urlscan.io logo urlscan.io
SecurityTrails logo

heictojpg.com Open in urlscan Pro
13.33.88.7  Public Scan

Go To Rescan Add Verdict Report
URL: https://heictojpg.com/
Submission: On May 25 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 12 domains to perform 73 HTTP transactions. The main IP is 13.33.88.7, located in United States and belongs to AMAZON-02, US. The main domain is heictojpg.com. The Cisco Umbrella rank of the primary domain is 229832.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: 5 months.
This is the only time heictojpg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 13.33.88.7 16509 (AMAZON-02)
2 74.125.200.97 15169 (GOOGLE)
1 13.224.249.66 16509 (AMAZON-02)
9 74.125.24.155 15169 (GOOGLE)
1 13.224.249.35 16509 (AMAZON-02)
1 142.251.12.139 15169 (GOOGLE)
7 142.250.4.156 15169 (GOOGLE)
2 142.251.12.154 15169 (GOOGLE)
2 142.251.10.154 15169 (GOOGLE)
6 142.251.10.94 15169 (GOOGLE)
3 74.125.130.95 15169 (GOOGLE)
9 74.125.24.132 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
1 1 64.233.170.103 15169 (GOOGLE)
73 14
27    13.33.88.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-7.sin2.r.cloudfront.net
heictojpg.com
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
1    13.224.249.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-66.sin52.r.cloudfront.net
static.hotjar.com
9    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
www.googletagservices.com
1    13.224.249.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-35.sin52.r.cloudfront.net
script.hotjar.com
1    142.251.12.139 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f139.1e100.net
www.google-analytics.com
7    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
googleads.g.doubleclick.net
2    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
adservice.google.com.au
2    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com
6    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
3    74.125.130.95 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
fonts.googleapis.com
9    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
1    64.233.170.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f103.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
27 heictojpg.com
heictojpg.com — Cisco Umbrella Rank: 229832
697 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
302 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
70 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
93 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
877 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
107 KB
2 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 110979
696 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 633
script.hotjar.com — Cisco Umbrella Rank: 793
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
127 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
332 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
252 B
73 12
Domain Requested by
27 heictojpg.com heictojpg.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 pagead2.googlesyndication.com heictojpg.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
3 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.com.au pagead2.googlesyndication.com
2 www.googletagmanager.com heictojpg.com
www.googletagmanager.com
1 www.google.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com heictojpg.com
73 16

This site contains links to these domains. Also see Links.

Domain
www.jpegmini.com
Subject Issuer Validity Valid
heictojpg.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-08-07		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://heictojpg.com/
Frame ID: 5AF541E184335412C8A65D8833213FD5
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/zrt_lookup.html
Frame ID: B0452964C44340B70BF5DE33BA1B1B2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&adk=1812271804&adf=3025194257&lmt=1684851129&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fheictojpg.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482627&bpp=4&bdt=1639&idt=507&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5657351306189&frm=20&pv=2&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=529
Frame ID: 92ED0DD408A9E69946BD24FC2C7703B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Frame ID: DC1A985E90C095790B21084A7E795E5B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0EDAAC8481D2E634380213DECA716B02
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5E827F16C99F910E62A7C7BD783DAB7B
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 8C4990D5848B32ECE844631B7281DD19
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: AA70D3FE9802E145695B02DF64C5E822
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: B38F84F28EB180842826FBB0BBF36240
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Convert Heic to JPEG for free | Made by JPEGmini

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

73
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

14
IPs

1
Countries

1474 kB
Transfer

3060 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heictojpg.com/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
945a89de71519f055210a7017dd9085bac79b6e45f5b6501bc46762f0dcfe3fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
86
cache-control
max-age=60
content-encoding
gzip
content-type
text/html
date
Thu, 25 May 2023 06:17:23 GMT
etag
W/"d033b0fdbf5dd28bff2b819c70e1c989"
last-modified
Tue, 23 May 2023 14:12:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-id
v5i1iGtNg4WH_YQ4ZmnI7B4DHMK5FQYKSwCEv3J59pP0FLx4N5Y8EA==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
main.css
heictojpg.com/static/css/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/main.css
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c881172b48dc94436fb3f896557faa33919510dc6fe425d370a01353a49d60e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:17:23 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
43
x-amz-server-side-encryption
AES256
etag
W/"ddb63df0865bc504fff40661bb85d2f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=60
x-amz-cf-id
2ar-KSP36uot1vbCLdMRpmQNdaizcLNOJ2f0KZFnow-qf8ko8RHE8w==
chevron.svg
heictojpg.com/static/images/icons/ 		248 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/chevron.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a39a6fd730402c0d0938e850f1966e866530c09d360b97744e2f7ea6e2627115

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:02 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57900
x-amz-server-side-encryption
AES256
etag
"50576fc9efaeb45e8b3bea31cb1056ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
248
x-amz-cf-id
M_v1VZvbXPfNcAdelvyTxvLPPleTHh3UGA3Te7fRhrUGEA2k_dI47Q==
photo.svg
heictojpg.com/static/images/icons/ 		623 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/photo.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abb410d2cd2cf47f3499d4ca3492f3b00861f7021e18d7282f2f812939e115e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"d4468c956786eaa0a0c273fd210181c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
623
x-amz-cf-id
RlkbMgt3T9F89TUKqb8DswYFZbwrlggFsf0mNDIliBlLAJ0_BdcJUA==
video.svg
heictojpg.com/static/images/icons/ 		1 KB
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/video.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7fa72f1b90d4180c2bb3e4de79853bc43fab82a46caa9478f45ed8a8bd363f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"d731228c2a1f9f481bc968d6af0c38c3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
BIrd8fuxrd7yarjv1KVVFOQYuqvxd8IpVtXWdRY6rCGgXk8W4mt8WQ==
arrow-circle-down.svg
heictojpg.com/static/images/icons/ 		1 KB
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/arrow-circle-down.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee4a38008451bdfb5e92e46122372d2f730d67ad5f741414f0fee06a3fd9ae12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"8ab4b4b2aa7ef9c7706a4e19994f6567"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
eapbQvmGePT5x8BYEgT1SSS1B2xWH1m_ucdjuIgLtRtf70at6MpDKg==
signup.svg
heictojpg.com/static/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/signup.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c7e687696356c4791d1a9f5971f9bf1affd23e4f20a119dd30cb87830027cc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"9f7e3d2a235e9f841ff1a45c08ec81b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
8LGKcd22ie06JBKUOzHhj-Ur6J8J1fAMOz2uGK2EYSCDt1xvgkU_Lg==
login.svg
heictojpg.com/static/images/icons/ 		541 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/login.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b19ff3377b5153b354330a2af56960c37f039944f0437fcb0bf31f58a3240aa5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"b4d62715fe8caed4b38c9e03e6397160"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
541
x-amz-cf-id
CwIhZZc5Z29NsH28UUc8erRhB3-Z5wU6RR1eBAtco8rbJQXKirKXQA==
logout.svg
heictojpg.com/static/images/icons/ 		543 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/logout.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2980d539e3feb1828a646d337666087a99c4474ec552b20317a8d33eabc2cfb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"d5fb8308f83974104cd907457043095a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
543
x-amz-cf-id
TiL5onBQJPuWmurCUX4U7zSZLtHlB26oMQCK1awnsdrR3E7L24bsFA==
minus-circle.svg
heictojpg.com/static/images/icons/ 		881 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/minus-circle.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca211d08fcc2281a85fb1ce611de7dbf3397ac44c0033a66818b22494d832685

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"6291315d03a85ec044f801169b0508ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
881
x-amz-cf-id
SBohdXaE5LqUxo6yoolpbudzPaqtOLUujNfY4yFXHmcvHh--XYyqqQ==
refresh.svg
heictojpg.com/static/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/refresh.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
150d581aecad944db72e7a924cbe84fe9c5bacc71367d628be06bce73b49dae7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"5e583ce8dc7cdc115be51ea6dd918e15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
zR5HlgbKasb_vNwV68ht_jTMP3clW6wvQtjXzx-eui4p0zxks3MuWw==
runtime.f8451a3c.js
heictojpg.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/runtime.f8451a3c.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99d3ba4ba69fb30e4b3a2e269563bf58cc0ac0918ef563c8d8680d29d92c292e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"dc2d9529464a5e8904e2ce92dc6c9fb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
0ynewIEQqCEmnkT8SMjBUoWCncKmkGr6eUHYcvPOhSYkloSIFcCbtQ==
setup.c34b6621.js
heictojpg.com/static/js/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/setup.c34b6621.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86630ca64a2e5b4cdb8c48d339dc7f59a8debdea958ab686d1ce02943f57cba6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"de01e9f17fbf5d09b008cf07051d6fe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
RWl0JPxJRfcBZlBuBBhr1vrpD6VTgeZ9JdKOVl31mCSl6bajvJ2_iw==
index.20e7b1fd.js
heictojpg.com/static/js/ 		163 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/index.20e7b1fd.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc57b08542d4327d5b535bac4c8243adf7314d9c12e205b92a7f488800637a94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
W/"0024d6e2357ec9f0b0a9f769857364ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
yGRtWjs-l7g40RvX_zF0sUm4FZuQ4pnMqPVx3updWZKpHvO1T-uFgQ==
gtm.js
www.googletagmanager.com/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PG8SHQR
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
082aeb0499910e2a86b6c72f2b9a2f367a14d7e7f83d8bd09477fdc20a91145a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43965
x-xss-protection
0
last-modified
Thu, 25 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 May 2023 06:18:01 GMT
hotjar-621224.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-621224.js?sv=6
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-66.sin52.r.cloudfront.net
Software
/
Resource Hash
5fdc5b3b573d46c4b92a2c559413ff6c080279ef1ffa541146e8cddf1bd813aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 25 May 2023 06:17:58 GMT
via
1.1 0d4aa9f487883216469659ecf56a9a92.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/e1cd9399a9572437f0d0b08935da0587
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
JBc_n-3AP8v3RME7qNesZI_uqQEQa-k_avbApK31hY4euIwEbDEBfQ==
proximanova-bold.woff2
heictojpg.com/static/css/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/proximanova-bold.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c7b47b78f9dd84a22b5a8c296ba68539895666b262de5b796846203fe1679a7

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"16565a28248b2b4b6bd3561e3e0aaa00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
53632
x-amz-cf-id
lqOyuYzX4l66NbQXUwB3Die5yTSQVK_evMhIQ-5otiDSu5iEi311Yw==
Inter-Regular.woff2
heictojpg.com/static/css/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/Inter-Regular.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:56 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"dc131113894217b5031000575d9de002"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
98868
x-amz-cf-id
OJ0ocAX_OfDcb5G5zedzYxzsVSpW0HRiqw6Ovc0TTNEVUFPd9HDzNg==
Inter-Bold.woff2
heictojpg.com/static/css/fonts/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/Inter-Bold.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:55 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"444a7284663a3bc886683eb81450b294"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
106140
x-amz-cf-id
B8Toa715jGR1fAoHlezOit_2vYCcfRQWqBoojOvTWdQpg0ra_S-fRQ==
Inter-Medium.woff2
heictojpg.com/static/css/fonts/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/Inter-Medium.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:56 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"75db5319e7e87c587019a5df08d7272c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
105924
x-amz-cf-id
GwkWbqWsCitiiCOOx2Jc9DzICiQNPMSxYEeM6kD9HZSaPfS4bDxLkA==
proximanova-medium.woff2
heictojpg.com/static/css/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/proximanova-medium.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7bacca0e03265eee58945bd60c30ffea14d78b0cc013ced3e09fed49c34a95f

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"e310867dcf25aadaaf2bd631aff8bd74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
53648
x-amz-cf-id
DCM-03F0sKz-3KqsJ6MsNN4rqhQN5cCIXtE8nDSubHTxrBW1IIViBg==
proximanova-extrabold.woff2
heictojpg.com/static/css/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/proximanova-extrabold.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be3e0dd0e4fa607ea6209de58a5c1d5fea515b6aae3aadf7fce3dbb5f5e9dd4e

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:03 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57899
x-amz-server-side-encryption
AES256
etag
"c1c9bfeeaea03d0fc08d966efe537216"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
33568
x-amz-cf-id
biFkbVrSzXAcNBsmDeP1jTLxpIz_Ge0m_2SiZYAA0Tj59FQaqU1kVg==
Inter-SemiBold.woff2
heictojpg.com/static/css/fonts/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/css/fonts/Inter-SemiBold.woff2
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://heictojpg.com/static/css/main.css
Origin
https://heictojpg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
"007ad31a53f4ab3f58ee74f2308482ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
content-length
105804
x-amz-cf-id
tvqa8DpEbEr_J4MEr-_58vFYjG1t8kloIIoT8_nQECUry8Q67-J-wA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8591306331167868
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/js/setup.c34b6621.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
65c96fa92fce5d936673b55f7483286a3cd262d09b31b59361d4304b5074c852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47296
x-xss-protection
0
server
cafe
etag
740640966764851401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 25 May 2023 06:18:02 GMT
669.918c6dfa.js
heictojpg.com/static/js/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/669.918c6dfa.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/js/runtime.f8451a3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
W/"264acfdd6eb89ce38e5e186e9d01361c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
a2hEziTXm1tg-haBFi1R9Yr1QFlqDyM2TaMZhaFSTJImBl22gnLh_g==
831.cfefb7de.js
heictojpg.com/static/js/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/831.cfefb7de.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/js/runtime.f8451a3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
W/"92f4c4da57613918f4de5c08b9668a7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
oWY5IAgMOLSiY_5ot4RjHUIwCXNd5zXMgFKRLf8_KTB1piO1H-yZKQ==
608.f67a459c.js
heictojpg.com/static/js/ 		0
41 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/608.f67a459c.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/js/runtime.f8451a3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
W/"c496be5494e5859ce16cbd7aba8f9b2e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
axBq1MNp2gONixHNIBy0cph31T_8jpv_AOlYyXXts83mGIfxqFqy8A==
113.faacbda0.js
heictojpg.com/static/js/ 		0
498 B 		Other
General
Check archive.org
Download Go to
Full URL
https://heictojpg.com/static/js/113.faacbda0.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/static/js/runtime.f8451a3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:12:08 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
"ee274a94a206fcbeb5de3fa34684e5d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
99
x-amz-cf-id
vJoT2q_HVgSBnsgDea-wl7LoNfnhOXUazJfaewNU-t_WYci7a7yCOQ==
plus.svg
heictojpg.com/static/images/icons/ 		256 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/plus.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3475cf5bf4c8b6137a1a45593aead80ba7f20a5ac571bb4d3fe7888fa83256c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
"9ca20f43fd71ca515e358171cb94f1f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
256
x-amz-cf-id
oaXojQ6DUST0HrCCu24Hr17DUsKwYQ1dxgyLeNJ63fYM_QkmoZki4Q==
plus-circle.svg
heictojpg.com/static/images/icons/ 		1 KB
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heictojpg.com/static/images/icons/plus-circle.svg
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43424b37bcb22893c85d7afec073a9ab9831efe3be04cac5cdf67597e807369a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:13:04 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 23:36:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57898
x-amz-server-side-encryption
AES256
etag
W/"cad4c8ea188279691393a6af5d4f92d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
VrYYpSVNKmaNGOefhasEQTMscIddV73LYQhHaVnGOwh_jlTgwpFgkg==
modules.bd615e91f206bba6c106.js
script.hotjar.com/ 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bd615e91f206bba6c106.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-621224.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-35.sin52.r.cloudfront.net
Software
/
Resource Hash
b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 12:11:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
497214
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69451
last-modified
Fri, 19 May 2023 12:10:27 GMT
etag
"9426a0fb3ec77e5ad24ce096383ab689"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
QLN-lWX6B1AJtiJCpBzreKt1nN6nYfFHbKOZHGYzOF3qC4Z00en7ww==
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9YNHJNWLFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG8SHQR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9ab27d4d363977244d793531ed6a3dbbe71261c9c89ddc629791601563b44218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85789
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 May 2023 06:18:02 GMT
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9YNHJNWLFK&gtm=45je35m0&_p=1722711369&cid=1048420274.1684995483&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684995482&sct=1&seg=0&dl=https%3A%2F%2Fheictojpg.com%2F&dt=Convert%20Heic%20to%20JPEG%20for%20free%20%7C%20Made%20by%20JPEGmini&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9YNHJNWLFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 06:18:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heictojpg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/ 		349 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8591306331167868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
61456b789d63502ce19d928a3674854ef9afe90fb389c112d5c67043c885f199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120038
x-xss-protection
0
server
cafe
etag
16326640606397396535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 06:18:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/ Frame B045 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8591306331167868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heictojpg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
15176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 02:05:07 GMT
etag
15057649708203361565
expires
Thu, 08 Jun 2023 02:05:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		393 B
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=heictojpg.com&callback=_gfp_s_&client=ca-pub-8591306331167868
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ceb36233adf78d00274ba74c08b9369a1296825825f4ec0e21c878236b15d8f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=heictojpg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heictojpg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 92ED 		169 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&adk=1812271804&adf=3025194257&lmt=1684851129&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fheictojpg.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482627&bpp=4&bdt=1639&idt=507&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5657351306189&frm=20&pv=2&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=529
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
fb42694d55e5618dca783be12eeb55a0095951013cd0a098365a5417edcd096b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heictojpg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
48105
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 06:18:04 GMT
expires
Thu, 25 May 2023 06:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC1A 		102 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
6f5f795bb20ba8a62e888ce2353223d7c61e0c3873f2996ae85373063f133e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heictojpg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
36587
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 06:18:04 GMT
expires
Thu, 25 May 2023 06:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ef33bde3b6f53b5d50fc677805f1b9fa.js
www.gstatic.com/mysidia/ Frame DC1A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 04:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3674
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 04:39:01 GMT
ee89b602e2534f412f73bbda73fe42b2.js
www.gstatic.com/mysidia/ Frame DC1A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 02:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4066
x-xss-protection
0
last-modified
Fri, 19 May 2023 05:26:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 02:25:29 GMT
css
fonts.googleapis.com/ Frame DC1A 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 06:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 05:12:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 06:18:04 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame DC1A 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 18:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
42102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:36:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/ Frame DC1A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 18:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
43810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:07:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame DC1A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:56:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
44475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:56:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame DC1A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
6797c077654da137fb8c518484a1b2e6fa32c76eb6427d620851693463ac89d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
44478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7989
x-xss-protection
0
server
cafe
etag
4146798238180205368
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC1A 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 06:18:04 GMT
32da0f4bcd46006ef465cafdfe68b840.js
www.gstatic.com/mysidia/ Frame DC1A 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13640
x-xss-protection
0
last-modified
Mon, 22 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 09:07:07 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/ 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/reactive_library_fy2021.js?bust=31074812
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
83db602412de74ff6978f800df8401ca7df3ef005f6ae9b9f19914faacf7e729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52654
x-xss-protection
0
server
cafe
etag
12689020044204561076
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 06:18:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DC1A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChzqIm_1uZITqGcSUvQT34pzoDa3216xug7eataAO_ePmwLslEAEg9tbBlQFgpYCAgJABoAGN7OTZAsgBAakC8nQwLrinqD6oAwHIA8sEqgTuAU_QvVSfPZ3o_nXSYZL2RIz12k301fydsO2ifU1Nq1lQbnFFGYHz7N96CcqUP8pafpuUsuHjeD014-n-wZ29DQ6KLhZCc8RTUdjRENbBvYyU7ylRTNZwrNRSDOAAX_51LQFeCTZ1MQQa_l5HAtPtvYXcxFzh1JTkqNPHF3H8iAHW6O5eq2pJs_2Tx5O0jVpKt49UnpGdMF48zJFfxeBtRjin8tf5ywDD10b6uhiplnV4p13y3epi4rnyUcshUkYjgeqy5CIDd6fPrauGTDuvZs_o_MehgV6wDsYPykY3DGVahBPuAXTXf_QDuuY64PzABODCnczmA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPH0A9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMNiBQL0BUBgBcBshccChoIABIUcHViLTg1OTEzMDYzMzExNjc4NjgYAA&sigh=3gSg2tmNBuQ&uach_m=[UACH]&cid=CAQSGwBygQiDZR0xiY8xjMCjwCL1S9u0Uun5qn5AJxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 May 2023 06:18:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 May 2023 06:18:05 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=heictojpg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heictojpg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/ Frame 0EDA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heictojpg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
13317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 02:36:08 GMT
etag
15057649708203361565
expires
Thu, 08 Jun 2023 02:36:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5E82 		143 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 05:50:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DC1A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
466fe0aab30517751ca267279e9a96c5a11f8c414cc3df44a43335ef6b13c46b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ Frame 0EDA 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 06:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 05:13:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 06:18:05 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0EDA 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 16:50:41 GMT
x-content-type-options
nosniff
age
48444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 May 2024 16:50:41 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0EDA 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 12:29:28 GMT
x-content-type-options
nosniff
age
64117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 May 2024 12:29:28 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/elements/html/ Frame 0EDA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 03:44:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
9223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8300
x-xss-protection
0
server
cafe
etag
2697337515266134059
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 03:44:22 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DC1A 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:28:24 GMT
x-content-type-options
nosniff
age
121782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 20:28:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5E82
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 06:18:06 GMT
expires
Thu, 25 May 2023 06:18:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 06:18:06 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 8C49 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 06:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 05:16:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 06:18:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame 8C49 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 18:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
42102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:36:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/ Frame 8C49 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 18:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
43810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:07:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame 8C49 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:56:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
44475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:56:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame 8C49 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
6797c077654da137fb8c518484a1b2e6fa32c76eb6427d620851693463ac89d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
44478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7989
x-xss-protection
0
server
cafe
etag
4146798238180205368
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C49 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 06:18:05 GMT
32da0f4bcd46006ef465cafdfe68b840.js
www.gstatic.com/mysidia/ Frame 8C49 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13640
x-xss-protection
0
last-modified
Mon, 22 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 09:07:07 GMT
x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
pagead2.googlesyndication.com/bg/ Frame AA70 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Requested by
Host: heictojpg.com
URL: https://heictojpg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 12:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
235926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 12:45:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230522&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305220101/show_ads_impl_fy2021.js?bust=31074812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e58cde9d54dc6e3e69df8a8a473ed53b204d275f4db20f364fd9ab1da9d35d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://heictojpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 06:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11205
x-xss-protection
0
x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
pagead2.googlesyndication.com/bg/ Frame B38F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1684851129&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684995482631&bpp=1&bdt=1643&idt=532&shv=r20230522&mjsv=m202305220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5657351306189&frm=20&pv=1&ga_vid=1048420274.1684995483&ga_sid=1684995483&ga_hid=1722711369&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074812%2C44772269%2C44788441%2C44792645&oid=2&pvsid=3308267240821250&tmod=371057087&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UBCAiirk9M&p=https%3A//heictojpg.com&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 12:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
235927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 12:45:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DC1A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstamWVjpWydZAHNjZjptZpjXO0srBsVDn2YHb-d28LvjWwjHht3sOP0iWH6n7KWj2UfXBbU27hYSgw7zORhdw3GszuDhhW_NlriVvF1FYnAyDcEL2r4nKTLI4AcS91Qb8_incI&sai=AMfl-YSCqwjfD8ZtQtcybhgDIhocqWsDsXvtAHQ3dQB2zR66eaNC1YsIpP8v8vc1siExSg4kEGK5X7TWdODY&sig=Cg0ArKJSzA_F4r48bfapEAE&cid=CAQSGwBygQiDZR0xiY8xjMCjwCL1S9u0Uun5qn5AJxgB&id=lidar2&mcvt=1000&p=0,0,120,600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1790428439&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684995483168&rpt=3333&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| dataLayer function| hj object| _hjSettings object| webpackChunkheictojpg object| statsGauge object| auth0Client object| adsbygoogle object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

11 Cookies

Domain/Path Name / Value
.heictojpg.com/ Name: _ga
Value: GA1.1.1048420274.1684995483
.heictojpg.com/ Name: _ga_9YNHJNWLFK
Value: GS1.1.1684995482.1.0.1684995482.0.0.0
.heictojpg.com/ Name: _hjSessionUser_621224
Value: eyJpZCI6IjQzMjQ3MGE1LTA2ODMtNWQzNi05ODg0LWViODJjY2ZiYWM1YyIsImNyZWF0ZWQiOjE2ODQ5OTU0ODI4MDIsImV4aXN0aW5nIjpmYWxzZX0=
.heictojpg.com/ Name: _hjFirstSeen
Value: 1
.heictojpg.com/ Name: _hjIncludedInSessionSample_621224
Value: 0
.heictojpg.com/ Name: _hjSession_621224
Value: eyJpZCI6ImViZTQxZWY2LTFlY2UtNDUzMy05MmFkLTk1Mjc4YmJiZTdiZSIsImNyZWF0ZWQiOjE2ODQ5OTU0ODI4MTAsImluU2FtcGxlIjpmYWxzZX0=
.heictojpg.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.heictojpg.com/ Name: __gads
Value: ID=62d9059d69c2dbe3-22b65fa1c1e00048:T=1684995483:RT=1684995483:S=ALNI_MbL9YX8evIwA15NintqWyHc-1RF9g
.heictojpg.com/ Name: __gpi
Value: UID=00000c3253b05721:T=1684995483:RT=1684995483:S=ALNI_MaYHiXRm-3_sXrIj6sH-bevErZilg
.doubleclick.net/ Name: IDE
Value: AHWqTUmBLbmzhtQCnIub_P3QgGG_2WXE_nhJn3EWNk_08vRnvNKpw1dBPpL4GwxHqAY
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heictojpg.com
pagead2.googlesyndication.com
partner.googleadservices.com
script.hotjar.com
static.hotjar.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
13.224.249.35
13.224.249.66
13.33.88.7
142.250.4.156
142.251.10.154
142.251.10.94
142.251.12.139
142.251.12.154
64.233.170.103
74.125.130.95
74.125.200.94
74.125.200.97
74.125.24.132
74.125.24.155
082aeb0499910e2a86b6c72f2b9a2f367a14d7e7f83d8bd09477fdc20a91145a
150d581aecad944db72e7a924cbe84fe9c5bacc71367d628be06bce73b49dae7
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
2980d539e3feb1828a646d337666087a99c4474ec552b20317a8d33eabc2cfb3
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2c7e687696356c4791d1a9f5971f9bf1affd23e4f20a119dd30cb87830027cc1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3475cf5bf4c8b6137a1a45593aead80ba7f20a5ac571bb4d3fe7888fa83256c1
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
43424b37bcb22893c85d7afec073a9ab9831efe3be04cac5cdf67597e807369a
466fe0aab30517751ca267279e9a96c5a11f8c414cc3df44a43335ef6b13c46b
4c881172b48dc94436fb3f896557faa33919510dc6fe425d370a01353a49d60e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7b47b78f9dd84a22b5a8c296ba68539895666b262de5b796846203fe1679a7
5fdc5b3b573d46c4b92a2c559413ff6c080279ef1ffa541146e8cddf1bd813aa
61456b789d63502ce19d928a3674854ef9afe90fb389c112d5c67043c885f199
65c96fa92fce5d936673b55f7483286a3cd262d09b31b59361d4304b5074c852
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6797c077654da137fb8c518484a1b2e6fa32c76eb6427d620851693463ac89d1
6f5f795bb20ba8a62e888ce2353223d7c61e0c3873f2996ae85373063f133e5e
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
83db602412de74ff6978f800df8401ca7df3ef005f6ae9b9f19914faacf7e729
86630ca64a2e5b4cdb8c48d339dc7f59a8debdea958ab686d1ce02943f57cba6
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
945a89de71519f055210a7017dd9085bac79b6e45f5b6501bc46762f0dcfe3fe
99d3ba4ba69fb30e4b3a2e269563bf58cc0ac0918ef563c8d8680d29d92c292e
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ab27d4d363977244d793531ed6a3dbbe71261c9c89ddc629791601563b44218
a39a6fd730402c0d0938e850f1966e866530c09d360b97744e2f7ea6e2627115
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7bacca0e03265eee58945bd60c30ffea14d78b0cc013ced3e09fed49c34a95f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abb410d2cd2cf47f3499d4ca3492f3b00861f7021e18d7282f2f812939e115e1
b19ff3377b5153b354330a2af56960c37f039944f0437fcb0bf31f58a3240aa5
b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3
b7fa72f1b90d4180c2bb3e4de79853bc43fab82a46caa9478f45ed8a8bd363f7
be3e0dd0e4fa607ea6209de58a5c1d5fea515b6aae3aadf7fce3dbb5f5e9dd4e
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
ca211d08fcc2281a85fb1ce611de7dbf3397ac44c0033a66818b22494d832685
cc57b08542d4327d5b535bac4c8243adf7314d9c12e205b92a7f488800637a94
ceb36233adf78d00274ba74c08b9369a1296825825f4ec0e21c878236b15d8f5
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58cde9d54dc6e3e69df8a8a473ed53b204d275f4db20f364fd9ab1da9d35d91
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee4a38008451bdfb5e92e46122372d2f730d67ad5f741414f0fee06a3fd9ae12
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb42694d55e5618dca783be12eeb55a0095951013cd0a098365a5417edcd096b