pesktop.com Open in urlscan Pro
172.67.185.140 Public Scan

URL: https://pesktop.blog/en/how-to-disable-real-time-protection-on-microsoft-defender-antivirus/
Title: How to disable Windows Defender Antivirus

URL: https://pesktop.blog/en/how-to-open-a-rar-or-zip-file-on-your-computer/
Title: How to decompress RAR files

URL: https://pesktop.blog/en/how-to-download-softwares-from-pesktop-com/
Title: How to download softwares from PeskTop

URL: https://www.facebook.com/pesktop.co
Title: go to the contact page

URL: https://pesktop.blog/
Title: Blog

URL: https://pesktop.shop/
Title: PeskTop Digital market

URL: https://join.skype.com/invite/I5yvlC7o9flz
Title: skype (Business only): live:.cid.843116bc25d7b388

URL: https://twitter.com/Pesktop2
Title: Twitter

URL: https://www.reddit.com/r/pesktop/
Title: reddit

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

92 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wondershare_mirrorgo Show response
pesktop.com/en/windows/ 76 KB
20 KB 355ms
280ms Document
text/html 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6671c7bdd1d137796cc49531c96be9b09c779681b3296d79ecd09077ddb55a17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate public
cf-cache-status: DYNAMIC
cf-ray: 7d44eac72abed94f-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 23:29:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmGYnRE7pVt%2B3JEvch3IZ9nEZoVW%2FyO58bElsxjCDwFP31bMtHRpTqpvRm3QjltPwIxNJy80ISb%2BdC8jmpXF5Et780Jv6DX5zeNIKQGd1c7%2FG%2BJOT7Iu%2Ff5AbU5%2BFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cachen: MISS

GET
H2 200 them.css
pesktop.com/css/fontawesome-free-5.15.1-web/css/ 326 KB
44 KB 56ms
54ms Stylesheet
text/css 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/css/fontawesome-free-5.15.1-web/css/them.css
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d335153ae29a31fecfcef6fe4564eb1d4ee8494e1c3a6cfdb8e484d47a049c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255186
cf-polished: origSize=335509
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: W/"647512bc-51e95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz87zLdR918%2FMJ5sFpmcVtL313Zbt%2Fu6Rz2UmFF%2FdZuvNCdc%2BsnLGm%2B2PQx86NdqnaluIfE9p9R2LYtJ8erCLOoCPjNqJAw7DyG06M3CaahKVdQ8C%2FkCop6HPQ7P7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7d44eac8fd51d94f-HEL
expires: Thu, 06 Jul 2023 00:25:04 GMT

GET
H2 200 jquery.min.js Show response
pesktop.com/js/ 87 KB
32 KB 54ms
53ms Script
application/javascript 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/js/jquery.min.js?v=1
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156497
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: W/"647512bc-15d83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr8SMZR7yNDr2FXUlHZlXKz5e4yp60UY3kqCQnGZLvVF7cvr%2BtxSonfnqCiiMyCtWXrePIP%2BFjUjV0OF9%2BKkiO%2BeeRqZNDAO3ipFtJoEzK%2FUbM820PrWvAutW%2FtxvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7d44eac8fd53d94f-HEL
expires: Fri, 07 Jul 2023 00:55:00 GMT

GET
H2 200 uikit.min.js Show response
pesktop.com/js/ 129 KB
42 KB 41ms
41ms Script
application/javascript 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/js/uikit.min.js
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4ea41f25eb44f87afa2c24e4cfb2e51b7dd90be2db44d0e4a738c00367861c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255186
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: W/"647512bc-203c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WhyoYkQD4HF6472dyG613Z15AcMjyy37xzm%2Be655vm2Ls7mj8I5uiR7pKnjLowsXSb2xBUu7fpvDdltdNGTnM6YcdSDi52Y2OTgPNZev1lom6KobBY84Z15xuHlOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7d44eac8fd54d94f-HEL
expires: Thu, 06 Jul 2023 00:25:04 GMT

GET
H2 200 uikit-icons.min.js Show response
pesktop.com/js/ 63 KB
18 KB 54ms
54ms Script
application/javascript 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/js/uikit-icons.min.js
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92032210415eed3afc2810edff2e16273213d59bb0eb1066e3ef06859f5a090

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: W/"647512bc-fa1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lKosROWrJjXpN817TDA8FlHFx0NN2h3pAdSrUqfo8EHnj5a%2FopleVIHDLmePgvj9IApnsTRmWbZn%2F%2B%2FsyCazOGl2H7hXxMPM3KT1sKjhyHH1zrRBJ0tetUsM1vglw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7d44eac8fd55d94f-HEL
expires: Thu, 06 Jul 2023 00:25:04 GMT

GET
H2 200 script.js Show response
analytics.pesktop.com/js/ 1 KB
1 KB 52ms
41ms Script
application/javascript 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.pesktop.com/js/script.js

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 08 Jun 2023 00:55:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYPc1BbAz6%2FDAsV6IbbASK7R0QWnxqyqCOSyZC128evZD5jf6HKr0FkGVgLk2Eyzq5T4ucnlNdfipJUxbSEEmm%2BzmilKl32Td0kyrslTOmfC6hok8W%2Bq9V4V1vD2gewnhcqIaxK4Wko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
cf-ray: 7d44eaca1e8dd94f-HEL

GET
H3 200 aHR0cHM6Ly9wZXNrdG9wLmNvbS9jc3MvaW1nL2xvZ28ucG5n.png
pesktop.com/gP-etuks3EEPDsum9ZGlMhFDlWFPOsmxanZ5HKoOYME/w:50/h:50/rt:fit/el:1/ 4 KB
4 KB 61ms
60ms Image
image/png 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pesktop.com/gP-etuks3EEPDsum9ZGlMhFDlWFPOsmxanZ5HKoOYME/w:50/h:50/rt:fit/el:1/aHR0cHM6Ly9wZXNrdG9wLmNvbS9jc3MvaW1nL2xvZ28ucG5n.png

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678e7ff0567dd4c3ce75ede0634ad445a8014e5e34443e8b8727f891ee858eec

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255376
content-disposition: inline; filename="logo.png"
alt-svc: h3=":443"; ma=86400
content-length: 3746
x-request-id: 6WZJjzvUlv-9gLfgeGSOj
last-modified: Tue, 06 Jun 2023 00:25:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlNFqcreLgg6QXlDexw0Y9Had%2BvoJpS4rqLjScUKb5tpiPuKiZVttVeHjTbRZ22xa8QoDmMPvSuhGbPNm26xSYd%2Fo%2FIFeLcyWZqYBiuHLVpc874urIpv5qBM455E5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d44eaca0f54d0d9-AMS
expires: Wed, 05 Jun 2024 00:25:05 GMT

GET
H3 200 aHR0cHM6Ly9wZXNrdG9wLmNvbS91cGxvYWRzLzJiNWYzM2QzYTcyMmQ4OGI4ZmM3NzgyZDYzYWY3YTE4LnBuZw.png
pesktop.com/KdEnHCZiseR9jCtwRvEVwImyK9IYedNaA538AZLZT4k/w:40/h:40/rt:fit/el:1/ 2 KB
2 KB 65ms
64ms Image
image/png 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pesktop.com/KdEnHCZiseR9jCtwRvEVwImyK9IYedNaA538AZLZT4k/w:40/h:40/rt:fit/el:1/aHR0cHM6Ly9wZXNrdG9wLmNvbS91cGxvYWRzLzJiNWYzM2QzYTcyMmQ4OGI4ZmM3NzgyZDYzYWY3YTE4LnBuZw.png

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b418847bd1abdd9879342e7984439d6809aa0a9803f1fd90acfa8bb681191cd8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="2b5f33d3a722d88b8fc7782d63af7a18.png"
alt-svc: h3=":443"; ma=86400
content-length: 1891
x-request-id: nsa5AEX8P_dHBOm7Ck8Wq
last-modified: Tue, 06 Jun 2023 00:50:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3mnmBHse4W6iAh6Rx02O80x7L8rx9JOqcjEaj4i80iFjyBroClKNcEYzKGdAOnaN%2FFd%2FrCxdj6mBYobfEADhB%2BVYOjCKcUbWSs6XIkd%2F2HpMPiw8X2TXBJmanrVWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d44eaca0f56d0d9-AMS
expires: Wed, 05 Jun 2024 00:50:21 GMT

GET
H3 200 aHR0cHM6Ly9wZXNrdG9wLmNvbS91cGxvYWRzLzljNGJhMTlmNjExMThlMjhhMTZhNTk5MWQxZWFkYWM2LmpwZw.jpg
pesktop.com/qjHOfCAkNigi4bMCqUg0Bl27G82NAZ4o3eJkkSY911c/w:700/h:400/rt:fill/el:1/wm:0.8:soea:16:16:0.2/ 57 KB
58 KB 65ms
64ms Image
image/jpeg 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pesktop.com/qjHOfCAkNigi4bMCqUg0Bl27G82NAZ4o3eJkkSY911c/w:700/h:400/rt:fill/el:1/wm:0.8:soea:16:16:0.2/aHR0cHM6Ly9wZXNrdG9wLmNvbS91cGxvYWRzLzljNGJhMTlmNjExMThlMjhhMTZhNTk5MWQxZWFkYWM2LmpwZw.jpg

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4373fe207c1aba318e92a102fbb30ba6bfdfd3ff8f110fd6237ba5c4fd326250

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="9c4ba19f61118e28a16a5991d1eadac6.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 58516
x-request-id: W_q88zr4GJxuxNUi1kxE9
last-modified: Tue, 06 Jun 2023 11:12:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XbNZRugrC2U%2BubQtL369pcz6Q5zWd0T7k1JBQd5j2pz%2F7alUkq67Sr3u0%2BmE6TJaahID1ZfC8Rrm9vInfimI77HzxyHE%2FNOkQQIdWAET1uQfLs%2B5NvNvTe6MCHy4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d44eaca0f57d0d9-AMS
expires: Wed, 05 Jun 2024 11:12:01 GMT

GET
H3 200 email-decode.min.js Show response
pesktop.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 53ms
53ms Script
application/javascript 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pesktop.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 May 2023 15:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6476145d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGlEXrBvGORRmrbZVuGtTtopptNQkMQnzyHQDhx8jdb8yVFiEfL4bbGAkcMxOSuz127NnCG%2FpPwUHFMXG1oqqgEzK7HTj%2BTpOjOlWPiGfQ2XRzks%2Fm98YyGp8Kf7pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d44eac9af09d0d9-AMS
expires: Sat, 10 Jun 2023 23:29:28 GMT

GET
H3 200 jquery.lazy.min.js Show response
pesktop.com/js/ 5 KB
3 KB 56ms
56ms Script
application/javascript 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/js/jquery.lazy.min.js
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255785
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: W/"647512bc-139f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4KEj9GiG9TEiCPgMvZBkn7dgLTKaef8DA9bJbZeiZHQEtUl1CPPphCwkV2j88do4zf2HbyoOi3S2%2BL5%2Fue4jRsOGOWiU1JttQJeznLecFKEej8RZTRrKkc3f%2FvpBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7d44eac9ef31d0d9-AMS
expires: Thu, 06 Jul 2023 00:25:05 GMT

GET
H2 200 5820276 Show response
optyruntchan.com/400/ 86 KB
33 KB 210ms
87ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://optyruntchan.com/400/5820276

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe18e6d365e307b076eed414821ecdae7290ba033f35a2fc4943c69c0c0128f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-trace-id: 495503e951e0af4c9337f9bbee786922
pragma: no-cache
date: Thu, 08 Jun 2023 23:29:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 203ms
79ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b8c0aae44e7b4a6bab82f61925a9d558ae24626366ad4a8cbf22a89689ad544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47393
x-xss-protection: 0
server: cafe
etag: 13409277237086901042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 23:29:28 GMT

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54ba065e03174f3e4ab77706fda9812a50e6b00034cecb79c5d7ad45c1d91cc

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 7712e50ecac759e968ac145c0c4a6d33.woff2
pesktop.com/css/fonts/Droid-Arabic-Kufi/ 31 KB
31 KB 136ms
136ms Font
application/octet-stream 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/css/fonts/Droid-Arabic-Kufi/7712e50ecac759e968ac145c0c4a6d33.woff2
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1f1e1263acaf27bb6b7a98d384f0e72bd11f37f29e8bdfeaeb2746dfab35e4d

Request headers

Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
Origin: https://pesktop.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255234
alt-svc: h3=":443"; ma=86400
content-length: 31496
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: "647512bc-7b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=609ZNOdMtbSiPTDnyL2ZmjUn4Zy%2BlwIlQZr19QEwJkc2TPNAmthD30Lm%2FbWrEt62s34dwkuZ2bqp54WuOl%2FDVtWq966rUNGqdrAx1kGEM1%2BFpefpJ53oFJZJVZGSWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7d44eaca4f9ed0d9-AMS
expires: Thu, 06 Jul 2023 00:25:05 GMT

GET
H3 200 fa-solid-900.woff2
pesktop.com/css/fontawesome-free-5.15.1-web/webfonts/ 78 KB
79 KB 136ms
135ms Font
application/octet-stream 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/css/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff2
Requested by: Host: pesktop.com
URL: https://pesktop.com/css/fontawesome-free-5.15.1-web/css/them.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://pesktop.com/css/fontawesome-free-5.15.1-web/css/them.css
Origin: https://pesktop.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255785
alt-svc: h3=":443"; ma=86400
content-length: 80300
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: "647512bc-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuDSuZeKmmlf6sRJsxSnTTOfhBks7JO1ZErIBPA7uRtSGW5VqxHLzYtPEc3rmP8RbO%2BlbJeclrQnYv2AfrKLklgUN72rhFY7CFofZZ7duo4sJ0coVwW2jBVdUgXlNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7d44eaca4f9fd0d9-AMS
expires: Thu, 06 Jul 2023 00:25:05 GMT

GET
H3 200 fa-brands-400.woff2
pesktop.com/css/fontawesome-free-5.15.1-web/webfonts/ 77 KB
77 KB 89ms
88ms Font
application/octet-stream 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/css/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff2
Requested by: Host: pesktop.com
URL: https://pesktop.com/css/fontawesome-free-5.15.1-web/css/them.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://pesktop.com/css/fontawesome-free-5.15.1-web/css/them.css
Origin: https://pesktop.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255233
alt-svc: h3=":443"; ma=86400
content-length: 78460
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: "647512bc-1327c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmyvNqRpnsgoYJj%2BUIrji0Bp3fwtwTgXTHr15nwS8C4yyZqHEnRkquc3Y%2BstsXoHH6JBwyl%2B1W3ttR0PBB%2BWpIagkZx%2FardEJsXudMIOJN1jAEyFChfmkxII7D0p6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7d44eaca4fa0d0d9-AMS
expires: Thu, 06 Jul 2023 00:25:05 GMT

GET
H3 200 1b89eb34f74a02c0681727faadf48466.woff2
pesktop.com/css/fonts/Droid-Arabic-Kufi-Bold/ 31 KB
31 KB 232ms
231ms Font
application/octet-stream 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/css/fonts/Droid-Arabic-Kufi-Bold/1b89eb34f74a02c0681727faadf48466.woff2
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6611a86e5c7198f364f3eb3ae87f70c46296fb6bf4d53512c58829f5c0ac8572

Request headers

Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
Origin: https://pesktop.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255852
alt-svc: h3=":443"; ma=86400
content-length: 31236
last-modified: Mon, 29 May 2023 21:01:48 GMT
server: cloudflare
etag: "647512bc-7a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piBT%2FoTiUPIJs8w7xtCt94jj%2FFD0eOR%2BOPigsiFGCvI%2BWYFWKE%2BSWF32xpOP0N2OnLnRtIB%2FFcWu2GOmh9EAGjoP%2FlVqhbhp6B8eSUGxuOZLPQl%2BwjVKG%2B%2BnQkX3xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7d44eaca4fa2d0d9-AMS
expires: Thu, 06 Jul 2023 00:25:05 GMT

POST
H3 202 event Show response
analytics.pesktop.com/api/ 2 B
518 B 163ms
122ms XHR
text/plain 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pesktop.com/api/event
Requested by: Host: analytics.pesktop.com
URL: https://analytics.pesktop.com/js/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://pesktop.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FkoOqYNBQSNetANL0GabC2tQefvF21V17awZ7IXd8xzKyut%2BAzWlPn%2B3psuyEFZO7UST3Tn7G%2B1b4tJlWxmSt%2BEo2WmlFxUfc7IHPoCVRaEoF7o8MOwQkDWBd4pPn6aTK3VyPI7CdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d44eacaef70d98d-HEL
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F2bS37uua_Ac1oMDCORB

GET
H3 200 Wondershare_MirrorGo Show response
pesktop.com/en/Main/comments_by_id/ 77 B
642 B 173ms
169ms XHR
text/html 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/en/Main/comments_by_id/Wondershare_MirrorGo
Requested by: Host: pesktop.com
URL: https://pesktop.com/js/jquery.min.js?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b59617aa5caa3a3a60799faa7fa4995a371fb8bdd01ff9994a36ab07a9717c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FO2E5qkv6D6dR%2BlX1Bgw%2BWlvHXs85dcb2pEf2l91o%2FPz91uHK8QAd8LRYrPUXF4R3RSQcSebWqUkioyslg4170XQ9wjmJ%2B2kTb5iDG8ubet7v8hc4%2BmHbT%2BTyfoBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, public
cf-ray: 7d44eacae825d0d9-AMS
alt-svc: h3=":443"; ma=86400
x-cachen: MISS
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 fetch Show response
pesktop.com/en/Main/ 59 B
619 B 133ms
133ms XHR
text/html 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/en/Main/fetch
Requested by: Host: pesktop.com
URL: https://pesktop.com/js/jquery.min.js?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e30aec8be479b6f0c50ffabcf73950bc698cdbb5b04cdbe219276c5298ba56

Request headers

Accept: */*
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgOxeNTg8MG286QtYwGevyhu26doFGxayMkFV%2Fvp4FAZ0Q%2BXioD52uIsPQ3jfY9v55Fdd0AHUs42bUjeiCQs8aJdZmMiJzVvsA%2B8NL0G0T2OE4rVTY%2FhPdmf%2BRnb4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, public
cf-ray: 7d44eacaf82ad0d9-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 fetch Show response
pesktop.com/en/Main/ 59 B
618 B 160ms
159ms XHR
text/html 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pesktop.com/en/Main/fetch
Requested by: Host: pesktop.com
URL: https://pesktop.com/js/jquery.min.js?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e30aec8be479b6f0c50ffabcf73950bc698cdbb5b04cdbe219276c5298ba56

Request headers

Accept: */*
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwcRw0iSIU0pfEl2qGGzBCaYRnMyniEYdFLEt2IEQdR4WDbPRzC2qsdBr%2FVvt55cgmN8Rnw%2FmPki5%2Fjb7asIih3N1UWM4%2F7gYfp3NxdyH8S98R03QxxocubCtM9DLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, public
cf-ray: 7d44eacaf82bd0d9-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 apu.php Show response
cdn.itskiddien.club/ 78 KB
30 KB 194ms
96ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/apu.php?zoneid=5820419

Requested by

Host: optyruntchan.com
URL: https://optyruntchan.com/400/5820276

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8d1d0bca7e755b3c365c75e8b3f1235aadbf679d47160daf1e9b1aa5798c30eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: d478a7721c671849042f73da5400f415
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 168ms
59ms Script
application/javascript 172.64.133.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: optyruntchan.com
URL: https://optyruntchan.com/400/5820276
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3891
etag: W/"646736cf-4447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEsMbarp%2F7oxQYBlyIT1jRmcbQlt1UZaZve%2BprqdoGfv%2FOSe9YuNchILn2FRetKacuzDEr62IL09CdHZCnRJegPZIjXnpy0C8w0hdD5WCydwbt%2BoWQyoR%2BnP3hqemg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d44eacc5d340b52-AMS
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ 352 KB
118 KB 84ms
83ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7350624020470624&plah=pesktop.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5550d8786711cf7b59b6c514a0c921a427dbb5b6d93706f0096de3b2f62c86d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121041
x-xss-protection: 0
server: cafe
etag: 12517104001367820084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 23:29:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 44E2 10 KB
5 KB 59ms
52ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 80451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 01:08:37 GMT
etag: 15057649708203361565
expires: Thu, 22 Jun 2023 01:08:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
481 B 148ms
48ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://pesktop.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 08 Jun 2023 23:30:00 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pesktop.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 148ms
46ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: optyruntchan.com
URL: https://optyruntchan.com/400/5820276

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c3ebd7f05c0d5a17a4a30da5f43f8afff0b51c0f6e9570e9adeb9b19ed0b5d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pesktop.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 171ms
59ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pesktop.com&callback=_gfp_s_&client=ca-pub-7350624020470624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7350624020470624&plah=pesktop.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

eecd9a6ccef1372c0fdbefd37f1e3618765045f118dbb6fa227a7da1e215fb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
531 B 201ms
72ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=pesktop.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 172ms
58ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pesktop.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AAD1 95 KB
33 KB 1202ms
1202ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=280&slotname=4809506808&adk=2607259478&adf=1191279391&pi=t.ma~as.4809506808&w=800&fwrn=4&fwrnh=100&lmt=1686266969&rafmt=1&format=800x280&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968928&bpp=6&bdt=467&idt=193&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&correlator=8656792211824&frm=20&pv=2&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TQLv0V1kR5&p=https%3A//pesktop.com&dtd=210

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139fdc30936820211aaa780c39caa9f5d3c0be79049c6a219a8a5c038a45f3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34133
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:30 GMT
expires: Thu, 08 Jun 2023 23:29:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 965F 108 KB
36 KB 437ms
436ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=182&slotname=6084033798&adk=1887546215&adf=512970455&pi=t.ma~as.6084033798&w=713&lmt=1686266969&rafmt=11&format=713x182&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968934&bpp=1&bdt=473&idt=220&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=2084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vwD11YRIaC&p=https%3A//pesktop.com&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a88236486c8b6cbed86984954fa69f9fe9b23bc9b7cadbc273f123f8210d920b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36813
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:29 GMT
expires: Thu, 08 Jun 2023 23:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01C5 96 KB
34 KB 505ms
503ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=600&slotname=8240990512&adk=2272989559&adf=2134398454&pi=t.ma~as.8240990512&w=298&fwrn=4&fwrnh=100&lmt=1686266969&rafmt=1&format=298x600&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968935&bpp=1&bdt=474&idt=273&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C713x182&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bjcG0udzb6&p=https%3A//pesktop.com&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24af6199c2c75c4fc71ca3d79dd7b48dcb75df92aa00914ab77dc30d92d3a352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:29 GMT
expires: Thu, 08 Jun 2023 23:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6759 5 KB
834 B 102ms
102ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&adk=2853553017&adf=4088571596&lmt=1686266969&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968952&bpp=2&bdt=491&idt=268&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C713x182%2C298x600&nras=1&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=286

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

cafe /

Resource Hash

5e9f5919e0b74297b7ed518995e679884f2d5ad2d0f61fa7ee74db01c69989ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:29 GMT
expires: Thu, 08 Jun 2023 23:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5820276 Show response
optyruntchan.com/500/ 1 KB
1 KB 171ms
171ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://optyruntchan.com/500/5820276?excludes=&oaid=9eed1a1f27414683a691b03626b3d57a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: optyruntchan.com
URL: https://optyruntchan.com/400/5820276

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ea9a3dc795494204b07d1130337f95d73374508f11947c0cf6cfcafe1b394dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://pesktop.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 8016763877aae37ab5a721f0bec3625f
pragma: no-cache
date: Thu, 08 Jun 2023 23:29:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://pesktop.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 5820276
optyruntchan.com/500/ Frame 0
0 141ms
44ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pesktop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pesktop.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Thu, 08 Jun 2023 23:29:29 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 17ebb869da9235f06a74f528304b0892.png
offerimage.com/www/images/ 33 KB
33 KB 103ms
35ms Image
image/png 172.67.22.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/17ebb869da9235f06a74f528304b0892.png
Requested by: Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.22.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13118d06cd7eb186a2c437a407088d15b0f901d0e00093474fbb277b2167417

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 01:30:06 GMT
server: cloudflare
age: 74838
etag: "64812f1e-84c1"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d44ead05bae0a29-ARN
content-length: 33985
expires: Fri, 09 Jun 2023 02:42:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 965F 6 KB
1 KB 193ms
68ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=182&slotname=6084033798&adk=1887546215&adf=512970455&pi=t.ma~as.6084033798&w=713&lmt=1686266969&rafmt=11&format=713x182&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968934&bpp=1&bdt=473&idt=220&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=2084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vwD11YRIaC&p=https%3A//pesktop.com&dtd=231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 22:49:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 23:29:29 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 965F 34 KB
14 KB 172ms
52ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aadb1ed053ff8a74db916c5bf4f457fd01b0317e376983f04c495b94762cf43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13622
x-xss-protection: 0
server: cafe
etag: 12561890283913249334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 03:35:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 965F 175 KB
55 KB 195ms
67ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 23:29:29 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2767292546947864748/ Frame 965F 13 KB
13 KB 120ms
118ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2767292546947864748/14763004658117789537?w=400&h=209&tw=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83d0cdc4ad3b233a4be1e6be439c1124d1c3ef5f20c77c93b9f8faa2d6e8d64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 16:59:48 GMT
x-content-type-options: nosniff
age: 109781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13059
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 13:42:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jun 2024 16:59:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 965F 23 KB
9 KB 108ms
107ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 965F 3 KB
1 KB 117ms
117ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 965F 20 KB
8 KB 112ms
111ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 01C5 6 KB
779 B 70ms
69ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=600&slotname=8240990512&adk=2272989559&adf=2134398454&pi=t.ma~as.8240990512&w=298&fwrn=4&fwrnh=100&lmt=1686266969&rafmt=1&format=298x600&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968935&bpp=1&bdt=474&idt=273&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C713x182&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bjcG0udzb6&p=https%3A//pesktop.com&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 22:36:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 23:29:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 01C5 2 KB
974 B 52ms
52ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 01C5 0
0 96ms
96ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL6OJWWSCZNm6D4yngAfFio-YAfa_hcJulqyapMMP29keEAEgqpSnYGDxrfyFpB-gAee3oJUDyAEJqQITPiLWcRWyPqgDAcgDywSqBOgBT9CtRrbMLnYlFyoZuzGO-urO-HMTyVug5GGi8f5iHacmxK5G6sCztTZ94jhI8BvSVA2bHmzYbMUerSTiOY6yTNkA0kYnvZnmXE6LktrZntjlImCNpJ36oN905SEvAw3amaC70VMGlD1RybXA0s4uqvjTFYNMr3a2yD_mxxBVj6RIWB84P_wJSW_Ctjpe3LEduiJfAX1Gsvvlzn0cTU6kBBxk1-27bdelDc1PCTN_WJSjJbGHtLu10IXtGjn77CS8UPNlodxaq0P0v8JSHqGrjsvRAw7bIh43SnV7GI8zaOgQoI3enjlY3sAEwYntt-EDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HI32qoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBChkALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi03MzUwNjI0MDIwNDcwNjI0GAA&sigh=YTgyOcXCr08&uach_m=[UACH]&cid=CAQSGwBygQiDRwWRFdo_TrpYeM9v2YqVsFaWmkPpJxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=600&slotname=8240990512&adk=2272989559&adf=2134398454&pi=t.ma~as.8240990512&w=298&fwrn=4&fwrnh=100&lmt=1686266969&rafmt=1&format=298x600&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968935&bpp=1&bdt=474&idt=273&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C713x182&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bjcG0udzb6&p=https%3A//pesktop.com&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Jun 2023 23:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 23:29:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 01C5 23 KB
9 KB 52ms
51ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 01C5 3 KB
1 KB 85ms
85ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 01C5 20 KB
8 KB 70ms
69ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01C5 175 KB
55 KB 128ms
128ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 23:29:29 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 01C5 32 KB
14 KB 181ms
51ms Script
text/javascript 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:20:12 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/3465704149507231772/ Frame 01C5 75 KB
75 KB 84ms
84ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3465704149507231772/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

862a5abc87064bb3170533094f2131da2b27e5cc9dd00c64b0d10bbb1ff9c1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:38:14 GMT
x-content-type-options: nosniff
age: 438675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76682
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 12:18:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 21:38:14 GMT

GET
DATA 200
OK truncated
/ Frame 01C5 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 01C5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168e6cc40ad055f2b59d8eb607e3f582e70dad1d85fe62aee3797ebf86b83f95

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Ys0KVJknytqNEfMSElvzJgCYyI5i6nFOJfG75IbdR4dWYCOKzfXUzSD66o8hi7sQvEdYBbHui41ed51YJpmApUyLM4nv3NiHZIpPil_0o6CCjDyzS7VgKHeDorybfjCN8qWCxfmwfvpiyhCYXPNmZ9DH3iHi8gmrgiZ2g5vVINS9YMgexDA23EKlKi8aWyzK00HJZ...
optyruntchan.com/impression/ 43 B
421 B 46ms
45ms Image
image/gif 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://optyruntchan.com/impression/Ys0KVJknytqNEfMSElvzJgCYyI5i6nFOJfG75IbdR4dWYCOKzfXUzSD66o8hi7sQvEdYBbHui41ed51YJpmApUyLM4nv3NiHZIpPil_0o6CCjDyzS7VgKHeDorybfjCN8qWCxfmwfvpiyhCYXPNmZ9DH3iHi8gmrgiZ2g5vVINS9YMgexDA23EKlKi8aWyzK00HJZtd9N9o5vBn1wBrcGLu2GcR9lz5V-CttY3oyI_xUPVwPq9z6_G7_tnyA9ccfgyRDlXBL1lF0N-BcuCGzFCSvqt7xmDaFdGQdlHqQaZTDgx0KSwpsJX0Q6T4D0HVLwLUWiQVLU8addD6Bf7WeIH2Ua72AV9nVU-j2Gpm_wGepmuopdNScIgn7nHE=?_z=5820276&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: pesktop.com
URL: https://pesktop.com/en/windows/wondershare_mirrorgo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-trace-id: b09e887357b6e720d227661fa8b4f36c
pragma: no-cache
date: Thu, 08 Jun 2023 23:29:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 17ebb869da9235f06a74f528304b0892.png
offerimage.com/www/images/ Frame A456 33 KB
33 KB 38ms
38ms Image
image/png 172.67.22.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/17ebb869da9235f06a74f528304b0892.png
Requested by: Host: optyruntchan.com
URL: https://optyruntchan.com/400/5820276
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.22.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13118d06cd7eb186a2c437a407088d15b0f901d0e00093474fbb277b2167417

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:29 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 01:30:06 GMT
server: cloudflare
age: 74838
etag: "64812f1e-84c1"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d44ead21c130a29-ARN
content-length: 33985
expires: Fri, 09 Jun 2023 02:42:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 965F 0
0 105ms
104ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRvCQWWSCZJ7fDMz8gQf6vKCwC6m2-qBr2cb96fYP46Xgn64CEAEgqpSnYGDxrfyFpB-gAa6J8fIDyAEGqQIZao7tUBG1PqgDAcgDywSqBNwBT9DZgI-NpejRtMk56qukIn7qatCPHu8SD-vmShWADFBOs8P6_AYHWP4iizZxUtMfNJBqwiKM0ydHL5PzYKJvbWWLuh9I1hz0vg-ctCoK2_rr7_uPqOPz4MyUXpZZEj9FP9HOIAT37LSNB6PbaMGrSZsuAGn2ImXjeeTJDOyGqOY-RhN2jPXSZ7Zwp2RsrZrl-CMQAAygvj6NtXiu4CGUcihhwhu4Blfoq-MUj9UazBOsEyokO6xRETYKWzhc-gQf4tQKW0Rs6Lgjxh5xJmX3fBcg4ZPqr2W6hXjtf8AE8sDH64sEkgUECAQYAZIFBAgFGASgBjeAB7r2jg2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD7pAHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMLiBQD0BUBgBcBshccChoIABIUcHViLTczNTA2MjQwMjA0NzA2MjQYAA&sigh=m_tlISe6lMo&uach_m=[UACH]&cid=CAQSGwBygQiDYxR-uTWaVlOa8D_aS1vDSf59zvALshgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=182&slotname=6084033798&adk=1887546215&adf=512970455&pi=t.ma~as.6084033798&w=713&lmt=1686266969&rafmt=11&format=713x182&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968934&bpp=1&bdt=473&idt=220&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=2084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vwD11YRIaC&p=https%3A//pesktop.com&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Jun 2023 23:29:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D543 143 B
166 B 52ms
51ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=182&slotname=6084033798&adk=1887546215&adf=512970455&pi=t.ma~as.6084033798&w=713&lmt=1686266969&rafmt=11&format=713x182&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968934&bpp=1&bdt=473&idt=220&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=8656792211824&frm=20&pv=1&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=2084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vwD11YRIaC&p=https%3A//pesktop.com&dtd=231
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:16:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 965F 16 KB
16 KB 178ms
65ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:08:02 GMT
x-content-type-options: nosniff
age: 447688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 19:08:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 965F 15 KB
15 KB 220ms
108ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 461077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 15:24:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 965F 15 KB
15 KB 249ms
137ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 503943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
DATA 200
OK truncated
/ Frame 965F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccd587612d14b45adc598d8b4d112eb98603dc4f41d6684b472c91143ab7c8d8

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 01C5 15 KB
15 KB 199ms
150ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 503943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 01C5 15 KB
16 KB 98ms
50ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 455115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 01C5 15 KB
15 KB 167ms
120ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 461077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 15:24:53 GMT

GET
H2 204 5820276 Show response
optyruntchan.com/500/ 0
458 B 177ms
177ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://optyruntchan.com/500/5820276?excludes=18043599&oaid=9eed1a1f27414683a691b03626b3d57a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: optyruntchan.com
URL: https://optyruntchan.com/400/5820276

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://pesktop.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 87b5e0b5978011c603d14668b12106b6
pragma: no-cache
date: Thu, 08 Jun 2023 23:29:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://pesktop.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 5820276
optyruntchan.com/500/ Frame 0
0 44ms
44ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pesktop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pesktop.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Thu, 08 Jun 2023 23:29:30 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D543
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
62ms

Document
text/html

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:30 GMT
expires: Thu, 08 Jun 2023 23:29:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 392A 37 KB
14 KB 52ms
51ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AAD1 6 KB
802 B 80ms
80ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=280&slotname=4809506808&adk=2607259478&adf=1191279391&pi=t.ma~as.4809506808&w=800&fwrn=4&fwrnh=100&lmt=1686266969&rafmt=1&format=800x280&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968928&bpp=6&bdt=467&idt=193&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&correlator=8656792211824&frm=20&pv=2&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TQLv0V1kR5&p=https%3A//pesktop.com&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 23:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 22:44:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 23:29:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame AAD1 2 KB
892 B 52ms
51ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AAD1 0
0 96ms
95ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG7UAWWSCZNrPCovxgAfi1p_oCPa_hcJuzvaj_pwO29keEAEgqpSnYGDxrfyFpB-gAee3oJUDyAEJqQI8pXd7MRayPqgDAcgDywSqBOUBT9C5avFz9XQSGqyAB0AU0vx0fjFVKUcSNxxVJB8oT6hLJ8mO3yvjQkwZqz5vu5hVGD3yK_zwyUCUMimF2hoImzebdfKs_HuZgWE-kIYTB5y7TiIqQK3gHPlYUCWRCzoGBxq0PjWaYRsje2lffYELZpg_h21sPB3AKac3nKklHH-1oIYLAwTzGMyPNBaqKsk4D-dr0smXKB4DtqHM5F4kr_WigH8JeWbLwmsDbWBLvjHL2x3P_HyGeTKBB0qhQ0ZVik4xZnzI7Qs8nftHfTsfuPvNKrWgDzDeNUU1uN3vevUIhc7tT8AEwYntt-EDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HI32qoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDZ4AbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03MzUwNjI0MDIwNDcwNjI0GAA&sigh=5dd_f5_OhKs&uach_m=[UACH]&cid=CAQSGwBygQiDSsNZtOKoAvLLgLx4LdHYZilc01wkIBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7350624020470624&output=html&h=280&slotname=4809506808&adk=2607259478&adf=1191279391&pi=t.ma~as.4809506808&w=800&fwrn=4&fwrnh=100&lmt=1686266969&rafmt=1&format=800x280&url=https%3A%2F%2Fpesktop.com%2Fen%2Fwindows%2Fwondershare_mirrorgo&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686266968928&bpp=6&bdt=467&idt=193&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&correlator=8656792211824&frm=20&pv=2&ga_vid=1041330035.1686266969&ga_sid=1686266969&ga_hid=48226975&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C42531705%2C44772268%2C44788441%2C44793500&oid=2&pvsid=2043122548278374&tmod=1315782723&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TQLv0V1kR5&p=https%3A//pesktop.com&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Jun 2023 23:29:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9411314677150886406/ Frame AAD1 43 KB
43 KB 52ms
52ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9411314677150886406/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7a6afe949f02c51c23f8fea1b7a2fe404d55265ab44e87b71de83b0d977c06f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:54:26 GMT
x-content-type-options: nosniff
age: 437704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43843
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 21:54:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame AAD1 23 KB
9 KB 81ms
81ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame AAD1 3 KB
1 KB 90ms
90ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame AAD1 20 KB
8 KB 54ms
54ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:36:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAD1 175 KB
55 KB 65ms
63ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 23:29:30 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame AAD1 32 KB
13 KB 51ms
49ms Script
text/javascript 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:20:12 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D89 37 KB
14 KB 52ms
51ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:18 GMT

GET
DATA 200
OK truncated
/ Frame AAD1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8395a4c604803fb4afd5d36a2e35437b71b65ea11944266e02f2ad34bbcd95b7

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAD1 15 KB
16 KB 50ms
49ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 455115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAD1 15 KB
15 KB 54ms
54ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 461077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 15:24:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAD1 15 KB
15 KB 58ms
58ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 503943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 aHR0cHM6Ly9wZXNrdG9wLmNvbS9jc3MvaW1nL2ZsYWctNDAwLnBuZw.png
pesktop.com/3L7tQUD8cnKnJVcbduNgTlwdw2SnJYoNC83Fm2AoJjs/w:35/h:35/rt:fill/el:1/ 1 KB
2 KB 58ms
57ms Image
image/png 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pesktop.com/3L7tQUD8cnKnJVcbduNgTlwdw2SnJYoNC83Fm2AoJjs/w:35/h:35/rt:fill/el:1/aHR0cHM6Ly9wZXNrdG9wLmNvbS9jc3MvaW1nL2ZsYWctNDAwLnBuZw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1cc68860a171f850c92a9f8aadee546740c0575b2ef749468605a508dab394

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255650
content-disposition: inline; filename="flag-400.png"
alt-svc: h3=":443"; ma=86400
content-length: 1464
x-request-id: gKtXSRrP1Gyld5NWSzEYv
last-modified: Tue, 06 Jun 2023 00:25:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3Es%2BzsfoFBVfUIEj9e%2BK0lT2Q7WHLKlBxiyNCReHnMCEX11tea8UeQg1LBytkJlxDQwAZ6zczninpxLj47MeRGhULLwPVPKq%2FdDy%2BJonEiIzfVk6duAU%2B%2FKm%2BBCHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d44ead6aa8ed0d9-AMS
expires: Wed, 05 Jun 2024 00:25:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 190ms
69ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de35274e71b89fd0e07b0502fb4361735ed62531a153e1608e9254c12a223ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11191
x-xss-protection: 0

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 5418 37 KB
14 KB 55ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:18 GMT

GET
H3 200 aHR0cHM6Ly9wZXNrdG9wLmNvbS9jc3MvaW1nL2ZsYWctNDAwLnBuZw.png
pesktop.com/3L7tQUD8cnKnJVcbduNgTlwdw2SnJYoNC83Fm2AoJjs/w:35/h:35/rt:fill/el:1/ 1 KB
2 KB 61ms
60ms Image
image/png 172.67.185.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pesktop.com/3L7tQUD8cnKnJVcbduNgTlwdw2SnJYoNC83Fm2AoJjs/w:35/h:35/rt:fill/el:1/aHR0cHM6Ly9wZXNrdG9wLmNvbS9jc3MvaW1nL2ZsYWctNDAwLnBuZw.png

Requested by

Host: pesktop.com
URL: https://pesktop.com/js/jquery.min.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1cc68860a171f850c92a9f8aadee546740c0575b2ef749468605a508dab394

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/en/windows/wondershare_mirrorgo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255650
content-disposition: inline; filename="flag-400.png"
alt-svc: h3=":443"; ma=86400
content-length: 1464
x-request-id: gKtXSRrP1Gyld5NWSzEYv
last-modified: Tue, 06 Jun 2023 00:25:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPA8Jaeq%2Bm2%2FqwXg7XL5fYvfPKpbUoWJFgqbN%2BMRlvtmj%2BcBNVKBJkLsPfwFWiEAeWbcJBVLWIFABlFV9rGbVEE4oonWn5%2FwLblBGaG%2F2071CgZUibofmKCXwvSZlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d44ead70b29d0d9-AMS
expires: Wed, 05 Jun 2024 00:25:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
68ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pesktop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 23:29:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFB8 13 KB
5 KB 53ms
51ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 35866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 13:31:44 GMT
expires: Fri, 07 Jun 2024 13:31:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B4F 783 B
970 B 64ms
63ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

95a1910aa752a7a831973f3039807ffd7965ffda1b73607147dbd3fcc351dfcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-obUEvVyJ_Bg1Pj-AhnSz6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pesktop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-obUEvVyJ_Bg1Pj-AhnSz6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 23:29:30 GMT
expires: Thu, 08 Jun 2023 23:29:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame CFB8 37 KB
14 KB 54ms
53ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B4F 0
0 85ms
85ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=2043122548278374&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CFB8 0
10 B 52ms
51ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yIPryw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 23:29:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AAD1 42 B
64 B 92ms
92ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMRSekTyCeyJr7QZN0AbbUzyJMRcx0B36DGVuRVxdvs5-G0LQ5D6UPiFit82rK1p9pddYah25m9fHGTE2vuD5YFsp_KjYk3kH2_8ZCjc5tYTEN31t7DOHvRibwRViRI25mRFAXouJYMznD&sai=AMfl-YS4x5aJ8Bk2nN_mBHfxfj3eXyOcFZ-gXzbWwvXwXsPqc6tQZw9BPxLcU8u2otrCh5uF3TtVmFDezIh1&sig=Cg0ArKJSzD3f96gYdoHPEAE&cid=CAQSGwBygQiDSsNZtOKoAvLLgLx4LdHYZilc01wkIBgB&id=lidar2&mcvt=1000&p=0,0,280,800&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2607259478&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686266969140&rpt=1497&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS