ee6451aadfbc2a3759d5f90219e2797ae09bd5ced41de58fbdd2ec40f2a1052

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freetoolonline.com/heic-to-jpg.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 16 Oct 2023 07:08:05 GMT
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://freetoolonline.com
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
x-amz-cf-id: u7P6m3z27OYYTBrzgcqVkBqjIlp7Ij85AtAsrcQXkwqh2FYvfgv1rA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B91 0
0 81ms
80ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1456142926698147&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5CC 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CjFPVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200 uploadfile Show response
uploader.us-east-1a.freetool.online/ 1 KB
2 KB 1074ms
544ms XHR
application/json 18.204.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uploader.us-east-1a.freetool.online/uploadfile
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.204.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-143-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3215436fec80a2ce4c394cdf2b45a647dddd99289e2483b6e995ca955621dc55

Request headers

Accept: text/html, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZeUqzfQAtQAHjwqk

Response headers

Date: Mon, 16 Oct 2023 07:08:06 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
298 B 144ms
144ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://freetoolonline.com
Date: Mon, 16 Oct 2023 07:08:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 css
fonts.googleapis.com/ Frame BA24 14 KB
1 KB 57ms
56ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=2501575265&adk=4179162951&adf=1881974171&pi=t.ma~as.2501575265&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084157&bpp=1&bdt=753&idt=242&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQkmBNxBcr&p=https%3A//freetoolonline.com&dtd=260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 07:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 06:49:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 07:08:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BA24 2 KB
892 B 41ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame BA24 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D88E 143 B
166 B 51ms
45ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=2501575265&adk=4179162951&adf=1881974171&pi=t.ma~as.2501575265&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084157&bpp=1&bdt=753&idt=242&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQkmBNxBcr&p=https%3A//freetoolonline.com&dtd=260
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 06:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BA24 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BA24 20 KB
8 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA24 187 KB
59 KB 372ms
264ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:05 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame BA24 35 KB
15 KB 146ms
38ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
DATA 200
OK truncated
/ Frame BA24 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BA24 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 683493dcdd0194abf799f763db618f5390576b68374e5b5e4c40f4de7dbdbde4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D88E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

75ms
71ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:05 GMT
expires: Mon, 16 Oct 2023 07:08:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-050LTR8TST&gtm=45je3ab0&_p=1701633643&cid=1723943846.1697440084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697440083&sct=1&seg=0&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
80ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1456142926698147&bg=!mpmlmdbNAAbFpEfJ5aQ7ADQBe5WfOBQd3sRASEHLC4j_j6g0IhO7FLc0KUlswHFMZk4ca67Hktl0ErUpUpHklcp5-gOjAgAAAJJSAAAAQmgBBwoANThxBsKLllkmxglto2RGAu4373gn8jEomqyL7fREwc8kw8vQHrCMgXFjZSuzpMtbviMMECNbmQL4nXZFUwlAZipyDpG_qB04Vsui4bK1C4vC8t35VlMlrFEQlQHpEY6SywyfWP8pcJaup0NtiUalO2K_ApgWnVipLj-rS4PJ6e6pRdPGbKKr5ZXwA82dYD2hNpltW0CnC0YiLqxi2T-xGKUCDn9kJ5Cy9y5YuY9YxQsF3sVqbiwTsK5ww75m8cPHr8uwkL67WOURImtxXSjXA9SwGkzrldcfnvQU14qSZxJdc8K0opa02X7K5a2XZz3RdPs5sJejyGHo5QBhtKENlKNAqBrt9qomRf2qWvNGSpKYZ0NMufr0kDjQVGgM5u9LgBpLB57GqERhdJJeYyEN_CHaERnE3rIqvoxWtcknTIqcUOmSafmFrS0jqPxW-KBw4NAUm2bSMhi9_A_2BUwUP9dq9Z4EEjJVtwjrOPLinctqWw5xIfm6TJQZ6lX06UuUz2XIM_mckXfqHFqeFxxQWypKK107stcMfw950GDQD_Z5hCW3ws2gnOpCWoAjGtJl8mwvk0VDb_BM5h4o0cbFRgvqBW9QR-o2RfPqVU82-fjNFA6pXG_lLeig7zODoXTRNXS0M5ouLnaOX0rc_NLzzD4bUNolNCroih8fgbBGdutvVuBO2fX735ddsJgD9XrS9DXCLmdTcNjqTRE1fIfo6yZWUlxyQil02GHIUT29kxCZ563FJFFgHAC8kkjTNNYWcgcHkCFWRSFU_S__73OjkYjiBykzJgUnADGbW49k_UkIbqqD1IDmqBLltOE846RwNlqD_Fcdsog9TC-Trxu6ehqr7LywMqpalJ1NvC8h13TjcQ6Otw20j3WUnNwPdNMntk-VTq5w5g02tnTQc0wVb8TjQjVUyVDrKMW6u3RUGAs287PagGLjcUr6At9YT8PT--bTNTTUDQZbjQ31u0sE7pNF3dU3zU8g8EJPWaSMBMZgqQFJf2zenIp0Mb3ASZe3sz-NcugO4uDv1b5sINq7qS8_sZquuSovwXNfx_fLGZkQPHeezSCznfPPmwAA2febtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 1AE2 196 KB
56 KB 170ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=6433735850&adk=2389920682&adf=80405017&pi=t.ma~as.6433735850&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084152&bpp=4&bdt=748&idt=211&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=1452915370496&frm=20&pv=2&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KeuBHrsNsd&p=https%3A//freetoolonline.com&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 482058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1AE2 15 KB
5 KB 250ms
117ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 482058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1AE2 94 KB
28 KB 228ms
118ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 482058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1AE2 72 KB
16 KB 273ms
167ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52a7bf52c50c5183059a1f32d6ba7622d63d35c6bc90610ae167264e90530373

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:49 GMT
age: 482056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16690
x-xss-protection: 0
server: sffe
etag: "a6bf99448ef6d48e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:49 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1AE2 5 KB
2 KB 271ms
166ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 482058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1AE2 40 KB
13 KB 268ms
163ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 482058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1AE2 2 KB
2 KB 51ms
49ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 00:18:28 GMT
x-content-type-options: nosniff
server: cafe
age: 24577
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 17 Oct 2023 00:18:28 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1AE2 295 B
319 B 49ms
47ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 56806
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 16 Oct 2023 15:21:19 GMT

GET
H3 200 df24af316e66927289a15ccab920f831.jpg
tpc.googlesyndication.com/sadbundle/17179558352072673561/media/ Frame 1AE2 36 KB
36 KB 81ms
69ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17179558352072673561/media/df24af316e66927289a15ccab920f831.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2c1c84a704067a7f7344f242eae52fe73c52906fe577a1d624d297439c5078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 20:44:49 GMT
x-content-type-options: nosniff
age: 210196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36397
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 08:02:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Oct 2024 20:44:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5D44 14 KB
1 KB 66ms
61ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=90&slotname=8788466333&adk=2596948215&adf=673552559&pi=t.ma~as.8788466333&w=728&lmt=1697432884&rafmt=12&format=728x90&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084158&bpp=1&bdt=753&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VeD2ps1wvp&p=https%3A//freetoolonline.com&dtd=291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 07:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 07:03:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 07:08:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5D44 2 KB
892 B 49ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5D44 23 KB
9 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5D44 3 KB
1 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5D44 20 KB
8 KB 63ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D44 187 KB
59 KB 72ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:05 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 5D44 35 KB
15 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
DATA 200
OK truncated
/ Frame 1AE2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f56f5fc7d49b28f45fce9867dda213c4277f0147f956a543848fd5bef5f4c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 user_uploaded_nimbus_sans_d_ot_extended_700_normal.ttf
tpc.googlesyndication.com/sadbundle/17179558352072673561/fonts/ Frame 1AE2 26 KB
21 KB 126ms
37ms Font
font/ttf 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/17179558352072673561/fonts/user_uploaded_nimbus_sans_d_ot_extended_700_normal.ttf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19f05b69bb20754abe63e51bbdf5e3f6de9261fa0dd361689ae3a93b9149d051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 08:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21278
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 08:02:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Oct 2024 08:39:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5A46 143 B
166 B 109ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=90&slotname=8788466333&adk=2596948215&adf=673552559&pi=t.ma~as.8788466333&w=728&lmt=1697432884&rafmt=12&format=728x90&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084158&bpp=1&bdt=753&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VeD2ps1wvp&p=https%3A//freetoolonline.com&dtd=291
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 06:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18436248163444061706/ Frame 5D44 2 KB
2 KB 118ms
71ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18436248163444061706/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b61a975a191484f4e516677b6af322da437bbb71a15d7e46a4c650429af983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 06:00:37 GMT
x-content-type-options: nosniff
age: 4048
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2423
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 11:30:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Oct 2024 06:00:37 GMT

GET
DATA 200
OK truncated
/ Frame 5D44 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BA24 33 KB
33 KB 82ms
42ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 180245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 05:04:01 GMT

GET
DATA 200
OK truncated
/ Frame 5D44 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506af607bdc2dbbe9354c03faf269761e2100d58f46d84a4d4ab58507cc9eb29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA24 0
23 B 139ms
95ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cawb5VOEsZe2jHIO76gTS35qQA5Hhrc1z7dS5ppUR2tkeEAEg_Nf_SWCV4pCCoAegAfHy_s8DyAEBqAMByAPLBKoE3AFP0IwQvHj0ykoWNCGD64RiZn1vk7dj67NBHkLgqqOW51y_Ptb_KXKYShhqin9ni7e2KyMt0CIJ2lss5bwfe7F02jgRMclsS6pXn-4Fcb5Ym08_E1zEbc20xi81dzEsZFVMKKWBcgxA6k-zvK9EOm-37t67VaWYgapv_rc4Mmzl9q4M6lbHpS8AaMHCx0xfy3Th0-dX7f71q_f0a7U9DIisa7uMWtl8298oSmravVdN5k4srEiinsR22iGwjhlzXTKSsVuTmElxZtA6k8SBhtebJFa9gI_clHR3AZrMwATP-Z3cqQSIBeWslb0-kgUECAQYAZIFBAgFGASAB_eMgTCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDFrgrSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTIzMTc0NjAyODA1NTc3NjAYAA&sigh=ukuFWcN7RSM&uach_m=[UACH]&cid=CAQSTADICaaNUXHVhr8gi17DijJmrfMrIV0ctMkfGO-49lzS6DN_7hZAPVzueKbZjeGAB85hHk6HhafDpYy5pqYH60kEZTptdpqkw_wEc6IYAQ&template_id=5020&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=2501575265&adk=4179162951&adf=1881974171&pi=t.ma~as.2501575265&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084157&bpp=1&bdt=753&idt=242&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1452915370496&frm=20&pv=1&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQkmBNxBcr&p=https%3A//freetoolonline.com&dtd=260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 07:08:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 07:08:06 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012309290141000/ 23 KB
8 KB 92ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a400714e675471a58b003974803bf20a5acf16d0ed7913f0a9161968b51a2aaa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:56 GMT
age: 482050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7820
x-xss-protection: 0
server: sffe
etag: "87a2fcfc483e3a48"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:56 GMT

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 11CA 38 KB
14 KB 53ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

POST
H/1.1 200 heath-check Show response
worker.us-east-1a.freetool.online/ 1 KB
2 KB 113ms
111ms XHR
application/json 52.206.154.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.us-east-1a.freetool.online/heath-check?id=ab103-nboEAAaamAoAr
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/lib/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.206.154.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-154-146.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0204806c9869ca6781e45e78ab98e3d7c37d0e9c53b42227144faeb37ae137f9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 16 Oct 2023 07:08:07 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://freetoolonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
50ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1701633643&t=event&_s=2&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&ul=en-us&de=UTF-8&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=WS&ea=Check%20upload%20speed(MBps)%3D0.85&el=heic-to-jpg&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1723943846.1697440084&tid=UA-98483938-2&_gid=912607463.1697440084&z=1102271916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 09:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78327
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200 heath-check
worker.us-east-1a.freetool.online/ Frame 0
0 651ms
125ms Preflight 52.206.154.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.us-east-1a.freetool.online/heath-check?id=ab103-nboEAAaamAoAr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.206.154.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-154-146.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freetoolonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://freetoolonline.com
Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Mon, 16 Oct 2023 07:08:06 GMT
Server: nginx

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5D44 33 KB
33 KB 48ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 180245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 05:04:01 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 29ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-050LTR8TST&gtm=45je3ab0&_p=1701633643&cid=1723943846.1697440084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1697440083&sct=1&seg=0&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5A46
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
51ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:07 GMT
expires: Mon, 16 Oct 2023 07:08:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 07:08:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 49ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-050LTR8TST&gtm=45je3ab0&_p=1701633643&cid=1723943846.1697440084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&_s=4&sid=1697440083&sct=1&seg=0&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&en=Check%20upload%20speed(MBps)%3D0.85&ep.event_category=WS&ep.event_label=heic-to-jpg&_et=84
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1AE2 0
19 B 88ms
83ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_ZnqVOEsZdKmGoiw6wSZw4LYCZ7rl6tz08GB89kRZBABIPzX_0lgleKQgqAHoAHawpmHA8gBCagDAcgDCKoE4wFP0LH1W98tICvKkUXhc3q5_xc6a1z9iYIMw6oyG9VvM7AKyHeJMJZV5l8MIDei98mWiQsWzTPVS2-Um1T9j9sima8KSWI4uEF5Zsg3UwjgrMiU_VD7CTdS-o6neQD2x9jFsLVv3C9C1Zz_r6TXXsxwg23q3l8r4adc_gRKgnr5ZxLjD_NiIdmTy2HBU0jC1lHRmNP1Sw4tBJod3NeLhKZWeXlFnaY2UVTAG6cQeDH-Q52eDlNZpKq051qKFI17McD50EUHq8WdqsmEGjiNT5-UjpFITIxA2E2B_lO6fOE6rJbGYMAEp6Po2Y0DiAXImL2jKJIFBAgEGAGSBQQIBRgEoAYugAeOveZ4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzYwK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJjgFodHRwczovL2p1bWVpcmFodmlsbGFnZS5maXZlaG90ZWxzYW5kcmVzb3J0cy5jb20vZml2ZS1qdW1laXJhaC12aWxsYWdlLXN0YXljYXRpb24tb2ZmZXItcGF5LTMtc3RheS00P3V0bV9zb3VyY2U9RGlzcGxheSZ1dG1fY2FtcGFpZ249UGF5M1N0YXk0gAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTIzMTc0NjAyODA1NTc3NjAYAA&sigh=QcHZwlAc4m0&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNdu5CZssf9zpbUL5wnLcsEAMXYpeFPVLOMX9CwcVURTssFBP0RIqIj8RbqLa0VnyhBUenGJ1wIR49vv3NnGjMrS1_c6PWxRgB&template_id=419&cbvp=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2317460280557760&output=html&h=600&slotname=6433735850&adk=2389920682&adf=80405017&pi=t.ma~as.6433735850&w=160&lmt=1697432884&rafmt=12&format=160x600&url=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697440084152&bpp=4&bdt=748&idt=211&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=1452915370496&frm=20&pv=2&ga_vid=1723943846.1697440084&ga_sid=1697440084&ga_hid=1701633643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078658%2C44798934%2C44805098%2C44805534%2C44805681%2C31078301&oid=2&pvsid=1456142926698147&tmod=2112503303&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KeuBHrsNsd&p=https%3A//freetoolonline.com&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 07:08:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5D44
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CXc31VOEsZZuRHoqx6wTpsZr4DfLO46lzreeErZEQ7s2_0sUxEAEg_Nf_SWCV4pCCoAegAe-whdwoyAEBqQLe9ToZ5KGxPqgDAcgDywSqBOABT9ALUfvbUfo2WVMsV8aip4yEjVzJDQT47JI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224017262502314000584%22,%22debug_reporting%22:true,%22destination%22:%22https://misumi-ec.com%22,%22event_report_window%22:...

0
0

156ms
69ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224017262502314000584%22,%22debug_reporting%22:true,%22destination%22:%22https://misumi-ec.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930444399%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211340172228032137185%22}&andc=true

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:08:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4017262502314000584","debug_reporting":true,"destination":"https://misumi-ec.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930444399"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"11340172228032137185"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 07:08:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 07:08:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4017262502314000584","debug_reporting":true,"destination":"https://misumi-ec.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930444399"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"11340172228032137185"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 73B7 38 KB
14 KB 78ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

GET
H2 200 session-controls.js Show response
dkbg1jftzfsd2.cloudfront.net/script/ 2 KB
1 KB 77ms
0ms Script
application/javascript 2600:9000:2251:2200:12:bca1:1580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkbg1jftzfsd2.cloudfront.net/script/session-controls.js
Requested by: Host: dkbg1jftzfsd2.cloudfront.net
URL: https://dkbg1jftzfsd2.cloudfront.net/script/utils.js?v=23.10.14.19.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2200:12:bca1:1580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71b33f02662ff2b503051fffd2748f404568ded3ab39c92b0fcec4651a0efa5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 19:45:02 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Sun, 05 Jul 2020 11:06:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 7039386
etag: W/"356674b84471e58ce26b664051a5a7d5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: MSLbYwTYKU0a06Sg9a0hdFlxUxvjUiWdeKxcD0orOK7JGMDydx_2MA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 95ms
50ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1701633643&t=event&_s=3&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&ul=en-us&de=UTF-8&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=WS&ea=isHeathy%3Dtrue%2C%20prll%3D4%2C%20maxUpl%3D480&el=heic-to-jpg&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1723943846.1697440084&tid=UA-98483938-2&_gid=912607463.1697440084&z=795752039

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 09:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78328
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 58ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-050LTR8TST&gtm=45je3ab0&_p=1701633643&cid=1723943846.1697440084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1697440083&sct=1&seg=0&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&en=ad_impression&ep.query_id=CNKgioqB-oEDFQjYmgodmaEAmw&_et=110
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 217ms
73ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 16 Oct 2023 07:08:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
298 B 95ms
91ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://freetoolonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://freetoolonline.com
Date: Mon, 16 Oct 2023 07:08:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D44 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRdQiMud1t3JGHTN8jsO8Ic1c1Lu1wzP36jcbmDkVMg0mqUlvzhrXd_eQMKlP4dBFxm0oAJrDyreEzRnZi1IowmYnw1u3LVBZOqctvKbIN-LYducmAathuYh35V9xxlj9eVzC6y-0yq2eu&sai=AMfl-YQGDQuHMLA9lx_et4Q4ByXrHjqNp0elQbhnRjVVxTadHtdueFhtC02Ler7dK4vo1uC1p_cL5kDeyIg3TBgMduEsxaPT5y7ZtYPed35ufwuCp5noQy9QgaRg3cRnKWAKvTTEORZ8VrvRz_zQKw&sig=Cg0ArKJSzLGmoxguzuBZEAE&cid=CAQSTADICaaNWQIzqFDrp76WlOEeXL7RJHmBF-M_gVg4m9lwq6wuM-z-sbnKpt3Va7osp1sprXEJXpgBvAZ8TsnRnJbDVFgHAaZx7UEFiQ8YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2596948215&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697440084451&rpt=2612&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 19ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-050LTR8TST&gtm=45je3ab0&_p=1701633643&cid=1723943846.1697440084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&_s=6&sid=1697440083&sct=1&seg=0&dl=https%3A%2F%2Ffreetoolonline.com%2Fheic-to-jpg.html&dt=Convert%20HEIC%20to%20JPG%20-%20Free%20Tool%20Online&en=isHeathy%3Dtrue%2C%20prll%3D4%2C%20maxUpl%3D480&ep.event_category=WS&ep.event_label=heic-to-jpg&_et=635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-050LTR8TST&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freetoolonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:08:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freetoolonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freetoolonline.com/	1970-01-20 15:32:06	Name: _gid Value: GA1.2.912607463.1697440084
.freetoolonline.com/	1970-01-20 15:30:40	Name: _gat Value: 1
.freetoolonline.com/	1970-01-21 01:06:40	Name: _ga Value: GA1.1.1723943846.1697440084
www.clarity.ms/	1970-01-21 00:16:16	Name: CLID Value: 015efa57782c425c9ed89b17de2a508b.20231016.20241015
.freetoolonline.com/	1970-01-21 00:16:16	Name: _clck Value: 50chw7\|2\|ffw\|0\|1384
.bing.com/	1970-01-21 00:52:16	Name: MUID Value: 2F4A5CB42FCE646130444F182E1C656A
.c.bing.com/	1970-01-20 15:40:44	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:52:16	Name: SRM_B Value: 2F4A5CB42FCE646130444F182E1C656A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:52:16	Name: MUID Value: 2F4A5CB42FCE646130444F182E1C656A
.c.clarity.ms/	1970-01-20 15:40:44	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:30:40	Name: ANONCHK Value: 0
.freetoolonline.com/	1970-01-20 15:32:06	Name: _clsk Value: 15h3zbg\|1697440084319\|1\|1\|y.clarity.ms/collect
.freetoolonline.com/	1970-01-21 00:52:16	Name: __gads Value: ID=eae419f1d0ab344c:T=1697440084:RT=1697440084:S=ALNI_Mb3dYcUYX1IqPDYI9RpZnx2KCxm0w
.freetoolonline.com/	1970-01-21 00:52:16	Name: __gpi Value: UID=00000c99f6e68ab1:T=1697440084:RT=1697440084:S=ALNI_MbvZ3_7TNNVrBPGo5AY8YOmF0cPsg
.doubleclick.net/	1970-01-20 15:30:43	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:52:16	Name: IDE Value: AHWqTUknW0onoN02hpxZuEmGiK2fk_pWx0kzkhrqgrqK1fsrU1jCisSsWfqhyiKX6Xk
.freetoolonline.com/	1970-01-21 01:06:40	Name: _ga_050LTR8TST Value: GS1.1.1697440083.1.0.1697440087.0.0.0
.googleadservices.com/	1970-01-20 17:40:16	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.unsplash.com
c.bing.com
c.clarity.ms
cdn.ampproject.org
config.freetool.online
dkbg1jftzfsd2.cloudfront.net
downloader01.us-east-1a.freetool.online
downloader02.us-east-1a.freetool.online
fonts.googleapis.com
fonts.gstatic.com
freetoolonline.com
googleads.g.doubleclick.net
images.unsplash.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
uploader.us-east-1a.freetool.online
worker.us-east-1a.freetool.online
www.clarity.ms
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
y.clarity.ms
104.211.35.148
142.250.186.162
151.101.193.181
18.204.143.103
2001:4860:4802:32::36
2600:9000:223f:8000:d:640e:e940:93a1
2600:9000:2251:2200:12:bca1:1580:21
2600:9000:2490:1400:1d:3318:1dc0:93a1
2600:9000:2490:9e00:1d:3318:1dc0:93a1
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a04:4e42:8e::720
3.83.180.156
52.206.154.146
52.7.236.171
68.219.88.97
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
0204806c9869ca6781e45e78ab98e3d7c37d0e9c53b42227144faeb37ae137f9
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
07c46921175e3153d023f31b016ba95ff174a324074dd14cc5cbe869113bd363
0c477554edcac016cd96d296e222a73e4e55bd1847cc834de04538b80e6ae02f
0d28a4f1da81575d82e00fdde06a07c7edfa9c9139fe35e7c4ac3a66136c4e3c
0d827163bfff3281af45908a40a231eed1805ed64aa61dbe55e0738df1f79de6
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0ec8df56f6e2c406a8afc7e7e53a46f39ac3e8ca3e6b82768b517e35e41aa14d
0fc999280ee104d13f2dd631522d06ad68ea15c109394cd6ff58e48b34489e30
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18365b5090a7bd32c1e719c5faca1a6dc5dcff3815a294f29ab5d0ea21f638c5
19f05b69bb20754abe63e51bbdf5e3f6de9261fa0dd361689ae3a93b9149d051
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ef906f48c786691fdaff6ec2016dfe3119ad35e89137504ed987e7adfa36b70
22b4c6af7f23851ad2c161b478866318fa3d592096ccf4e3e8d99cab2afc562e
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b2c1c84a704067a7f7344f242eae52fe73c52906fe577a1d624d297439c5078
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3215436fec80a2ce4c394cdf2b45a647dddd99289e2483b6e995ca955621dc55
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f56f5fc7d49b28f45fce9867dda213c4277f0147f956a543848fd5bef5f4c2b
45b52685217c7807b43282d2137078038a655ee4d70e65dc7f793fb17837e9c8
47a9f4f3c2dfd6801e36f792e703faf7f08211aae38fc30cb68ce346f25cfdae
4882aa362def9c5947aeff053dacea8526fba9077be9e657333b4e213da89935
4d827882a5dda7aee1425e2c78e18840cdd92a0aab9eed7148952d693ca7b263
4ec272d2d44f2c211e6b75b0127e69358598d15d556b74aafcd2bae6d5e25df6
4ee6451aadfbc2a3759d5f90219e2797ae09bd5ced41de58fbdd2ec40f2a1052
4ff80d220a1ecaf0fdac4b7a5123a1c83ecaff9c54a7d6cb6dfee1f616a18fbf
506af607bdc2dbbe9354c03faf269761e2100d58f46d84a4d4ab58507cc9eb29
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
52a7bf52c50c5183059a1f32d6ba7622d63d35c6bc90610ae167264e90530373
52d0760190ab2602c33806574b752dae8646440d87c3a9d90c374328cc7baa1d
535ca8edc2a5874748ddba5693de182f5d5ed1a27833060d45d81b0129bb56e4
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ba293a1b437f8fadb779e0be5a9d959cefe0da0ffa43a69c9a1092e1ae362f9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
683493dcdd0194abf799f763db618f5390576b68374e5b5e4c40f4de7dbdbde4
6c7472f9e8f5180bdbe8d77f5745b6a3af347c65bcf4dc6e388f282bc33ecc8f
71b33f02662ff2b503051fffd2748f404568ded3ab39c92b0fcec4651a0efa5a
75dd74d5d466f857117f1dd4166a2f4822542d5997d9c4ed73538176e8a52053
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe81e75c5a6c7c3d2e0b70543aa7446d0b8585adf073ef498183bba733e452e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aba6b4a68c6cb4d4bb32e8ce0db1cb60885575af824c45d49a6854a5f555f39
9412545b596981ce6a63613f6f06dc97d4f62654e8d7fd5aa5b63c62a09b199d
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a400714e675471a58b003974803bf20a5acf16d0ed7913f0a9161968b51a2aaa
a52d5dccf8e8c99c6a2aa5342a46a83c82bd8309f7022919e3be15cfb60cc676
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b9252c46b4e72bb60daa094e9bb18ca4b4c20512fb4a646772306022ff0c07d5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c77b50017559bfb895d06f31c1f45c8df39c323e29fd6ed0df2432ec849b1544
c7b61a975a191484f4e516677b6af322da437bbb71a15d7e46a4c650429af983
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
d1b4c0ae91bbfcd1b3e86ae0f319670b4519240d10f9145eb9d33d6e0015faa1
d6008fac0f60133a3e7d1ed0a33109f603ab41023ddd76579a489074cc93e5de
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e12da558b470389f6cc056b09ff37f98fd5eae7dc32c0794b23de86027737675
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e749f4bfabded13027b121ebd4b1c786284425774d82ee6ca3c0021fc18ea661
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
feb4a130ba142e40bdf9002f0b5404cd7285601d7d6043c56e88a39ff4858148

freetoolonline.com Open in urlscan Pro 2600:9000:2490:9e00:1d:3318:1dc0:93a1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

98 %HTTPS

71 %IPv6

16 Domains

27 Subdomains

27 IPs

3 Countries

1804 kBTransfer

4034 kBSize

19 Cookies

9 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freetoolonline.com Open in urlscan Pro
2600:9000:2490:9e00:1d:3318:1dc0:93a1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

98 %
HTTPS

71 %
IPv6

16
Domains

27
Subdomains

27
IPs

3
Countries

1804 kB
Transfer

4034 kB
Size

19
Cookies

111 HTTP transactions
6 data transactions