www.easeus.com Open in urlscan Pro
2606:4700::6812:1247  Public Scan

53 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://freelancehub.online/ HTTP 302
   https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 85

• https://gum.criteo.com/sid/json?origin=onetag&domain=easeus.com&sn=ChromeSyncframe&so=0&topUrl=www.easeus.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=lspernxkNCtlNkE1WVlMRHRsazRYdEZHWERCMlNwUnA4Tis3bmZtQnRpM3BRQW9ZaGIwQ0crQkZnRGV3eXlVL1dzdWEzTmF5Rzd6MEN3alhybG5PR0lMNUNSN205R3NCYUJ1aXU5bTZmYUJveE1ML3lCc1NQY0dwRUhFbCtSdGYvazgxdEZYRkZrMTEzYlZ4eTE5a0JWSTBjeE41NzJkS2pXVFZQeXF2M1g1eGowaTllRU5CNDhmT2FGS1A4V24vVi9tcmRRb2RCMmJROFRWNnlqWnZ4dGgzV3RCc1BraHhPdkdDNlJGUml3K2l5Qk52VGFLTENZclhGVGZSeklRc3JmVUdxaEp4ZFlnUVhKbnlLMHI5UFppZVhSdz09fA&cppv=2

Request Chain 86

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10033.Psd47oNNtA7nWeQ97GGRax181x4sNv6pgDtOtqo5Em11KLAt5ugPVogUYHWCoZEc.-exRisUazSzJqKrJkqBN9kVWEDU%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10033.qwrEFONGCHHl9MBugzb_sdqeGmT_bgdJFaE9-UwR7oauNxGczw4ZywsICsv0X08O50N0hak7UbM0uUeJgCdTS4iH6TJUVUL15ChTfPrZg7Y%2C.KwnXdo7EvekWjWtgWqPCuCCdq_Y%2C

Request Chain 88

• https://sslwidget.criteo.com/event?a=104435&v=5.16.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=wvQSEl9uckhGWVNwM3hlNyUyRnhTbm9FeW1JbmxScTJOJTJCN1diS1gyVmJHVkowTTRPVWtXdkk5aFA3aUdjYUo3TXhHMCUyQmw0UEZDY041NnNleSUyQiUyQnIzbENWVVlKbGZvcUtHbmtGMiUyQlJ3UXdOUnF4NnJrWEFGZmVOcG4lMkIxbmpJV29LTllyUzhEZDNtY1NKU2tPMGw1N0RxMVglMkZVNnNBJTNEJTNE&tld=easeus.com&dy=1&fu=https%253A%252F%252Fwww.easeus.com%252Ffile-recovery%252Frecover-lost-word-documents-in-windows-10.html&ceid=2a031188-04f3-4af0-a241-a76a8a1d6952&dtycbr=15690 HTTP 302
• https://widget.us.criteo.com/event?a=104435&v=5.16.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=wvQSEl9uckhGWVNwM3hlNyUyRnhTbm9FeW1JbmxScTJOJTJCN1diS1gyVmJHVkowTTRPVWtXdkk5aFA3aUdjYUo3TXhHMCUyQmw0UEZDY041NnNleSUyQiUyQnIzbENWVVlKbGZvcUtHbmtGMiUyQlJ3UXdOUnF4NnJrWEFGZmVOcG4lMkIxbmpJV29LTllyUzhEZDNtY1NKU2tPMGw1N0RxMVglMkZVNnNBJTNEJTNE&tld=easeus.com&dy=1&fu=https%253A%252F%252Fwww.easeus.com%252Ffile-recovery%252Frecover-lost-word-documents-in-windows-10.html&ceid=2a031188-04f3-4af0-a241-a76a8a1d6952&dtycbr=15690

Request Chain 89

• https://mc.yandex.com/watch/92962198?wmode=7&page-url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A5318%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1307658774601%3Ahid%3A381645708%3Az%3A0%3Ai%3A20230613090755%3Aet%3A1686647276%3Ac%3A1%3Arn%3A956355467%3Arqn%3A1%3Au%3A1686647276503610946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1049%2C85%2C185%2C30%2C3796%2C0%2C%2C151%2C1%2C5431%2C5431%2C1%2C5392%3Aco%3A0%3Acpf%3A1%3Ans%3A1686647266748%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686647276%3At%3A5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.com/watch/92962198/1?wmode=7&page-url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A5318%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1307658774601%3Ahid%3A381645708%3Az%3A0%3Ai%3A20230613090755%3Aet%3A1686647276%3Ac%3A1%3Arn%3A956355467%3Arqn%3A1%3Au%3A1686647276503610946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1049%2C85%2C185%2C30%2C3796%2C0%2C%2C151%2C1%2C5431%2C5431%2C1%2C5392%3Aco%3A0%3Acpf%3A1%3Ans%3A1686647266748%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686647276%3At%3A5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 92

• https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10033.W4N4djz7srqOeZueILC4_rTWNOP3hjXVj1sc6UhjJkstCvsSYRYzzkPpYD0QaRqO.3VOqSunWgrWfyncKp_FquXyHV8c%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10033.qpC0oEYGkGj0MxMeAOe1aEpPZ3dvoSfB4FFstJY0SSS9xml3Iol22pRCXIjuRC2DicVtxhNVlaCb6gAOhein5wnZxUovxZTfLjmn8GiPcGw%2C.1nvoIlLYEzUTWyrG88S9bimUVZ8%2C

Request Chain 93

• https://x.bidswitch.net/sync?dsp_id=46&user_id=k-PYt732dJ8g3EJQlO0FwlVyTy_qR8FSEIEGbnZw&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PYt732dJ8g3EJQlO0FwlVyTy_qR8FSEIEGbnZw&expires=30

Request Chain 94

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vbB4LWdJ8g3EJQlO0FwlVyTy_qTxLbf6153-bQ&google_cm&google_hm=ay12YkI0TFdkSjhnM0VKUWxPMEZ3bFZ5VHlfcVR4TGJmNjE1My1iUQ HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vbB4LWdJ8g3EJQlO0FwlVyTy_qTxLbf6153-bQ&google_gid=CAESEOtBE7jfILniV-S0NUnSj3U&google_cver=1&google_ula=913071,0

Request Chain 95

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2787661633488733552

Request Chain 96

• https://secure.adnxs.com/setuid?entity=52&code=k-7kM4kmdJ8g3EJQlO0FwlVyTy_qRdiXJAJBgi7Q HTTP 307
• https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7kM4kmdJ8g3EJQlO0FwlVyTy_qRdiXJAJBgi7Q

Request Chain 104

• https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ZJASJmdJ8g3EJQlO0FwlVyTy_qT9TPfvYAmTLA HTTP 302
• https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ZJASJmdJ8g3EJQlO0FwlVyTy_qT9TPfvYAmTLA&verify=true

Request Chain 107

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cg-NGWdJ8g3EJQlO0FwlVyTy_qQ6QpIVIVej9Q HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cg-NGWdJ8g3EJQlO0FwlVyTy_qQ6QpIVIVej9Q&C=1

Request Chain 108

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=awLHr_bBgXC4Ip-v8i3nNo5sIHPOdHCX HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=awLHr_bBgXC4Ip-v8i3nNo5sIHPOdHCX

Request Chain 110

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-G5uS6mdJ8g3EJQlO0FwlVyTy_qQYz2AxWTDZ1g HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-G5uS6mdJ8g3EJQlO0FwlVyTy_qQYz2AxWTDZ1g

Request Chain 119

• https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=O1S1tcXttZd93GD4rMG0Yz1y-myvMR5d

Request Chain 120

• https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
• https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=WgDXDpXbzz_63CWvCTIwW7CRjAL2UWg6

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request recover-lost-word-documents-in-windows-10.html Show response www.easeus.com/file-recovery/ Redirect Chain https://freelancehub.online/ https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html	80 KB 16 KB	1320ms 185ms	Document text/html	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54383378d142e4699aaa9fde827610e2546f61dc61bc145afd27bc4e8cd78190 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=2592000 cf-cache-status DYNAMIC cf-ray 7d692f881f279225-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 13 Jun 2023 09:07:51 GMT expires Thu, 13 Jul 2023 09:07:51 GMT server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-cache, no-store, must-revalidate, max-age=0 post-check=0,pre-check=0 content-encoding br content-length 55 content-security-policy object-src 'none' content-type text/html; charset=UTF-8 date Tue, 13 Jun 2023 09:07:50 GMT expires Sat, 26 Jul 2012 05:00:00 GMT location https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html platform hostinger pragma no-cache strict-transport-security max-age=15768000;includeSubdomains vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control on x-litespeed-cache-control no-cache x-litespeed-tag 661_HTTP.200 x-xss-protection 1; mode=block
GET H2	200	base.css www.easeus.com/default2/css/	98 KB 18 KB	94ms 94ms	Stylesheet text/css	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default2/css/base.css Requested by Host: www.easeus.com URL: https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b1bdd7f31d06689a81beee83981b10ccbce866d675c203e9415350bf01369df Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:51 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 12 Jun 2023 02:52:54 GMT server cloudflare age 346 cf-polished origSize=101347 etag W/"18be3-5fde5d0b90e78-gzip" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 7d692f8948949225-FRA expires Thu, 13 Jul 2023 09:07:51 GMT
GET H2	200	article.css www.easeus.com/default2/2019/css/article/	218 KB 33 KB	55ms 55ms	Stylesheet text/css	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default2/2019/css/article/article.css Requested by Host: www.easeus.com URL: https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f92d84cb60d0b9ce5daf43dee41507b2443877e94ef76212286921ffb5ecf16 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:51 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 23 May 2023 07:14:46 GMT server cloudflare age 308 cf-polished origSize=224902 etag W/"36e86-5fc57246163b5-gzip" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 7d692f8948959225-FRA expires Thu, 13 Jul 2023 09:07:51 GMT
GET H2	200	jquery.js Show response www.easeus.com/default/js/	94 KB 34 KB	68ms 67ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/jquery.js Requested by Host: www.easeus.com URL: https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1492d0bb67b07f042f35595a70369db5bd89e02cca12de3140b2519a381aba69 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:51 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 21 Apr 2023 09:48:02 GMT server cloudflare age 340 cf-polished origSize=95954 etag W/"176d2-5f9d58d9a1080-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8948979225-FRA expires Thu, 13 Jul 2023 09:07:51 GMT
GET H2	200	rocket-loader.min.js Show response www.easeus.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	42ms 41ms	Script application/javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: www.easeus.com URL: https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:51 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 06 Jun 2023 11:54:19 GMT server cloudflare etag W/"647f1e6b-302c" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 7d692f89f91e9225-FRA expires Thu, 15 Jun 2023 09:07:51 GMT
GET H2	200	v52afc6f149f6479b8c77fa569edb01181681764108816 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	157ms 72ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 Requested by Host: www.easeus.com URL: https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b Request headers Referer https://www.easeus.com/ Origin https://www.easeus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding gzip last-modified Mon, 17 Apr 2023 20:41:48 GMT server cloudflare etag W/2023.4.2 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 7d692f8a79122bd5-FRA
GET H2	200	logo.svg www.easeus.com/images_2019/	6 KB 3 KB	57ms 54ms	Image image/svg+xml	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images_2019/logo.svg Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e48432aa344a85ddc1a8b3c8cc2e42136dd1bdd13f64151753c3823d8986820 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/default2/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT last-modified Fri, 24 Feb 2023 05:16:10 GMT server cloudflare age 341 etag W/"16cb-5f56b3a30d467" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=16070400 cf-ray 7d692f8a395b9225-FRA expires Sat, 16 Dec 2023 09:07:52 GMT
GET H2	200	arrow.svg www.easeus.com/images_2019/index/header_2022/	2 KB 1003 B	64ms 62ms	Image image/svg+xml	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images_2019/index/header_2022/arrow.svg Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b8d7e030af444ee5e911458f97ed17834ef043cf5fd61995eb43524e9769caf Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/default2/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 18 May 2023 05:55:26 GMT server cloudflare age 341 etag W/"797-5fbf1737a8e9c" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=16070400 cf-ray 7d692f8a395d9225-FRA expires Sat, 16 Dec 2023 09:07:52 GMT
GET H2	200	header_icon.svg www.easeus.com/images_2019/index/header_2022/	607 KB 182 KB	87ms 85ms	Image image/svg+xml	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images_2019/index/header_2022/header_icon.svg Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a27f577f07003b676d339dd838501ae090ab9ffcc2d33e32c9efd4d6a0cd56a8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/default2/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Jun 2023 02:53:14 GMT server cloudflare age 341 etag W/"97a27-5fde5d1edea1c" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=16070400 cf-ray 7d692f8a395e9225-FRA expires Sat, 16 Dec 2023 09:07:52 GMT
GET H2	200	Lexend-Regular.woff2 www.easeus.com/default/typeface/Lexend/	28 KB 28 KB	62ms 60ms	Font application/octet-stream	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/typeface/Lexend/Lexend-Regular.woff2 Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9504ee9a4ed55aa1d99b295cd7918e28feced25ef7dd97c86930b0668953b0a5 Request headers Referer https://www.easeus.com/default2/css/base.css Origin https://www.easeus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT last-modified Thu, 20 Apr 2023 04:51:53 GMT server cloudflare age 321 etag "6e44-5f9bd4ca95aa2" vary Accept-Encoding cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7d692f8a39609225-FRA content-length 28228 expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	Lexend-SemiBold.woff2 www.easeus.com/default/typeface/Lexend/	29 KB 29 KB	53ms 52ms	Font application/octet-stream	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/typeface/Lexend/Lexend-SemiBold.woff2 Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5dccc4efd8d7d00bfe81f0c4bf16fd883d83f6872a60f68e55409e3f1dc1e88 Request headers Referer https://www.easeus.com/default2/css/base.css Origin https://www.easeus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT last-modified Thu, 20 Apr 2023 04:51:53 GMT server cloudflare age 321 etag "739c-5f9bd4caa1a0b" vary Accept-Encoding cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7d692f8a39639225-FRA content-length 29596 expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	Lexend-Light.woff2 www.easeus.com/default/typeface/Lexend/	28 KB 29 KB	65ms 64ms	Font application/octet-stream	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/typeface/Lexend/Lexend-Light.woff2 Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56472bb280b5341b9c7ca9d3b2df0a24ddb4e0f726f34d02af2643695b0bf8e9 Request headers Referer https://www.easeus.com/default2/css/base.css Origin https://www.easeus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT last-modified Thu, 20 Apr 2023 04:51:53 GMT server cloudflare age 320 etag "71d4-5f9bd4ca2173b" vary Accept-Encoding cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7d692f8a39649225-FRA content-length 29140 expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	other.js Show response www.easeus.com/default/js/	159 KB 29 KB	72ms 71ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/other.js Requested by Host: www.easeus.com URL: https://www.easeus.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f919412d7320832639d97fd6a84c2310399edd125b00f7c8e28b561bad46d6a2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 09 Jun 2023 03:05:37 GMT server cloudflare age 328 etag W/"27d20-5fda9a4aa3d77-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8a79a19225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	globle.js Show response www.easeus.com/default/js/	36 KB 11 KB	71ms 70ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/globle.js Requested by Host: www.easeus.com URL: https://www.easeus.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a67fbd921ed0c9d0c44de6ec95dc6a5fec3294d8dd86ca2beb037366a5bc1edf Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 25 Apr 2023 08:00:16 GMT server cloudflare age 347 etag W/"8ecb-5fa2483948c48-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8a79a39225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	107 KB 42 KB	138ms 49ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7f3c71793900d847768ae24e358b793b8104d2e69a233c9b173a66cca981f3c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 42946 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Jun 2023 09:07:52 GMT
GET H2	200	ad_download.js Show response www.easeus.com/default/js/	30 KB 4 KB	53ms 53ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/ad_download.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f04e085654090babcba60b4ab7d62f271da749034d78d09df50713964e61ee3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 09 Jun 2023 03:05:37 GMT server cloudflare age 362 etag W/"78ea-5fda9a4a83205-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8b9a8b9225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	iconfont.css www.easeus.com/default2/css/	596 B 435 B	55ms 55ms	Stylesheet text/css	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default2/css/iconfont.css Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/other.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 968aad2c0f4d01bd59df8d89e92721512e1cce33140152495332ef86f4cbf4cc Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 18 May 2023 05:55:00 GMT server cloudflare age 349 cf-polished origSize=613 etag W/"265-5fbf171e69308-gzip" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 7d692f8b9a8d9225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	sha1.min.js Show response www.easeus.com/default/js/tool/	1 KB 907 B	52ms 51ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/tool/sha1.min.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24cd8622af6d9b0c4461c3352ed7ba9e769e75ebe12ac4fc9fbddbf6a568bd6b Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT last-modified Fri, 21 Apr 2023 09:48:03 GMT server cloudflare age 349 etag W/"5c7-5f9d58da65145-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8b9a949225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
POST H2	200	collect_info www.easeus.com/info/	0 192 B	379ms 379ms	Ping text/html	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/info/collect_info Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/other.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary8yfOdfG1Dvaj1UUn Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7d692f8baa959225-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	ezgif-4-b3f4b5e02c.png www.easeus.com/images_2019/float_banner/2023/	123 KB 123 KB	53ms 52ms	Image image/png	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images_2019/float_banner/2023/ezgif-4-b3f4b5e02c.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d35267ba8e24f8f225fc309f3c4cc520d54ce769b0dc6497370ba6fd6f7161e6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT cf-bgj imgq:100,h2pri last-modified Fri, 21 Apr 2023 01:54:36 GMT server cloudflare age 349 cf-polished status=format_not_supported etag "1ea6b-5f9cef079479c" vary Accept-Encoding content-type image/png cache-control public, max-age=16070400 accept-ranges bytes cf-ray 7d692f8baa979225-FRA content-length 125547 expires Sat, 16 Dec 2023 09:07:52 GMT
GET H2	200	nav_win11_icon.png www.easeus.com/images_2019/index/	434 B 617 B	52ms 51ms	Image image/webp	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images_2019/index/nav_win11_icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50f70cb1d280c43bec9f932c5fc0a544dccae446fb11a495698380af65e311e8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT age 349 cf-polished origFmt=png, origSize=579 content-disposition inline; filename="nav_win11_icon.webp" content-length 434 cf-bgj imgq:100,h2pri last-modified Thu, 18 May 2023 05:55:25 GMT server cloudflare etag "243-5fbf173631e84" vary Accept content-type image/webp cache-control public, max-age=16070400 accept-ranges bytes cf-ray 7d692f8baa989225-FRA expires Sat, 16 Dec 2023 09:07:52 GMT
GET H2	200	doComment Show response www.easeus.com/ajax/	90 B 194 B	1037ms 1037ms	XHR text/html	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/ajax/doComment?callback=jQuery111304410902526189233_1686647272002&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&web=easeus&_=1686647272003 Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5c4723e13f602cb5ab4e881de7f35afd879a2beeec866fc1bac36759245b61c Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7d692f8baa9a9225-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	firebase.js Show response www.easeus.com/default/webpack/dist/	37 KB 12 KB	58ms 58ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/webpack/dist/firebase.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f1461eaa990fa14a0a2c8eb80dcedd01309adc388170b3950c30d209e7c66b2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 20 Apr 2023 04:51:55 GMT server cloudflare age 349 cf-polished origSize=37516 etag W/"928c-5f9bd4cbbfc3d-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8baa9b9225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	questionnaire.js Show response www.easeus.com/default/js/	10 KB 3 KB	57ms 57ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/questionnaire.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d6b4ffb0724f56b205b14ef240b5a08fb3dd5a8b6f2c3710570a31af7828327 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 21 Apr 2023 09:48:02 GMT server cloudflare age 349 etag W/"28ef-5f9d58d9e0c0d-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8baa9c9225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	grantham.jpg www.easeus.com/images/en/icon/	11 KB 11 KB	64ms 63ms	Image image/jpeg	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images/en/icon/grantham.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9455a20632e2f700cfdca3812bec000997cf5de6d5fab049c97a7c765eb958eb Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT cf-bgj imgq:100,h2pri last-modified Mon, 08 May 2023 07:04:14 GMT server cloudflare age 159 cf-polished origSize=12269 etag "2fed-5fb293f1358c5" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=16070400 accept-ranges bytes cf-ray 7d692f8baaa49225-FRA content-length 11029 expires Sat, 16 Dec 2023 09:07:52 GMT
GET H2	200	jean.jpg www.easeus.com/images/en/icon/	2 KB 2 KB	147ms 147ms	Image image/jpeg	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.easeus.com/images/en/icon/jean.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 479cd8b61b9bc8583da04c3c91dd6a2739ca8210a1659cc584bec0964280e85c Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT cf-bgj imgq:100,h2pri last-modified Tue, 21 Feb 2023 08:20:30 GMT server cloudflare cf-polished status=not_needed etag "6a6-5f53173e3d66d" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=16070400 accept-ranges bytes cf-ray 7d692f8bbaa59225-FRA content-length 1702 expires Sat, 16 Dec 2023 09:07:52 GMT
POST H2	204	rum Show response www.easeus.com/cdn-cgi/	0 181 B	64ms 63ms	XHR text/plain	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 content-type application/json Response headers date Tue, 13 Jun 2023 09:07:52 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.easeus.com x-frame-options DENY access-control-allow-credentials true cf-ray 7d692f8bbaa69225-FRA
GET H2	200	cj.js Show response www.easeus.com/default/js/	689 B 512 B	60ms 60ms	Script application/x-javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/js/cj.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b6c66e5b4ccaf89e6eb471a31ae42c0a722c07f6cf02ca92c2c90f457765a4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 08 Jun 2023 08:55:11 GMT server cloudflare age 362 etag W/"2b1-5fd9a68fd7530-gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=2592000 cf-ray 7d692f8bfae59225-FRA expires Thu, 13 Jul 2023 09:07:52 GMT
POST H/1.1	200 OK	count Show response mail.easeus.com/common-api/share/	41 B 479 B	756ms 258ms	XHR application/json	66.39.137.127 PAIR-NETWORKS
General Check archive.org Show headers Download Go to Full URL https://mail.easeus.com/common-api/share/count Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.39.137.127 , United States, ASN7859 (PAIR-NETWORKS, US), Reverse DNS mail.easeus.com Software Apache / Resource Hash 1947f2ba8602cb5cb9ae6e17a15f2e43047ddfeafaf124edc285d6b4ed486009 Request headers Accept */* Referer https://www.easeus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 13 Jun 2023 09:07:52 GMT Server Apache Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.easeus.com Access-Control-Allow-Credentials true Connection Keep-Alive Keep-Alive timeout=5, max=100 Access-Control-Allow-Headers x-requested-with,content-type,token,menu-code,button-code Content-Length 41
GET H2	200	config.json Show response www.easeus.com/question/	1 KB 1 KB	179ms 178ms	XHR text/plain	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/question/config.json?1686647272310 Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aeccdf548d8ba215432d9ff132da579258b7ddeead03c7eb82f32e716c4f818c Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status DYNAMIC last-modified Tue, 21 Feb 2023 08:21:21 GMT server cloudflare etag "511-5f53176f33494" cache-control max-age=2592000 accept-ranges bytes cf-ray 7d692f8c0afc9225-FRA content-length 1297 expires Thu, 13 Jul 2023 09:07:52 GMT
GET H2	200	iconfont.woff www.easeus.com/default/typeface/icon/	141 KB 141 KB	52ms 52ms	Font application/octet-stream	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/default/typeface/icon/iconfont.woff Requested by Host: www.easeus.com URL: https://www.easeus.com/default2/css/iconfont.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a62d4dc3c3c4dfb9ff1c73d6178955995f00cba5a6da8440e99e3834aa4aa88 Request headers Referer https://www.easeus.com/default2/css/iconfont.css Origin https://www.easeus.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT cf-cache-status HIT last-modified Thu, 20 Apr 2023 04:51:53 GMT server cloudflare age 349 etag "232fc-5f9bd4ca0dad1" vary Accept-Encoding cache-control public, max-age=2678400 accept-ranges bytes cf-ray 7d692f8c0afe9225-FRA content-length 144124 expires Fri, 14 Jul 2023 09:07:52 GMT
GET H2	200	tag.js Show response www.easeus.com/proxydirectory/tags/390467271471/	48 KB 17 KB	69ms 68ms	Script application/javascript	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/proxydirectory/tags/390467271471/tag.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/cj.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d38f37b2a67b82678ce3bde5f47a0d02e0dbc8d563144f68bec79ce5d9daaa3c Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT age 349 x-amz-cf-pop FRA2-C1 cf-polished origSize=49628 x-cache Hit from cloudfront x-request-id 9bec5cc0-09c5-11ee-a6ec-3d292fbffef6 last-modified Tue, 13 Jun 2023 09:01:47 GMT cf-bgj minify server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=691200 cf-ray 7d692f8c5b4e9225-FRA x-amz-cf-id zMPgEDL2izZZyqK31YlnEJBGdU056G2k_rF_CWKp9Bn5ecyLBNX75A== expires Wed, 21 Jun 2023 09:07:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	124 KB 48 KB	58ms 57ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-217061-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ecc2007c8d46b7c331cdfcded013ff0f4df2d48db57b2195c3b3d7c84841e855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 49205 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Jun 2023 09:07:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	196 KB 71 KB	50ms 49ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1064956115&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 683cc9316a208b3429d29fc9f85499fda1ffb3164c77c48b2205af40a1c93323 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 72435 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Jun 2023 09:07:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 76 KB	72ms 71ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11113079898&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f2c6e3b4cfcfecf1cd5652ff31b3d990bd93e6768b1ac1cb91fcf96a158f13ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77333 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Jun 2023 09:07:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	248 KB 85 KB	131ms 130ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9ETQKR539E&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9eb3fc89ac14dce128c094cff706bce98ab7de45d055dbff59713d22a8b42999 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87027 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Jun 2023 09:07:52 GMT
GET H2	200	policy Show response www.sjwoe.com/	47 B 450 B	203ms 43ms	XHR application/json	2600:9000:20c3:1400:7:f1a3:af00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.sjwoe.com/policy Requested by Host: www.easeus.com URL: https://www.easeus.com/proxydirectory/tags/390467271471/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:1400:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 01:15:28 GMT via 1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-C1 age 28344 x-amzn-trace-id Root=1-6487c330-32a1c37851a7372c6fdcd1e9;Sampled=0;lineage=36ff8a84:0 x-amzn-requestid 9ba25cee-2037-4c66-bf73-d561d8021502 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=3600 x-amz-apigw-id GbtvpFPbIAMFQJw= content-length 47 x-amz-cf-id ShWGrN-57bxDk3Cav6VZ_81mDbBInHCBhKUyMvgqS3xBqeqqKVZ2Ig==
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	142ms 49ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-217061-1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 13 Jun 2023 08:35:27 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 1945 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Tue, 13 Jun 2023 10:35:27 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1064956115/	3 KB 2 KB	163ms 54ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064956115/?random=1686647272596&cv=11&fst=1686647272596&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&hn=www.googleadservices.com&frm=0&tiba=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&auid=919718344.1686647273&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1064956115&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5dc3ece6fa2fad1630c0fc6bbaf26ea34c3083230eda2934bd60d8c20111ad30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1385 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11113079898/	3 KB 2 KB	166ms 78ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11113079898/?random=1686647272621&cv=11&fst=1686647272621&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&hn=www.googleadservices.com&frm=0&tiba=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&auid=919718344.1686647273&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11113079898&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7dbbb76ee0dadf1c320ea546cb9685a4d4a73497ea16462ce037bd2056808a85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1384 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 253 B	147ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-9ETQKR539E&gtm=45je36c0&_p=1055348855&cid=605329238.1686647273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&uid=easeus-1686647272200-822227&sid=1686647272&sct=1&seg=0&dl=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&dt=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9ETQKR539E&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.easeus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	pageInfo Show response www.easeus.com/proxydirectory/390467271471/	68 B 393 B	177ms 87ms	Fetch image/png	2606:4700::6812:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.easeus.com/proxydirectory/390467271471/pageInfo Requested by Host: www.easeus.com URL: https://www.easeus.com/proxydirectory/tags/390467271471/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Accept */* Referer https://www.easeus.com/file-recovery/recover-lost-word-documents-in-windows-10.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 13 Jun 2023 09:07:52 GMT via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) cf-cache-status DYNAMIC server cloudflare x-amz-cf-pop FRA2-C1 vary Accept-Encoding x-cache Miss from cloudfront content-type image/png cache-control no-store cf-ray 7d692f8edf4291d8-FRA content-length 68 x-amz-cf-id 3HWbVtz6nv_ouLXwKQq4jH3mCKlAJb4d7GRpqBa4GTLnEBI55PgSYA== x-request-id c713479d-09c9-11ee-8370-2b990b49daf8
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 206 B	48ms 46ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1055348855&t=pageview&_s=1&dl=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&ul=en-us&de=UTF-8&dt=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=957437129&gjid=797716971&cid=605329238.1686647273&tid=UA-217061-1&_gid=1671387896.1686647273&_r=1&gtm=457e36c0&jsscut=1&z=223050138 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.easeus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:52 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.easeus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/1064956115/	42 B 455 B	268ms 51ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1064956115/?random=1686647272596&cv=11&fst=1686646800000&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&frm=0&tiba=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4245610711&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/1064956115/	42 B 108 B	271ms 55ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1064956115/?random=1686647272596&cv=11&fst=1686646800000&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&frm=0&tiba=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4245610711&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11113079898/	42 B 108 B	248ms 55ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11113079898/?random=1686647272621&cv=11&fst=1686646800000&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&frm=0&tiba=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1095600044&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/11113079898/	42 B 455 B	245ms 52ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/11113079898/?random=1686647272621&cv=11&fst=1686646800000&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&frm=0&tiba=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1095600044&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 348 B	239ms 48ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-217061-1&cid=605329238.1686647273&jid=957437129&gjid=797716971&_gid=1671387896.1686647273&_u=YADAAUAAAAAAACAAI~&z=1929501642 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.easeus.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 13 Jun 2023 09:07:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.easeus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	65ms 64ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-217061-1&cid=605329238.1686647273&jid=957437129&_u=YADAAUAAAAAAACAAI~&z=614578416 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	52ms 51ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-217061-1&cid=605329238.1686647273&jid=957437129&_u=YADAAUAAAAAAACAAI~&z=614578416 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	D6KsM7MPO7A Show response www.youtube.com/embed/ Frame EC37	74 KB 31 KB	222ms 134ms	Document text/html	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/D6KsM7MPO7A Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/other.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 102df2abc5640a7aae7804e01db9224dacebc3ed9c903c89946d423bc75ae7d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.easeus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Tue, 13 Jun 2023 09:07:53 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	www-player.css www.youtube.com/s/player/8c7583ff/ Frame EC37	409 KB 48 KB	42ms 40ms	Stylesheet text/css	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8c7583ff/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash adcf7fb00447abb34826c3ca3cf2ad3be4516cfab88ad23b65e35b0c304f9170 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 08:36:30 GMT content-encoding br x-content-type-options nosniff age 1883 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49230 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:05:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 12 Jun 2024 08:36:30 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EC37	15 KB 16 KB	138ms 42ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 23:28:35 GMT x-content-type-options nosniff age 207558 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Jun 2024 23:28:35 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EC37	15 KB 15 KB	145ms 50ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 17:47:45 GMT x-content-type-options nosniff age 228008 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Jun 2024 17:47:45 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/ Frame EC37	307 KB 92 KB	49ms 48ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67dbfdd99ccb28a4a3c9e81045fb6c245cbc3bed2889a754653df96054f9e736 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 08:16:05 GMT content-encoding br x-content-type-options nosniff age 3108 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94356 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:05:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 12 Jun 2024 08:16:05 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/ Frame EC37	2 MB 744 KB	65ms 64ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80efc9f4573b3f2018ea2fb84c9398edfc12aa89aac8550c3d39368a0742c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 12 Jun 2023 10:17:36 GMT content-encoding gzip x-content-type-options nosniff age 82217 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 761147 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:05:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 11 Jun 2024 10:17:36 GMT
GET H2	200	fetch-polyfill.js Show response www.youtube.com/s/player/8c7583ff/fetch-polyfill.vflset/ Frame EC37	9 KB 3 KB	120ms 120ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8c7583ff/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 08:40:04 GMT content-encoding br x-content-type-options nosniff age 1669 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2625 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:05:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 12 Jun 2024 08:40:04 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame EC37 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	50ms 50ms	XHR application/json	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H3 Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 687485f94b8ff6ea351f89bdcd6de0a2a6fec143763ef349643159b138dad7ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:54 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 13 Jun 2023 09:07:54 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame EC37	29 B 494 B	131ms 39ms	Script text/javascript	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 08:57:32 GMT x-content-type-options nosniff age 622 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 13 Jun 2023 09:12:32 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	144ms 51ms	Preflight text/html	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 13 Jun 2023 09:07:54 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC37	69 KB 31 KB	60ms 59ms	XHR application/json+protobuf	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 49235ea0f0b04e9eb94aef52d759b6dc8abad3ba32ec3a8f09a4ff96540eb701 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type application/json+protobuf Response headers date Tue, 13 Jun 2023 09:07:54 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31885 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/ Frame EC37	116 KB 33 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c75a5f88d1f8410c8d505f7fa1c25b7936c0da3d814d4a95eabcacc820c3c4ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 19:27:29 GMT content-encoding br x-content-type-options nosniff age 135625 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33603 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:05:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Mon, 10 Jun 2024 19:27:29 GMT
GET H2	200	BqbBBigLGMI_8n0ENPHl-A4LePB1t5RlUxvFXJxc2c4.js Show response www.google.com/js/th/ Frame EC37	38 KB 15 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/BqbBBigLGMI_8n0ENPHl-A4LePB1t5RlUxvFXJxc2c4.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06a6c106280b18c23ff27d0434f1e5f80e0b78f075b79465531bc55c9c5cd9ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 05:09:08 GMT content-encoding br x-content-type-options nosniff age 532726 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14866 x-xss-protection 0 last-modified Mon, 05 Jun 2023 09:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 06 Jun 2024 05:09:08 GMT
GET H2	200	maxresdefault.webp i.ytimg.com/vi_webp/D6KsM7MPO7A/ Frame EC37	42 KB 42 KB	141ms 51ms	Image image/webp	2a00:1450:4001:828::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/D6KsM7MPO7A/maxresdefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0f277e847d4d178dd5e67a88f7e92411338beb71b9dfdac97b63485fc3e2e77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:54 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42530 x-xss-protection 0 server sffe etag "1624945359" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 13 Jun 2023 11:07:54 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/ Frame EC37	29 KB 8 KB	44ms 40ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 82ad782a1be43b6b4a615ae52fcbefb25630f4a6559afb80e48f7c2f133b2712 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 12 Jun 2023 04:56:55 GMT content-encoding br x-content-type-options nosniff age 101459 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8260 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:05:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 11 Jun 2024 04:56:55 GMT
GET DATA	200 OK	truncated / Frame EC37	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AGIKgqOGSFXVEFUoLtYSeO6gDHZRHZdjmPI7G_SZYxS0=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame EC37	2 KB 2 KB	144ms 43ms	Image image/jpeg	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AGIKgqOGSFXVEFUoLtYSeO6gDHZRHZdjmPI7G_SZYxS0=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 3690a744ceacbb9eb7b228f919ab05bc065fc6c77b4c46703826f0f5b344a2d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 05:10:33 GMT x-content-type-options nosniff age 14241 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2117 x-xss-protection 0 server fife etag "v46" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 14 Jun 2023 05:10:33 GMT
GET H3	204	generate_204 www.youtube.com/ Frame EC37	0 10 B	42ms 41ms	Image text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?IJkbUA Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/D6KsM7MPO7A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/D6KsM7MPO7A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:54 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame EC37	4 KB 2 KB	282ms 50ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 13 Jun 2023 09:07:54 GMT
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC37	90 B 134 B	53ms 52ms	XHR application/json+protobuf	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8492d4eaa562712371e916f60c2b4230e62a511dd2922c1f587bf8b0d90e5511 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type application/json+protobuf Response headers date Tue, 13 Jun 2023 09:07:54 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	48ms 48ms	Preflight text/html	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 13 Jun 2023 09:07:54 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/114/ Frame EC37	51 KB 15 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/114/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 12 Jun 2023 17:01:51 GMT content-encoding gzip x-content-type-options nosniff age 57963 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15225 x-xss-protection 0 last-modified Mon, 17 Apr 2023 15:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Tue, 13 Jun 2023 17:01:51 GMT
GET H2	200	tp.widget.bootstrap.min.js Show response widget.trustpilot.com/bootstrap/v5/	21 KB 7 KB	130ms 40ms	Script application/x-javascript	18.66.192.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-58.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Tue, 13 Jun 2023 06:19:24 GMT via 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 10112 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 6676 x-xss-protection 1; mode=block last-modified Wed, 03 May 2023 13:48:29 GMT server AmazonS3 etag "befec09eb386fc68a0869c8d1b529dd6" content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes x-amz-cf-id dwNWE1MufHSbqw3-Mu1rvW5soLVg6yBoj7FVnZ5N2KC5moihEhsVBA==
GET H2	200	bat.js Show response bat.bing.com/	40 KB 12 KB	154ms 66ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/other.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 13 Jun 2023 09:07:55 GMT last-modified Thu, 11 May 2023 18:08:27 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: BA2239406CE449FA828A3626713F3E3E Ref B: FRA31EDGE0108 Ref C: 2023-06-13T09:07:55Z etag "80df77953384d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12183
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	214 KB 74 KB	318ms 159ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/other.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:55 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Thu, 08 Jun 2023 15:38:48 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6481cbd8-1249b" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 74907 expires Tue, 13 Jun 2023 10:07:55 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	108 KB 28 KB	125ms 40ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/other.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 13 Jun 2023 09:07:55 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27810 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug PenBOKTbXwIgSzltYygJxwPXn/43yY62/wWLmyScuLW5c8k/oDyVANKLExDHWNi96IGFMLZ7dYi4qeOAHn8zOg== x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	45 KB 15 KB	171ms 85ms	Script application/javascript	2a02:2638:3::e ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=104435 Requested by Host: www.easeus.com URL: https://www.easeus.com/default/js/globle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 0aa059f017a18711a469478c308476a8704f1c4a5cf0459b79df1a37ded26ba3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:55 GMT content-encoding br strict-transport-security max-age=31536000; preload; server Kestrel vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public,max-age=10800 cross-origin-resource-policy cross-origin timing-allow-origin *
GET H2	200	index.html Show response widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame BB40	6 KB 2 KB	39ms 39ms	Document text/html	18.66.192.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-58.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.easeus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 12552 cache-control max-age=86400 content-encoding gzip content-length 1930 content-type text/html date Tue, 13 Jun 2023 05:38:44 GMT etag "1b1a56d9c9fcf8acab07f238231461df" last-modified Mon, 08 May 2023 11:42:34 GMT server AmazonS3 strict-transport-security max-age=31536000 via 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront) x-amz-cf-id cjYBXmFfTGTnNc2WwRKK6uG3Inpd23cZ_TGQHgHZkvbLDBC6FuiQ8A== x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	204	25071158.js Show response bat.bing.com/p/action/	0 118 B	66ms 66ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/25071158.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 13 Jun 2023 09:07:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6F5AF37EC40F49D9A33ECAD5BC0154AD Ref B: FRA31EDGE0108 Ref C: 2023-06-13T09:07:55Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 287 B	148ms 148ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=25071158&Ver=2&mid=07c037b0-6ff1-4a3b-8c4e-15b0dbcb61c1&sid=c89d132009c911eea00d538a8a5214da&vid=c89d59e009c911eea2047fea6ecf4fda&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&kw=How%20to%20recover%20unsaved%20Word%20document,%20recover%20unsaved%20word%20document,%20Word%20recover%20unsaved%20document%20&p=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&r=&lt=5432&evt=pageLoad&sv=1&rn=155198 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 13 Jun 2023 09:07:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: FDA7000F2DD44FBB92435EE911EB9E51 Ref B: FRA31EDGE0108 Ref C: 2023-06-13T09:07:55Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	main.js Show response widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame BB40	50 KB 16 KB	45ms 45ms	Script application/x-javascript	18.66.192.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-58.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Tue, 13 Jun 2023 06:19:33 GMT via 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 10103 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 15571 x-xss-protection 1; mode=block last-modified Mon, 08 May 2023 11:42:56 GMT server AmazonS3 etag "f90daf8c8f47c6afab7d4e27466118b5" content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes x-amz-cf-id rsx5RMPxEpyBiHGUAuPe6PZCNJG3izqmk3rDM3Qu8ZT69qxnBznGZg==
GET H2	200	239496765217947 Show response connect.facebook.net/signals/config/	378 KB 108 KB	42ms 41ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/239496765217947?v=2.9.107&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9b0af08a92db70c8fb8ceb750ffa45989b20868398f09b275e1fbb299e8c67a4 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 13 Jun 2023 09:07:55 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110116 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug PB4lcPqDRHI9y0ft/loi17Hqtro8PkQwPvUoS8SIwfGmL6UrV2wqqf7+5YSyU/4PiS98gYjmvSw8RaFQXX0xYQ== x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 72E8	15 KB 6 KB	145ms 53ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=www.easeus.com&origin=onetag Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=104435 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.easeus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 13 Jun 2023 09:07:55 GMT server Kestrel server-processing-duration-in-ticks 326922 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	53aa8807dec7e10d38f59f32 Show response widget.trustpilot.com/trustbox-data/ Frame BB40	877 B 807 B	39ms 39ms	XHR application/json	18.66.192.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=53e320ce0000640005793e9d&locale=en-US Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-58.muc50.r.cloudfront.net Software Kestrel / Resource Hash 255b4ae25ed7c55bafed12e61903470da5f8936c260887cd519f21261ca309fb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Tue, 13 Jun 2023 08:48:16 GMT via 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 1186 x-cache Hit from cloudfront content-length 386 x-xss-protection 1; mode=block server Kestrel etag "12d1f9c7a8b1803704177ee50820f1b6" vary Accept-Encoding content-type application/json; charset=utf-8 cache-control public,max-age=1800 x-amz-cf-id 8ZaqIrIfrdaOofQEt07SRDhQofjoa8-Wuvbq-T-Y-JOOXI2PhuTk5g==
GET H2	204	TrustboxImpression Show response widget.trustpilot.com/stats/ Frame BB40	0 322 B	79ms 79ms	XHR text/plain	18.66.192.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=53e320ce0000640005793e9d&widgetId=53aa8807dec7e10d38f59f32 Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-58.muc50.r.cloudfront.net Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront) server Kestrel x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront cache-control no-store,no-cache x-amz-cf-id XcnVSj8uewTZ1dIjY5xWlVcTWwuHMHgY2N8h7ZiOtb10lMY5qJvaFA== x-xss-protection 1; mode=block
GET H2	200	/ www.facebook.com/tr/	0 185 B	125ms 40ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=239496765217947&ev=PageView&dl=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&rl=&if=false&ts=1686647275562&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.1.1686647275557.1025629406&cs_est=true&it=1686647275414&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 13 Jun 2023 09:07:55 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	sid Show response mug.criteo.com/ Frame 72E8 Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=easeus.com&sn=ChromeSyncframe&so=0&topUrl=www.easeus.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=lspernxkNCtlNkE1WVlMRHRsazRYdEZHWERCMlNwUnA4Tis3bmZtQnRpM3BRQW9ZaGIwQ0crQkZnRGV3eXlVL1dzdWEzTmF5Rzd6MEN3alhybG5PR0lMNUNSN205R3NCYUJ1aXU5bTZmYUJveE1ML3lCc1NQY0dwRUhFbC...	443 B 659 B	123ms 39ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=lspernxkNCtlNkE1WVlMRHRsazRYdEZHWERCMlNwUnA4Tis3bmZtQnRpM3BRQW9ZaGIwQ0crQkZnRGV3eXlVL1dzdWEzTmF5Rzd6MEN3alhybG5PR0lMNUNSN205R3NCYUJ1aXU5bTZmYUJveE1ML3lCc1NQY0dwRUhFbCtSdGYvazgxdEZYRkZrMTEzYlZ4eTE5a0JWSTBjeE41NzJkS2pXVFZQeXF2M1g1eGowaTllRU5CNDhmT2FGS1A4V24vVi9tcmRRb2RCMmJROFRWNnlqWnZ4dGgzV3RCc1BraHhPdkdDNlJGUml3K2l5Qk52VGFLTENZclhGVGZSeklRc3JmVUdxaEp4ZFlnUVhKbnlLMHI5UFppZVhSdz09fA&cppv=2 Protocol H2 Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e58263eb21782ef2547444d1e01f2aebeb1ce0a74b91fb7fab6d5ec8c7d0b2fa Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1147849 expires 0 Redirect headers pragma no-cache date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=lspernxkNCtlNkE1WVlMRHRsazRYdEZHWERCMlNwUnA4Tis3bmZtQnRpM3BRQW9ZaGIwQ0crQkZnRGV3eXlVL1dzdWEzTmF5Rzd6MEN3alhybG5PR0lMNUNSN205R3NCYUJ1aXU5bTZmYUJveE1ML3lCc1NQY0dwRUhFbCtSdGYvazgxdEZYRkZrMTEzYlZ4eTE5a0JWSTBjeE41NzJkS2pXVFZQeXF2M1g1eGowaTllRU5CNDhmT2FGS1A4V24vVi9tcmRRb2RCMmJROFRWNnlqWnZ4dGgzV3RCc1BraHhPdkdDNlJGUml3K2l5Qk52VGFLTENZclhGVGZSeklRc3JmVUdxaEp4ZFlnUVhKbnlLMHI5UFppZVhSdz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 243127 content-length 0 expires 0
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10033.Psd47oNNtA7nWeQ97GGRax181x4sNv6pgDtOtqo5Em11KLAt5ugPVogUYHWCoZEc.-exRisUazSzJqKrJkqBN9kVWEDU%2C https://mc.yandex.com/sync_cookie_image_decide?token=10033.qwrEFONGCHHl9MBugzb_sdqeGmT_bgdJFaE9-UwR7oauNxGczw4ZywsICsv0X08O50N0hak7UbM0uUeJgCdTS4iH6TJUVUL15ChTfPrZg7Y%2C.KwnXdo7EvekWjWtgWqPCuCCdq_Y%2C	43 B 67 B	88ms 88ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=10033.qwrEFONGCHHl9MBugzb_sdqeGmT_bgdJFaE9-UwR7oauNxGczw4ZywsICsv0X08O50N0hak7UbM0uUeJgCdTS4iH6TJUVUL15ChTfPrZg7Y%2C.KwnXdo7EvekWjWtgWqPCuCCdq_Y%2C Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=10033.qwrEFONGCHHl9MBugzb_sdqeGmT_bgdJFaE9-UwR7oauNxGczw4ZywsICsv0X08O50N0hak7UbM0uUeJgCdTS4iH6TJUVUL15ChTfPrZg7Y%2C.KwnXdo7EvekWjWtgWqPCuCCdq_Y%2C date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 114 B	79ms 79ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 Jun 2023 15:38:48 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6481cbd8-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Tue, 13 Jun 2023 10:07:55 GMT
GET H2	200	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=104435&v=5.16.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%2... https://widget.us.criteo.com/event?a=104435&v=5.16.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%2...	8 KB 4 KB	603ms 139ms	Script application/x-javascript	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=104435&v=5.16.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=wvQSEl9uckhGWVNwM3hlNyUyRnhTbm9FeW1JbmxScTJOJTJCN1diS1gyVmJHVkowTTRPVWtXdkk5aFA3aUdjYUo3TXhHMCUyQmw0UEZDY041NnNleSUyQiUyQnIzbENWVVlKbGZvcUtHbmtGMiUyQlJ3UXdOUnF4NnJrWEFGZmVOcG4lMkIxbmpJV29LTllyUzhEZDNtY1NKU2tPMGw1N0RxMVglMkZVNnNBJTNEJTNE&tld=easeus.com&dy=1&fu=https%253A%252F%252Fwww.easeus.com%252Ffile-recovery%252Frecover-lost-word-documents-in-windows-10.html&ceid=2a031188-04f3-4af0-a241-a76a8a1d6952&dtycbr=15690 Protocol H2 Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash f7be2d4f7885cf6e2f9cb37eea5ef72d4453901c8004aa1f78a65847042bca75 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 12831092 timing-allow-origin * expires 0 Redirect headers pragma no-cache date Tue, 13 Jun 2023 09:07:55 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel location https://widget.us.criteo.com/event?a=104435&v=5.16.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=wvQSEl9uckhGWVNwM3hlNyUyRnhTbm9FeW1JbmxScTJOJTJCN1diS1gyVmJHVkowTTRPVWtXdkk5aFA3aUdjYUo3TXhHMCUyQmw0UEZDY041NnNleSUyQiUyQnIzbENWVVlKbGZvcUtHbmtGMiUyQlJ3UXdOUnF4NnJrWEFGZmVOcG4lMkIxbmpJV29LTllyUzhEZDNtY1NKU2tPMGw1N0RxMVglMkZVNnNBJTNEJTNE&tld=easeus.com&dy=1&fu=https%253A%252F%252Fwww.easeus.com%252Ffile-recovery%252Frecover-lost-word-documents-in-windows-10.html&ceid=2a031188-04f3-4af0-a241-a76a8a1d6952&dtycbr=15690 access-control-allow-origin * cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 3470688 timing-allow-origin * content-length 0 expires 0
GET H2	200	1 Show response mc.yandex.com/watch/92962198/ Redirect Chain https://mc.yandex.com/watch/92962198?wmode=7&page-url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%... https://mc.yandex.com/watch/92962198/1?wmode=7&page-url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A...	435 B 844 B	88ms 87ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/92962198/1?wmode=7&page-url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A5318%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1307658774601%3Ahid%3A381645708%3Az%3A0%3Ai%3A20230613090755%3Aet%3A1686647276%3Ac%3A1%3Arn%3A956355467%3Arqn%3A1%3Au%3A1686647276503610946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1049%2C85%2C185%2C30%2C3796%2C0%2C%2C151%2C1%2C5431%2C5431%2C1%2C5392%3Aco%3A0%3Acpf%3A1%3Ans%3A1686647266748%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686647276%3At%3A5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e7d49b4123fb8c78fee0959f7dcda7aee430b529e984af803cd195ed7ac732df Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 13-Jun-2023 09:07:56 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://www.easeus.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 435 x-xss-protection 1; mode=block expires Tue, 13-Jun-2023 09:07:56 GMT Redirect headers pragma no-cache date Tue, 13 Jun 2023 09:07:55 GMT strict-transport-security max-age=31536000 last-modified Tue, 13-Jun-2023 09:07:55 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/92962198/1?wmode=7&page-url=https%3A%2F%2Fwww.easeus.com%2Ffile-recovery%2Frecover-lost-word-documents-in-windows-10.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A5318%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1307658774601%3Ahid%3A381645708%3Az%3A0%3Ai%3A20230613090755%3Aet%3A1686647276%3Ac%3A1%3Arn%3A956355467%3Arqn%3A1%3Au%3A1686647276503610946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1049%2C85%2C185%2C30%2C3796%2C0%2C%2C151%2C1%2C5431%2C5431%2C1%2C5392%3Aco%3A0%3Acpf%3A1%3Ans%3A1686647266748%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686647276%3At%3A5%20Ways%20to%20Recover%20Unsaved%20Word%20Document%20Windows%2010%2F11%20-%20EaseUS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://www.easeus.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 13-Jun-2023 09:07:55 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame EC37	28 B 54 B	189ms 187ms	XHR application/json	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 X-Goog-Request-Time 1686647276031 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/D6KsM7MPO7A X-YouTube-Client-Version 1.20230606.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1ME5QaEd5TFA1byjp46CkBg%3D%3D X-YouTube-Ad-Signals dt=1686647273894&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C400&vis=1&wgl=true&ca_type=image Response headers date Tue, 13 Jun 2023 09:07:56 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Tue, 13 Jun 2023 09:07:56 GMT
POST H2	200	/ Show response www.facebook.com/tr/ Frame 345B	0 71 B	140ms 139ms	Document text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.easeus.com Referer https://www.easeus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.easeus.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Tue, 13 Jun 2023 09:07:56 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	sync_cookie_image_decide_secondary mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check_secondary https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10033.W4N4djz7srqOeZueILC4_rTWNOP3hjXVj1sc6UhjJkstCvsSYRYzzkPpYD0QaRqO.3VOqSunWgrWfyncKp_FquXyHV8c%2C https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10033.qpC0oEYGkGj0MxMeAOe1aEpPZ3dvoSfB4FFstJY0SSS9xml3Iol22pRCXIjuRC2DicVtxhNVlaCb6gAOhein5wnZxUovxZTfLjmn8GiPcGw%2C.1nvoIlLYEzUTWyrG8...	43 B 79 B	87ms 86ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10033.qpC0oEYGkGj0MxMeAOe1aEpPZ3dvoSfB4FFstJY0SSS9xml3Iol22pRCXIjuRC2DicVtxhNVlaCb6gAOhein5wnZxUovxZTfLjmn8GiPcGw%2C.1nvoIlLYEzUTWyrG88S9bimUVZ8%2C Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.easeus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10033.qpC0oEYGkGj0MxMeAOe1aEpPZ3dvoSfB4FFstJY0SSS9xml3Iol22pRCXIjuRC2DicVtxhNVlaCb6gAOhein5wnZxUovxZTfLjmn8GiPcGw%2C.1nvoIlLYEzUTWyrG88S9bimUVZ8%2C date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame 93D7 Redirect Chain https://x.bidswitch.net/sync?dsp_id=46&user_id=k-PYt732dJ8g3EJQlO0FwlVyTy_qR8FSEIEGbnZw&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PYt732dJ8g3EJQlO0FwlVyTy_qR8FSEIEGbnZw&expires=30	43 B 345 B	44ms 44ms	Image image/gif	18.196.218.213
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PYt732dJ8g3EJQlO0FwlVyTy_qR8FSEIEGbnZw&expires=30 Protocol H2 Server 18.196.218.213 -, , ASN (), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PYt732dJ8g3EJQlO0FwlVyTy_qR8FSEIEGbnZw&expires=30 date Tue, 13 Jun 2023 09:07:56 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame 93D7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vbB4LWdJ8g3EJQlO0FwlVyTy_qTxLbf6153-bQ&google_cm&google_hm=ay12YkI0TFdkSjhnM0VKUWxPMEZ3bFZ5VHlfcVR4TGJmN... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vbB4LWdJ8g3EJQlO0FwlVyTy_qTxLbf6153-bQ&google_gid=CAESEOtBE7jfILniV-S0NUnSj3U&google_cver=1&google_ula=913071,0	43 B 370 B	272ms 40ms	Image image/gif	178.250.1.9
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vbB4LWdJ8g3EJQlO0FwlVyTy_qTxLbf6153-bQ&google_gid=CAESEOtBE7jfILniV-S0NUnSj3U&google_cver=1&google_ula=913071,0 Protocol H2 Server 178.250.1.9 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 904912 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vbB4LWdJ8g3EJQlO0FwlVyTy_qTxLbf6153-bQ&google_gid=CAESEOtBE7jfILniV-S0NUnSj3U&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame 93D7 Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2787661633488733552	43 B 369 B	231ms 41ms	Image image/gif	178.250.1.9
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2787661633488733552 Protocol H2 Server 178.250.1.9 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 980439 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Tue, 13 Jun 2023 09:07:56 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 434d46d8-bbb1-46d4-8518-0df4ca99ae27 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2787661633488733552 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Frame 93D7 Redirect Chain https://secure.adnxs.com/setuid?entity=52&code=k-7kM4kmdJ8g3EJQlO0FwlVyTy_qRdiXJAJBgi7Q https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7kM4kmdJ8g3EJQlO0FwlVyTy_qRdiXJAJBgi7Q	43 B 1 KB	45ms 44ms	Image image/gif	185.89.210.141
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7kM4kmdJ8g3EJQlO0FwlVyTy_qRdiXJAJBgi7Q Protocol HTTP/1.1 Server 185.89.210.141 -, , ASN (), Reverse DNS Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Jun 2023 09:07:56 GMT AN-X-Request-Uuid 4e289988-bf74-43c4-81d6-f32232503789 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 13 Jun 2023 09:07:56 GMT AN-X-Request-Uuid 78211710-17a7-47a8-b3f6-4de6eeef88f7 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-7kM4kmdJ8g3EJQlO0FwlVyTy_qRdiXJAJBgi7Q Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame 93D7	61 B 795 B	184ms 77ms	Image image/gif	95.101.148.20
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-23F_rmdJ8g3EJQlO0FwlVyTy_qRXlvrLKlXvFA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.148.20 -, , ASN (), Reverse DNS Software Apache / Resource Hash cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Tue, 13 Jun 2023 09:07:56 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 61 x-mnet-hl2 E expires Tue, 13 Jun 2023 09:07:56 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 93D7	0 239 B	185ms 43ms	Image image/gif	69.173.144.165
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-rVBMEmdJ8g3EJQlO0FwlVyTy_qQZM-38UWhrUw&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 704c1e4d3fcc922a3031d436b584678b P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 match.sharethrough.com/sync/ Frame 93D7	0 365 B	147ms 41ms	Image text/plain	3.126.36.96
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-3l3lomdJ8g3EJQlO0FwlVyTy_qQpPGV071u8HQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.36.96 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT
GET H2	200	/ rtb-csync.smartadserver.com/redir/ Frame 93D7	43 B 114 B	218ms 50ms	Image image/gif	185.86.139.104
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-8BF4P2dJ8g3EJQlO0FwlVyTy_qQhmPYlpy87Tg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.86.139.104 -, , ASN (), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 93D7	0 99 B	148ms 42ms	Image text/plain	141.226.228.48
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-jOheT2dJ8g3EJQlO0FwlVyTy_qRFKuvRJTBODQ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 41595
GET H2	200	um criteo-sync.teads.tv/ Frame 93D7	23 B 163 B	208ms 67ms	Image image/gif	104.75.89.75
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-YGemSmdJ8g3EJQlO0FwlVyTy_qQsrIXEnu0hJg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.75 -, , ASN (), Reverse DNS Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers expires Tue, 13 Jun 2023 09:07:56 GMT pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame 93D7	37 B 140 B	130ms 43ms	Image image/gif	13.248.245.213
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2711&xuid=k-VRVWNGdJ8g3EJQlO0FwlVyTy_qTMWjNaFXmyBw&dongle=013b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.245.213 -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame 93D7 Redirect Chain https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ZJASJmdJ8g3EJQlO0FwlVyTy_qT9TPfvYAmTLA https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ZJASJmdJ8g3EJQlO0FwlVyTy_qT9TPfvYAmTLA&verify=true	0 313 B	43ms 42ms	Image text/plain	3.75.62.37
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ZJASJmdJ8g3EJQlO0FwlVyTy_qT9TPfvYAmTLA&verify=true Protocol H2 Server 3.75.62.37 -, , ASN (), Reverse DNS Software ATS/9.1.10.57 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:57 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.57 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ZJASJmdJ8g3EJQlO0FwlVyTy_qT9TPfvYAmTLA&verify=true date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.57 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	pixel cm.adform.net/ Frame 93D7	43 B 163 B	238ms 41ms	Image image/gif	37.157.5.84
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-KZ-DKWdJ8g3EJQlO0FwlVyTy_qSk2TJmDzMU9Q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.5.84 -, , ASN (), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT last-modified Thu, 11 May 2023 07:25:22 GMT server nginx accept-ranges bytes etag "645c9862-2b" content-length 43 content-type image/gif
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame 93D7	49 B 236 B	288ms 93ms	Image image/gif	185.255.84.153
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-exujf2dJ8g3EJQlO0FwlVyTy_qQqPt_kivhJZA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.153 -, , ASN (), Reverse DNS Software ayl-lb-fra02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Tue, 13 Jun 2023 09:07:56 GMT x-content-type-options nosniff server ayl-lb-fra02 vary Accept-Encoding content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 39 content-length 49 expires 0
GET H/1.1	200 OK	rum r.casalemedia.com/ Frame 93D7 Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cg-NGWdJ8g3EJQlO0FwlVyTy_qQ6QpIVIVej9Q https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cg-NGWdJ8g3EJQlO0FwlVyTy_qQ6QpIVIVej9Q&C=1	43 B 766 B	41ms 40ms	Image image/gif	185.80.39.216
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Cg-NGWdJ8g3EJQlO0FwlVyTy_qQ6QpIVIVej9Q&C=1 Protocol HTTP/1.1 Server 185.80.39.216 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Jun 2023 09:07:57 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Tue, 13 Jun 2023 09:07:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=20&external_user_id=k-Cg-NGWdJ8g3EJQlO0FwlVyTy_qQ6QpIVIVej9Q&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 93D7 Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=awLHr_bBgXC4Ip-v8i3nNo5sIHPOdHCX https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=awLHr_bBgXC4Ip-v8i3nNo5sIHPOdHCX	42 B 942 B	61ms 61ms	Image image/gif	52.49.169.160
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=awLHr_bBgXC4Ip-v8i3nNo5sIHPOdHCX Protocol HTTP/1.1 Server 52.49.169.160 -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v048-012c56330.edge-irl1.demdex.com 4 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID Tvye9K3OQBw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v048-0509829c5.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID TE1DBM99SUI= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=awLHr_bBgXC4Ip-v8i3nNo5sIHPOdHCX Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200	9.gif id5-sync.com/s/966/ Frame 93D7	43 B 1 KB	214ms 42ms	Image image/gif	141.95.33.111
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/966/9.gif?puid=k-pMceZ2dJ8g3EJQlO0FwlVyTy_qT1sAIgMTVq6A Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.33.111 -, , ASN (), Reverse DNS Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Tue, 13 Jun 2023 09:07:56 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ul_cb/ Frame 93D7 Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-G5uS6mdJ8g3EJQlO0FwlVyTy_qQYz2AxWTDZ1g https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-G5uS6mdJ8g3EJQlO0FwlVyTy_qQYz2AxWTDZ1g	43 B 447 B	56ms 56ms	Image image/gif	52.51.35.255
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-G5uS6mdJ8g3EJQlO0FwlVyTy_qQYz2AxWTDZ1g Protocol H2 Server 52.51.35.255 -, , ASN (), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers access-control-allow-origin * date Tue, 13 Jun 2023 09:07:57 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-G5uS6mdJ8g3EJQlO0FwlVyTy_qQYz2AxWTDZ1g access-control-allow-origin * date Tue, 13 Jun 2023 09:07:56 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	sync matching.ivitrack.com/ Frame 93D7	42 B 274 B	164ms 51ms	Image image/gif	34.117.157.22
General Check archive.org Show headers Download Go to Show image Full URL https://matching.ivitrack.com/sync?realm=criteo&uid=k-hy9wNGdJ8g3EJQlO0FwlVyTy_qSwlqkneubFlQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.157.22 -, , ASN (), Reverse DNS Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT x-envoy-decorator-operation tag-manager.programmatic.svc.cluster.local:3000/* via 1.1 google server istio-envoy content-type image/gif cache-control public, max-age=86400 x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	push exchange.mediavine.com/usersync/ Frame 93D7	0 886 B	147ms 44ms	Image text/html	3.125.198.113
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-qrgxEGdJ8g3EJQlO0FwlVyTy_qQvxORXUUSXlw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.125.198.113 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:56 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET		cookie-sync sync.outbrain.com/ Frame 93D7	0 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 93D7	42 B 586 B	171ms 46ms	Image image/gif	185.64.189.110
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-qmZlM2dJ8g3EJQlO0FwlVyTy_qQz4XKUsTWLdg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 13 Jun 2023 09:07:55 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET		sync criteo-partners.tremorhub.com/ Frame 93D7	0 0
GET H2	200	getusermatch.php a.twiago.com/rtb/ Frame 93D7	43 B 153 B	104ms 33ms	Image image/gif	85.215.5.31
General Check archive.org Show headers Download Go to Show image Full URL https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-yuasFWdJ8g3EJQlO0FwlVyTy_qQdkMPKtxymMA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.5.31 -, , ASN (), Reverse DNS Software Apache / PHP/7.3.30 Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers access-control-allow-origin * date Tue, 13 Jun 2023 09:07:57 GMT server Apache x-powered-by PHP/7.3.30 content-length 43 content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame 93D7	0 400 B	215ms 91ms	Image text/plain	23.50.111.12
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-2IcN1mdJ8g3EJQlO0FwlVyTy_qRneju4iTXOww Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.50.111.12 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Jun 2023 09:07:57 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive Expires Mon, 12 Jun 2023 09:07:57 GMT
GET H2	200	sync sync-criteo.ads.yieldmo.com/ Frame 93D7	0 38 B	196ms 55ms	Image text/plain	54.154.12.56
General Check archive.org Show headers Download Go to Show image Full URL https://sync-criteo.ads.yieldmo.com/sync?id=k-AcA5ZmdJ8g3EJQlO0FwlVyTy_qSqGbHLAbBj4w&pn_id=criteo&ext=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.12.56 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 13 Jun 2023 09:07:57 GMT content-length 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 93D7 Redirect Chain https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=O1S1tcXttZd93GD4rMG0Yz1y-myvMR5d	0 338 B	184ms 54ms	Image text/plain	52.211.158.177
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=O1S1tcXttZd93GD4rMG0Yz1y-myvMR5d Protocol H2 Server 52.211.158.177 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers x-served-by beacon-n008-dub-prod.krxd.net date Tue, 13 Jun 2023 09:07:57 GMT cache-control private, no-cache, no-store x-request-time D=39 t=1686647277 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=O1S1tcXttZd93GD4rMG0Yz1y-myvMR5d date Tue, 13 Jun 2023 09:07:56 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 1087166 content-length 0
GET		cs s.thebrighttag.com/ Frame 93D7 Redirect Chain https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=WgDXDpXbzz_63CWvCTIwW7CRjAL2UWg6	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sync.outbrain.com

URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NUR8zmdJ8g3EJQlO0FwlVyTy_qRM7hSbHNs3pQ&initiator=partner

Domain

criteo-partners.tremorhub.com

URL

https://criteo-partners.tremorhub.com/sync?UICR=k-rlqfnWdJ8g3EJQlO0FwlVyTy_qRNFB35WmOYCw

Domain

s.thebrighttag.com

URL

https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=WgDXDpXbzz_63CWvCTIwW7CRjAL2UWg6