heic-converter.com Open in urlscan Pro
108.61.195.191  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response heic-converter.com/	5 KB 2 KB	481ms 154ms	Document text/html	108.61.195.191 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://heic-converter.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 108.61.195.191 Kent, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.195.191.vultrusercontent.com Software nginx / Resource Hash 9905bb7f18738cb4dd4b945c8530f9182fa481f87e70c5536fcc635559f3efb0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 01 Mar 2024 22:04:00 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	script.js Show response cdn.counter.dev/	726 B 1 KB	103ms 23ms	Script application/javascript	2606:4700:3030::ac43:888b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.counter.dev/script.js Requested by Host: heic-converter.com URL: https://heic-converter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c38a24d67bee37a216b42687de11f5f77a2d16b81171a654823ea926331e280 Request headers accept-language de-DE,de;q=0.9 Referer https://heic-converter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-fastly-request-id 24598d256417a40a187632ec520b6767a68c896e date Fri, 01 Mar 2024 22:04:01 GMT via 1.1 varnish content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 9 cf-polished origSize=1146 x-cache HIT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230044-FRA x-cache-hits 1 cf-bgj minify last-modified Fri, 23 Feb 2024 14:32:32 GMT x-github-request-id AF22:1307D:17E78E3:1857A10:65D8AC91 x-timer S1708698770.384923,VS0,VE2 server cloudflare etag W/"65d8ac80-47a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w41A6Bzrm8G6FI2cDRRzLL%2FlgF6b0HLDTwIrnjPsGU4J8KI84risiyZBMXesapzrFT0mFs763N8vjq0zmsGW8rwyBShNgAvZR7TkuMoT8q0WXL%2F%2FizNdlBRUfI2fzJg0AxJ627oHtjxl9upYi24%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=1800 x-origin-cache HIT cf-ray 85dc70baee010209-CDG expires Tue, 27 Feb 2024 04:20:01 GMT
GET H2	200	dropzone.min.js Show response heic-converter.com/js/	47 KB 13 KB	307ms 307ms	Script application/javascript	108.61.195.191 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://heic-converter.com/js/dropzone.min.js Requested by Host: heic-converter.com URL: https://heic-converter.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 108.61.195.191 Kent, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.195.191.vultrusercontent.com Software nginx / Resource Hash 386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://heic-converter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Fri, 01 Mar 2024 22:04:01 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 01 Jul 2020 01:32:32 GMT server nginx etag W/"5efbe7b0-bc15" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=14400 expires Sat, 02 Mar 2024 02:04:01 GMT
POST H2	204	trackpage t.counter.dev/	0 266 B	58ms 41ms	Ping text/plain	2606:4700:3030::ac43:888b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.counter.dev/trackpage Requested by Host: cdn.counter.dev URL: https://cdn.counter.dev/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://heic-converter.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Fri, 01 Mar 2024 22:04:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RdC7%2BuVPdZdBNEPUaaUDwYSCtt6MJIGorxkLAQk%2BQP%2FhhQkBvoedFt7JgfnQ%2BG3j%2FzSsj4%2Fl42QmLAe8kISNwYhw2nsC73OztJXwYki7dLuJB3xl8lgRyB6dVQk7Yw7hCdc5hmjwvlmDs4y"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 85dc70bb2e560209-CDG alt-svc h3=":443"; ma=86400
GET H2	200	5386079 Show response tauvoojo.net/400/	81 KB 32 KB	73ms 28ms	Script application/javascript	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://tauvoojo.net/400/5386079 Requested by Host: heic-converter.com URL: https://heic-converter.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9246f961713c6c5ac74b6488a923fb6afc9c8b579970cf43d15088af94533183 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://heic-converter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Fri, 01 Mar 2024 22:04:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id c01700a52c32e6874fb3585a175ef433 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 546 B	59ms 14ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: tauvoojo.net URL: https://tauvoojo.net/400/5386079 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a2500e348916ff4f697eb76ce7cdf285e11cbfff66284b7ded3b3401c29ebde0 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://heic-converter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Fri, 01 Mar 2024 22:04:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://heic-converter.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	stattag.js Show response tzegilo.com/	19 KB 8 KB	76ms 24ms	Script application/javascript	2606:4700:3033::6815:bf5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tzegilo.com/stattag.js Requested by Host: tauvoojo.net URL: https://tauvoojo.net/400/5386079 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:bf5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Request headers accept-language de-DE,de;q=0.9 Referer https://heic-converter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Fri, 01 Mar 2024 22:04:01 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Feb 2024 12:51:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5736 etag W/"65c37cc1-4ac0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C81wBnY7RGAE8nwKJFNjmBGuZmqxMI%2FygOMxmj60TGLWN7BkONUtieb5qJxa5nuSVAMcPAoR9WoBsV2td2PzsNyPiVRP537Fxv0G%2FN4G%2FYKRbY2rwXiiAt7znJXELhVr11o1%2Bcky44%2Fc5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85dc70bc5b056f3f-CDG link <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin alt-svc h3=":443"; ma=86400
POST H/1.1	200 OK	add Show response fleraprt.com/log/	12 B 488 B	54ms 14ms	XHR application/json	139.45.195.254 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=cadcd1f7-5657-49e6-aa56-616999c746e9 Requested by Host: tzegilo.com URL: https://tzegilo.com/stattag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed Request headers Referer https://heic-converter.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 01 Mar 2024 22:04:01 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://heic-converter.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 12
GET H2	204	5386079 Show response tauvoojo.net/500/	0 585 B	136ms 136ms	XHR text/plain	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://tauvoojo.net/500/5386079?excludes=&oaid=38c4b93614284d2995ec855add54b00a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fheic-converter.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&js_build=8&sw_version=v1.326.2 Requested by Host: tauvoojo.net URL: https://tauvoojo.net/400/5386079 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://heic-converter.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type application/json Response headers x-trace-id c35ad0a9c5f936257b029d604c7b11e1 pragma no-cache date Fri, 01 Mar 2024 22:04:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin access-control-allow-origin https://heic-converter.com access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	200	5386079 tauvoojo.net/500/	0 0	40ms 13ms	Preflight	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://tauvoojo.net/500/5386079?excludes=&oaid=38c4b93614284d2995ec855add54b00a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fheic-converter.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&js_build=8&sw_version=v1.326.2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://heic-converter.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://heic-converter.com access-control-max-age 600 allow GET, OPTIONS content-length 0 date Fri, 01 Mar 2024 22:04:01 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	track Show response t.counter.dev/	2 B 464 B	80ms 41ms	Fetch text/plain	2606:4700:3030::ac43:888b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.counter.dev/track?referrer=&screen=1600x1200&id=4c6c78ac-73fe-44e1-aed4-b86e804b9579&utcoffset=8 Requested by Host: cdn.counter.dev URL: https://cdn.counter.dev/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:888b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://heic-converter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Fri, 01 Mar 2024 22:04:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHoLNN1yjhdP3pcMwbp56I%2BnGl8m0YCdOAmCIqMsdVRmxTPidglqAzC2%2BcvwY2sLpxOsWDtIcaNpIE41bX11spEBUUhEqH3brBBu9JMgUj1fGy24GGJbvFo4YKjb42ey13nyAmHScfsCaubG"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin * cache-control public, immutable cf-ray 85dc70d76dd16f42-CDG alt-svc h3=":443"; ma=86400 content-length 2 expires Sat, 2 Mar 2024 23:59:59 GMT

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getEl function| showError object| myDropzone object| zfgstorage object| 4zurox884c9 object| zfgformats object| syncCallbacks object| webpushlogs boolean| __lwkemfd9q__ function| _typeof function| _possibleConstructorReturn function| _getPrototypeOf function| _assertThisInitialized function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ object| __ds3dcV__ number| __qwe33wweq__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-21 03:34:26	Name: ID Value: 38c4b93614284d2995ec855add54b00a
			tauvoojo.net/	1970-01-21 03:34:26	Name: OAID Value: 38c4b93614284d2995ec855add54b00a

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://heic-converter.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heic-converter.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heic-converter.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heic-converter.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.counter.dev
fleraprt.com
heic-converter.com
my.rtmark.net
t.counter.dev
tauvoojo.net
tzegilo.com
108.61.195.191
139.45.195.254
139.45.195.8
139.45.197.239
2606:4700:3030::ac43:888b
2606:4700:3033::6815:bf5
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7c38a24d67bee37a216b42687de11f5f77a2d16b81171a654823ea926331e280
9246f961713c6c5ac74b6488a923fb6afc9c8b579970cf43d15088af94533183
9905bb7f18738cb4dd4b945c8530f9182fa481f87e70c5536fcc635559f3efb0
a2500e348916ff4f697eb76ce7cdf285e11cbfff66284b7ded3b3401c29ebde0
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855