www.pndnsns.shop Open in urlscan Pro
104.16.211.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pndnsns.shop/
Submission: On December 02 via api (December 2nd 2025, 9:59:16 am UTC) from IE — Scanned from DE

Summary HTTP 61 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 61 HTTP transactions. The main IP is 104.16.211.68, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is www.pndnsns.shop.
TLS certificate: Issued by WE1 on November 23rd 2025. Valid for: 3 months.

This is the only time www.pndnsns.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fake Shop (Retail)

Domain & IP information

	IP Address	AS Autonomous System
18	104.16.211.68 104.16.211.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	82.26.160.163 82.26.160.163	21840 (NET3) (NET3)
6	34.54.241.59 34.54.241.59	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
7	23.207.210.198 23.207.210.198	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	23.219.149.35 23.219.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
6	167.148.196.76 167.148.196.76	21840 (NET3) (NET3)
1	148.135.152.31 148.135.152.31	31715 (ABTME-AS ...) (ABTME-AS CloudIP LLC)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.50.131.200 23.50.131.200	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
6	164.90.87.92 164.90.87.92	10122 (NETSTAR-A...) (NETSTAR-AS-AP NETSTAR SG PTE. LTD.)
3	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
61	14

18 104.16.211.68 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

www.pndnsns.shop	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 82.26.160.163 (France)

ASN21840 (NET3, US)

api.imotech.video	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 34.54.241.59 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 59.241.54.34.bc.googleusercontent.com

ssl.ssl-images-mar.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 23.207.210.198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-207-210-198.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.219.149.35 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-149-35.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 167.148.196.76 (Germany)

ASN21840 (NET3, US)

api.affiliations.site	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 148.135.152.31 (France)

ASN31715 (ABTME-AS CloudIP LLC, US)

api.affiliations.site	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 23.50.131.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-50-131-200.deploy.static.akamaitechnologies.com

analytics-ipv6.tiktokw.us	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 164.90.87.92 (Germany)

ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG)

api.topnotchs.site	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
18	pndnsns.shop www.pndnsns.shop	572 KB
7	affiliations.site api.affiliations.site — Cisco Umbrella Rank: 147302	2 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 692	145 KB
6	topnotchs.site api.topnotchs.site — Cisco Umbrella Rank: 111521	1 KB
6	ssl-images-mar.com ssl.ssl-images-mar.com	3 MB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 955	4 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 144	217 B
3	imotech.video api.imotech.video — Cisco Umbrella Rank: 167908	71 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1127	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 261	118 KB
1	tiktokw.us analytics-ipv6.tiktokw.us — Cisco Umbrella Rank: 1211	946 B
61	12

	Domain	Requested by
18	www.pndnsns.shop	www.pndnsns.shop
7	api.affiliations.site	api.imotech.video
7	analytics.tiktok.com	www.pndnsns.shop analytics.tiktok.com
6	api.topnotchs.site	api.imotech.video
6	ssl.ssl-images-mar.com	www.pndnsns.shop
4	ct.pinterest.com	s.pinimg.com
3	www.facebook.com	connect.facebook.net www.pndnsns.shop
3	api.imotech.video	www.pndnsns.shop
2	fonts.gstatic.com	www.pndnsns.shop
2	s.pinimg.com	www.pndnsns.shop s.pinimg.com
2	connect.facebook.net	www.pndnsns.shop connect.facebook.net
1	analytics-ipv6.tiktokw.us	analytics.tiktok.com
61	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.pinterest.com

Subject Issuer	Validity	Valid
www.pndnsns.shop WE1	`2025-11-23` - `2026-02-21`	3 months	crt.sh
*.imotech.video GlobalSign GCC R6 AlphaSSL CA 2023	`2025-06-03` - `2026-07-05`	a year	crt.sh
ssl.ssl-images-mar.com WR3	`2025-10-14` - `2026-01-12`	3 months	crt.sh
*.facebook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-10` - `2025-12-09`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2025-06-16` - `2026-06-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-07-23` - `2026-08-23`	a year	crt.sh
*.gstatic.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
*.affiliations.site GlobalSign GCC R6 AlphaSSL CA 2023	`2024-12-02` - `2026-01-03`	a year	crt.sh
*.tiktokw.us RapidSSL TLS ECC CA G1	`2025-05-14` - `2026-06-14`	a year	crt.sh
*.topnotchs.site GlobalSign GCC R6 AlphaSSL CA 2023	`2024-12-02` - `2026-01-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.pndnsns.shop/
Frame ID: 26403B7235081FC0E92DDE3585979021
Requests: 60 HTTP requests in this frame

Frame: https://api.affiliations.site/ad/pixelfile.html
Frame ID: ADC94B90A36A8772DC48F92AFCED0155
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 73B52F370A91C271F30EF6C1581B76D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cialis

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

61
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

14
IPs

4
Countries

3735 kB
Transfer

6331 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.pndnsns.shop/ 588 KB
93 KB 374ms
346ms Document
text/html 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7c72442facb5541b2fd71be7ade3eac805413bf3a71afe0c9758db8251d36db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9a79f877da763666-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Dec 2025 09:59:16 GMT
execution-time: 0.1560261250
server: cloudflare
trace_id: 4145DB88-5053-DBA7-4153-6FD1919D7E9A
vary: Accept-Encoding
x-trace-id: 4145DB88-5053-DBA7-4153-6FD1919D7E9A

GET
H2 200 gtag.js Show response
www.pndnsns.shop/uploads/0/theme/default/assets/ 20 KB
6 KB 25ms
23ms Script
application/javascript 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/gtag.js?v=38996bb99df43180b2adf076fa8a11aa120211-1117
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8e3441261c1352303ba1f02f4bb329a99973a551e53cdc0d73408779b2c689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: yEY9k9MJjxH/gcbz3oOeLw==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: HIT
age: 1580
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:16 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:16 GMT
x-oss-server-time: 1
content-type: application/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 02 Dec 2025 09:32:15 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 8282043662384054023
cf-ray: 9a79f87a2cc03666-FRA
x-oss-request-id: 692EB2479979C7313841DF8F
server: cloudflare

GET
H2 200 events.js Show response
api.imotech.video/ad/ 70 KB
24 KB 654ms
585ms Script
application/javascript 82.26.160.163
NET3

General

Check archive.org

Download Go to

Full URL: https://api.imotech.video/ad/events.js?pixel_id=905590502367205376
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.26.160.163 , France, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: 2a97d74c1392ab16148b947399266a33b445420a34e1c7b0c72ccb49f45699f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
bigotraceresponse: 00-aa806d4af8fef08d140f0732bbec96c3-0-00
access-control-allow-origin: *
content-length: 23963
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript;charset=utf-8
server: openresty

GET
H2 200 events.js Show response
api.imotech.video/ad/ 70 KB
24 KB 45ms
43ms Script
application/javascript 82.26.160.163
NET3

General

Check archive.org

Download Go to

Full URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.26.160.163 , France, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: 7b0ae2371adf17c1e9482919e96329b15a0998141f7dc2344601e6a1f4b469f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
bigotraceresponse: 00-c4cb195fe915ac74bc99f87d561ce5c8-0-00
access-control-allow-origin: *
content-length: 23936
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript;charset=utf-8
server: openresty

GET
H2 200 events.js Show response
api.imotech.video/ad/ 70 KB
24 KB 413ms
412ms Script
application/javascript 82.26.160.163
NET3

General

Check archive.org

Download Go to

Full URL: https://api.imotech.video/ad/events.js?pixel_id=905661166887505920
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.26.160.163 , France, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: ff59a767785a8e96166e7009b26416060b1906734df4371132923cb90eee917c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
bigotraceresponse: 00-fb273d2f61f4e0cbfb35b21b06e5a136-0-00
access-control-allow-origin: *
content-length: 23965
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript;charset=utf-8
server: openresty

GET
H2 200 public.js Show response
www.pndnsns.shop/uploads/0/theme/default/assets/ 495 KB
147 KB 123ms
120ms Script
application/javascript 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81702366ef11ac8bbaec1521c6ce6c0c92d459bb870b32981f28281780143b25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: FJ783tbngxxjVPImSR0m4A==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: HIT
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:16 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:16 GMT
x-oss-server-time: 2
content-type: application/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 02 Dec 2025 09:32:14 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 1569231838701137870
cf-ray: 9a79f87a3ccb3666-FRA
x-oss-request-id: 692EB3603BC7A83731F666EF
server: cloudflare

GET
H2 200 public.css
www.pndnsns.shop/uploads/0/theme/default/assets/ 156 KB
24 KB 220ms
218ms Stylesheet
text/css 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.css?v=4c80ef067cf053b60acf36c57ec6493a120211
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b638c3a1a9220751de6247a45b3978337f2682d5fd2fccdb3c1a0bd4deeaad0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: AVRGD+8ABx1q/a5YXjuTRA==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: MISS
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 2
content-type: text/css
vary: Accept-Encoding, Origin
last-modified: Tue, 02 Dec 2025 09:32:14 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 16279539532869111027
cf-ray: 9a79f87a3cc73666-FRA
x-oss-request-id: 692EB8749EAA1A38331A8C30
server: cloudflare

GET
H2 200 quest_theme.css
www.pndnsns.shop/uploads/0/theme/quest/assets/ 17 KB
3 KB 339ms
337ms Stylesheet
text/css 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/uploads/0/theme/quest/assets/quest_theme.css?v=6a88f43cb422b7652b327e9f90e3270b120211
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb9b6704edd8e55402bb522acbd4d81b28812846535e59f99bd681f5e5a75615

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: VBjDD7IyXIXMnO6drI90vQ==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: MISS
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 1
content-type: text/css
vary: Accept-Encoding, Origin
last-modified: Tue, 02 Dec 2025 06:00:06 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 15191980932333315666
cf-ray: 9a79f87a3cca3666-FRA
x-oss-request-id: 692EB875B6DE1D353697CFD8
server: cloudflare

GET
H2 200 3495e490e5b2028ef78050fcd528d940.avif
ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251030/ 4 KB
4 KB 207ms
173ms Image
image/avif 34.54.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251030/3495e490e5b2028ef78050fcd528d940.avif
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.54.34.bc.googleusercontent.com
Software: AliyunOSS /
Resource Hash: 2540f925445e0f489094b2cad74e2a8ed6b8f0d399c5d95f16f7c78f58e4c5d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: 72c1r5fjf05yR4SlwJEj7g==
x-oss-storage-class: Standard
etag: "EF6735AF97E37F4E724784A5C09123EE"
x-oss-object-type: Normal
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 09:59:16 GMT
x-oss-server-time: 10
x-oss-ec: 0048-00000113
content-disposition: inline
vary: Origin
content-type: image/avif
last-modified: Thu, 30 Oct 2025 04:08:27 GMT
cache-control: public,max-age=2592000
x-oss-hash-crc64ecma: 1161108676903369234
via: 1.1 google
accept-ranges: bytes
content-length: 4010
x-oss-request-id: 692EB874D31A233830282DB6
x-oss-force-download: false
server: AliyunOSS

GET
H2 200 banner_loading.png
www.pndnsns.shop/uploads/0/theme/default/assets/ 23 KB
23 KB 174ms
170ms Image
image/png 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b120211
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: f+Ob3Nyr3DDRTR+ZwwjbKw==
x-oss-storage-class: Standard
cf-cache-status: MISS
etag: "7FE39BDCDCABDC30D14D1F99C308DB2B"
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:16 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 1
content-type: image/png
vary: Origin, Accept-Encoding
last-modified: Tue, 02 Dec 2025 09:32:14 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 7125506954030682244
cf-ray: 9a79f87a3ccc3666-FRA
accept-ranges: bytes
content-length: 23352
x-oss-request-id: 692EB8741735C13039748639
server: cloudflare

GET
H3 200 empty_loading.png
www.pndnsns.shop/uploads/0/theme/default/assets/ 221 B
694 B 67ms
67ms Image
image/png 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/empty_loading.png?v=51ba92483a4282450a82bd1e58a7b541120211
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece477f4168a4db66df804bfe1d9a09dcea782db51850b9081a81c83abd6d208

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: UbqSSDpCgkUKgr0eWKe1QQ==
x-oss-storage-class: Standard
cf-bgj: imgq:100,h2pri
etag: "51BA92483A4282450A82BD1E58A7B541"
cf-cache-status: HIT
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
cf-polished: origSize=6857, status=vary_header_present
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 4
content-type: image/png
last-modified: Mon, 01 Dec 2025 06:00:03 GMT
vary: Origin, Accept-Encoding
priority: u=2,i
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 12169997832694763196
cf-ray: 9a79f87b6f7ef7ae-FRA
accept-ranges: bytes
content-length: 221
x-oss-request-id: 692DC33D1F5247313252BCD0
server: cloudflare

GET
H3 200 quest_app.js Show response
www.pndnsns.shop/uploads/0/theme/quest/assets/ 944 B
745 B 206ms
205ms Script
application/javascript 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/uploads/0/theme/quest/assets/quest_app.js?v=343ba462648c166cb7443bdd06b4d59e120211
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bbbce47dc747a750e5e24fcbf64f81a3f184909ba874c28922d6af2ed7abc94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: pgT95cHyUo85nHaWROwlyw==
x-oss-storage-class: Standard
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"A604FDE5C1F2528F399C769644EC25CB"
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 1
content-type: application/javascript
vary: Origin, Accept-Encoding
last-modified: Tue, 02 Dec 2025 06:00:06 GMT
priority: u=2,i=?0
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 1313754613064901820
cf-ray: 9a79f87b9ff6f7ae-FRA
x-oss-request-id: 692E90F5D3A5E13638ED826F
server: cloudflare

POST
H3 200 collect Show response
www.pndnsns.shop/homeapi/ 12 B
208 B 186ms
185ms Fetch
text/html 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/homeapi/collect
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/gtag.js?v=38996bb99df43180b2adf076fa8a11aa120211-1117
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e78c2742fc55e62355f821dc199842bd4758e9e2360afa27f819a3339fd6d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.pndnsns.shop/

Response headers

trace_id: D9B25A05-35C7-62E9-9009-4B127EFB5D3C
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 9a79f87a8d9ff7ae-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: text/html;charset=utf-8
server: cloudflare
priority: u=1,i

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 325 KB
84 KB 25ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

e58972f14e60ff958243af170ac82cb4075e26c8c252caf713b47c9872b5285c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-NVlOzx0k' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-NVlOzx0k' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4959, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: uOvvzXdDg96A9y85Ar+UHP8TOkOh/UTv2f4y8iiHjhsDZLFbKHUpzYD0ZIYI9Y9oBaxVkzf/WWLOyHbvs5oeiQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
content-length: 85645
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 facebook Show response
www.pndnsns.shop/homeapi/ 86 B
289 B 179ms
178ms Fetch
application/json 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/homeapi/facebook
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 296e046f13cf47b8aae8acdd42c9ae0f480892838bcda6267e16807a83b82a52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.pndnsns.shop/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
trace-id: 1F7EBF28-5729-3E84-7656-F50C2D7871EC
cf-ray: 9a79f87a8dacf7ae-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 9 KB
3 KB 205ms
125ms Script
application/javascript 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=D3AI843C77UFRPGD02J0&lib=ttq
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dcf878319a654ffa22f8290662b7cf5d589b4ead26080782408f81117d955256

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
expires: Tue, 02 Dec 2025 09:59:17 GMT
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=1, origin; dur=109
x-cache: TCP_MISS from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 6958ee00
x-tt-trace-host: 01561eee4dd0e7a471696bbb5ce52199cc7851450014bd28ccd591941e361098f150991e409f67234fd9be8ca3704750515cef28e291da1d8ba1b52ee28e06ed636f147e633afca967116f9d5f94de2cc5b52b6ccf0f0a7514d5009206308806a5
x-origin-response-time: 109,2.18.28.202
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-25120209591773E6EC5A7C51D89241B2-467B3F31C5A78164-00
content-length: 2334
x-tt-logid: 2025120209591773E6EC5A7C51D89241B2
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 9 KB
3 KB 199ms
119ms Script
application/javascript 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=D3B7VERC77UAH4NB0L60&lib=ttq
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c74f98dc3e61177a7b6f45481c425caa759daaeed459a0e32c75cfebbd3d089c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
x-cache-remote: TCP_MISS from a2-17-114-148.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
expires: Tue, 02 Dec 2025 09:59:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=18, inner; dur=14
x-cache: TCP_MISS from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 4fadda6b.6958ee09
x-tt-trace-host: 01561eee4dd0e7a471696bbb5ce52199cce72cc986ce37606f84c9aaf87804fa17e09eb61591d5eeb23be946afff3f5bdc7e095e8c9aca189b336cb41132105ebc919e3a87243fb7f2bd2c8e2aef10eeffeed1ba3c03785d02489d50d8774afe2eb2942ac717bb17e94af95404ae8bd9d5
x-origin-response-time: 18,2.17.114.148
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-251202095917234086696077B09338A3-4F46E27006F030C8-00
x-parent-response-time: 105,2.18.28.202
x-tt-logid: 20251202095917234086696077B09338A3
server: nginx

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 67ms
22ms Script
application/javascript 23.219.149.35
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.149.35 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e68879fbc2558543e283b7f082a5a698d32fc6f4e1efef3e981b6236ec7b8eb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

access-control-max-age: 86400
cache-control: max-age=7200
timing-allow-origin
content-encoding: br
access-control-expose-headers: X-CDN
etag: "36d1eabc8dd81a1c3e8e162f9d8135a1"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
access-control-allow-origin: *
content-length: 1869
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H3 200 k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTTNDNZ9xdp.woff2
fonts.gstatic.com/s/archivo/v9/ 12 KB
12 KB 33ms
11ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v9/k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTTNDNZ9xdp.woff2

Requested by

Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.pndnsns.shop
Referer: https://www.pndnsns.shop/

Response headers

age: 6968
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 02 Dec 2026 08:03:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 08:03:09 GMT
last-modified: Wed, 18 Aug 2021 21:15:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12516
x-xss-protection: 0
server: sffe

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 9ms
9ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.pndnsns.shop
Referer: https://www.pndnsns.shop/

Response headers

age: 7598
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 02 Dec 2026 07:52:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 07:52:39 GMT
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20040
x-xss-protection: 0
server: sffe

GET
H3 200 index.js Show response
www.pndnsns.shop/app-assets/trusttool/138909/ 745 KB
243 KB 234ms
234ms Script
application/javascript 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/app-assets/trusttool/138909/index.js?var=1751279911
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0ffd19baf03074dd0fe92d928c65bb9518a42ae2c3a4e7ae022714ed4ea534

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: fhanCJMuSYvIoAn/dFJGNQ==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: MISS
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 2
x-oss-ec: 0048-00000113
content-disposition: attachment
vary: Accept-Encoding, Origin
content-type: application/javascript
priority: u=3,i=?0
last-modified: Tue, 02 Dec 2025 06:45:44 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 9135278294972983040
cf-ray: 9a79f87d5bf3f7ae-FRA
x-oss-request-id: 692EABB122306A30370233EF
x-oss-force-download: true
server: cloudflare

GET
H3 200 index.js Show response
www.pndnsns.shop/app-assets/googletranslate/138909/ 19 KB
7 KB 224ms
223ms Script
application/javascript 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/app-assets/googletranslate/138909/index.js?var=1758800315
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db30d4c4e957840df349a07562e9e68f8c8fae31321f450870a20a84987c9f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: U8mZ18jSqZYtRz0u9+anyQ==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: MISS
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 2
x-oss-ec: 0048-00000113
content-disposition: attachment
vary: Accept-Encoding, Origin
content-type: application/javascript
priority: u=3,i=?0
last-modified: Tue, 02 Dec 2025 09:41:58 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 18330395083820881741
cf-ray: 9a79f87d5bf4f7ae-FRA
x-oss-request-id: 692EB87500F3E03938930DB6
x-oss-force-download: true
server: cloudflare

GET
H3 200 index.js Show response
www.pndnsns.shop/app-assets/countdown/138909/ 59 KB
16 KB 189ms
189ms Script
application/javascript 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/app-assets/countdown/138909/index.js?var=1760932302
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6fd6019ffee185b0f3f42db045b9e1bc4a57bae8784a5379cc186590f3a6bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: j/tJgZDGWb9MmAfksBK6bQ==
x-oss-storage-class: Standard
content-encoding: gzip
cf-cache-status: MISS
x-oss-object-type: Normal
expires: Wed, 10 Dec 2025 09:59:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 1
x-oss-ec: 0048-00000113
content-disposition: attachment
vary: Accept-Encoding, Origin
content-type: application/javascript
priority: u=3,i=?0
last-modified: Tue, 02 Dec 2025 09:41:56 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 3300817648866606984
cf-ray: 9a79f87d5bf6f7ae-FRA
x-oss-request-id: 692EB875E8C33137398241BA
x-oss-force-download: true
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

Content-Type: image/webp

GET
H2 200 3495e490e5b2028ef78050fcd528d940.avif
ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251030/ 7 KB
7 KB 170ms
169ms Image
image/jpeg 34.54.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251030/3495e490e5b2028ef78050fcd528d940.avif?x-oss-process=image/resize,m_lfit,w_348/format,jpg
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.54.34.bc.googleusercontent.com
Software: AliyunOSS /
Resource Hash: 3d7350ceeb153e40f2de4534e8bf4ee03656a6ca28fe077b831a143772f979a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

x-oss-storage-class: Standard
etag: "EF6735AF97E37F4E724784A5C09123EE"
x-oss-object-type: Normal
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 5
x-oss-ec: 0048-00000113
content-disposition: inline
vary: Origin
content-type: image/jpeg
last-modified: Thu, 30 Oct 2025 04:08:27 GMT
cache-control: public,max-age=2592000
x-oss-hash-crc64ecma: 1563855901335186707
via: 1.1 google
content-length: 7131
x-oss-request-id: 692EB8755EDFF63432B81B9F
x-oss-force-download: false
server: AliyunOSS

GET
H2 200 637fa4402a4d998b5a0bf30396ee584b.png
ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251030/ 774 KB
774 KB 323ms
323ms Image
image/png 34.54.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251030/637fa4402a4d998b5a0bf30396ee584b.png?x-oss-process=image/resize,m_lfit,h_3200
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.54.34.bc.googleusercontent.com
Software: AliyunOSS /
Resource Hash: 11627feac93cbccf8acac9cf056da802255c1947ee4d1e1577e9b604914c94ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

x-oss-storage-class: Standard
etag: "B98A3A508DA024D791B78E14DBCE6CBA"
x-oss-object-type: Normal
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 154
x-oss-ec: 0048-00000113
content-disposition: inline
vary: Origin
content-type: image/png
last-modified: Thu, 30 Oct 2025 04:09:14 GMT
cache-control: public,max-age=2592000
x-oss-hash-crc64ecma: 41630801770699228
via: 1.1 google
content-length: 792416
x-oss-request-id: 692EB875D5610439369CE86B
x-oss-force-download: false
server: AliyunOSS

GET
H2 200 6e3cdc8600adff8a99d9f18fd22cebf7.png
ssl.ssl-images-mar.com/uploads/138909/cart/resources/20250926/ 2 MB
2 MB 553ms
553ms Image
image/png 34.54.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://ssl.ssl-images-mar.com/uploads/138909/cart/resources/20250926/6e3cdc8600adff8a99d9f18fd22cebf7.png?x-oss-process=image/resize,m_lfit,w_1340
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.54.34.bc.googleusercontent.com
Software: AliyunOSS /
Resource Hash: 4914a07205a13891d527b811790ea095649af508430b0b028b4193f07f24d971

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

x-oss-storage-class: Standard
etag: "5FE4768205DB8AB5CE35F8701AEB2FD5"
x-oss-object-type: Normal
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 09:59:17 GMT
x-oss-server-time: 382
x-oss-ec: 0048-00000113
content-disposition: inline
vary: Origin
content-type: image/png
last-modified: Fri, 26 Sep 2025 11:42:36 GMT
cache-control: public,max-age=2592000
x-oss-hash-crc64ecma: 7699348443251884098
via: 1.1 google
content-length: 1979457
x-oss-request-id: 692EB8754BC59F35372EB07F
x-oss-force-download: false
server: AliyunOSS

GET
H3 200 2200596010353066 Show response
connect.facebook.net/signals/config/ 148 KB
34 KB 343ms
343ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/2200596010353066?v=2.9.243&r=stable&domain=www.pndnsns.shop&hme=fdfab1132115f4ac7aabc9fd7eee63947594f6e6f1735b47a225dd71217525d3&ex_m=89%2C147%2C127%2C18%2C65%2C66%2C120%2C61%2C41%2C121%2C70%2C60%2C134%2C78%2C13%2C88%2C26%2C115%2C108%2C68%2C71%2C114%2C131%2C97%2C136%2C7%2C3%2C4%2C6%2C5%2C2%2C79%2C87%2C137%2C214%2C158%2C55%2C216%2C217%2C48%2C173%2C25%2C67%2C222%2C221%2C161%2C28%2C54%2C8%2C57%2C83%2C84%2C85%2C90%2C111%2C27%2C24%2C113%2C110%2C109%2C128%2C69%2C130%2C129%2C43%2C53%2C105%2C12%2C133%2C38%2C203%2C205%2C168%2C21%2C22%2C23%2C15%2C16%2C37%2C33%2C35%2C34%2C74%2C80%2C82%2C95%2C119%2C122%2C39%2C96%2C19%2C17%2C101%2C62%2C31%2C124%2C123%2C125%2C116%2C20%2C30%2C52%2C94%2C132%2C63%2C14%2C126%2C29%2C183%2C154%2C275%2C201%2C145%2C186%2C179%2C155%2C92%2C112%2C73%2C103%2C47%2C40%2C102%2C107%2C51%2C58%2C42%2C98%2C46%2C49%2C45%2C86%2C135%2C0%2C106%2C11%2C104%2C9%2C1%2C50%2C81%2C56%2C59%2C100%2C77%2C76%2C44%2C117%2C75%2C72%2C64%2C99%2C91%2C36%2C118%2C32%2C93%2C10%2C138

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

4e25819ca09671c6c21ad61432d91cb9484edf6b95c1196efb10ad458e54fcd3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-4x1LrQxg' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-4x1LrQxg' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=86, mss=1232, tbw=95303, tp=87, tpl=0, uplat=335, ullat=0
pragma: public
x-fb-debug: LRsUEqfaezOB0m5Mus+3/MR89UKr2qBjlXxR7uiivssNu7j7PebUZlxpi7mOa3cVVh5mrr6Tl4Boc73GscJNWg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 trackingview
api.affiliations.site/bigoad/ 105 B
219 B 132ms
63ms Ping
application/json 167.148.196.76
NET3

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_iframe_bbg%22%2C%22pixel_id%22%3A%22905377540764602624%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A951%7D&pixel_id=log_pixel_id
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.148.196.76 , Germany, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: a5285ea1d06693856e53474c5b4720b281a089d8d0f270c9437885b5cc71f95e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-491cee27e1e0d61ae36352b3e25d3b1f-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

GET
H2 200 pixelfile.html Show response
api.affiliations.site/ad/ Frame ADC9 3 KB
1 KB 112ms
42ms Document
text/html 148.135.152.31
ABTME-AS CloudIP LLC

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/ad/pixelfile.html
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.135.152.31 , France, ASN31715 (ABTME-AS CloudIP LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: 84a2c23fe6c2b10dbd6dd97e37a448e2789a2bd37799d3a72d36e14505f50938

Request headers

Referer: https://www.pndnsns.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

bigotraceresponse: 00-2a2d50df008266ee2ffcb4116c83a575-0-00
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 02 Dec 2025 09:59:17 GMT
server: openresty

GET
H2 200 main.817db39b.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 15ms
15ms Script
application/javascript 23.219.149.35
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.817db39b.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.149.35 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c44bbc727cf6427aa8037d3fca1f734ec1f8275f2988ef26ace885605c7990c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

access-control-max-age: 86400
cache-control: max-age=1209600
timing-allow-origin
content-encoding: br
access-control-expose-headers: X-CDN
etag: "927f08e36db998c19d655423edb6f84f"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23788
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 main.MWYyNDJlNWM5MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 419 KB
97 KB 11ms
11ms Script
application/javascript 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYyNDJlNWM5MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=D3B7VERC77UAH4NB0L60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 95eedeadf5b0820051459dcd697d01187784698ce746032fba611cff1e457e43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

x-cache: TCP_MEM_HIT from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-2511130755591F1F105CA882B7D7F6D2-64D62244C542E226-00
content-length: 98378
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202511130755591F1F105CA882B7D7F6D2
server: nginx
x-akamai-request-id: 6958ef43
x-tt-trace-host: 018a792cf78dc22dfa380b4153eaa7b166a383612be2b03bb2869cffcc0f8fc2dff0f09c1198047a60f16ad206fb2d5fb02ed6abf2b6a4fb302b7280012ea144112c27038bc2a1bc6787c79cb5ab416c5bb5c9ceaab094150b55ccb8c72ca2e78c

GET
H2 200 / Show response
ct.pinterest.com/user/ 319 B
745 B 145ms
102ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612550722105&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1764669557404&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.817db39b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fa67a36ccf81274a9959d5b9f6303320f067e224ff8a8d7b4866982ffa54f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: e18e9afb0a2fc83e98c21cf44419826f
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU56a3hPVEZoTmpRdFptSTVPQzAwTXpjMkxUa3lPVE10TkRBNU9UVTFOVGRtT1RSag
pinterest-version: dff5cb827b529f41d87ce6216cbc9b7c688a3a14
access-control-allow-origin: https://www.pndnsns.shop
content-length: 184
akamai-grn: 0.8c6656b8.1764669557.16a59660
x-pinterest-rid: 1100739227468703

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
581 B 137ms
97ms Fetch
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2612550722105&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.pndnsns.shop%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22817db39b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1764669557409

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.817db39b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

x-pinterest-rid-128bit: b1375dfef99b3bee4109fb030c00ff00
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=604800
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: dff5cb827b529f41d87ce6216cbc9b7c688a3a14
access-control-allow-origin: https://www.pndnsns.shop
content-length: 35
akamai-grn: 0.8c6656b8.1764669557.16a5965f
x-pinterest-rid: 4686552877760577

GET
H2 200 identify_c4432507.js Show response
analytics.tiktok.com/i18n/pixel/static/ 152 KB
40 KB 10ms
9ms Script
application/javascript 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c4432507.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYyNDJlNWM5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1f95990bb0a38b39c7dc7c12fbc4c7df4b6b72760fac40a99261fdc17329f5ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

x-cache: TCP_MEM_HIT from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=1
x-tt-trace-id: 00-25111307555964FCE98450432297E617-2A1D2AA3A3B14D8D-00
content-length: 40056
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2025111307555964FCE98450432297E617
server: nginx
x-akamai-request-id: 6958efc3
x-tt-trace-host: 018a792cf78dc22dfa380b4153eaa7b166a383612be2b03bb2869cffcc0f8fc2df42162ac7a5966d2a5c14c024e350df3f13af771b042faf554af61d2151a24b39f5d431fe9574f0d755248916b0250b1892d075d9199aff778e4952cf04f71d90

POST
H2 200 trackingview
api.affiliations.site/bigoad/ 105 B
218 B 16ms
15ms Ping
application/json 167.148.196.76
NET3

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_no_bbg%22%2C%22pixel_id%22%3A%22905377540764602624%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1078%7D&pixel_id=log_pixel_id
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.148.196.76 , Germany, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: 713314623172816aed3e92295d9fa353bfcbd814131549f97194da955f26e144

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-add32ad4cbbb0b1620e464a28b3c6faa-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 trackingview
api.affiliations.site/bigoad/ 105 B
218 B 66ms
65ms Ping
application/json 167.148.196.76
NET3

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/bigoad/trackingview?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.9267703457.1764669557&pixel_id=905377540764602624&timestamp_ms=1764669557370&extra=%7B%22action%22%3A%22init%22%2C%22configId%22%3A%22905377540764602624%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A951%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.148.196.76 , Germany, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: 4be469ab0dccc607c3844eb18ce24e898d1e803876864d88901217dceba93976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-3b7f003ad15a47929bef16ba59028afa-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 trackingview
api.affiliations.site/bigoad/ 105 B
219 B 68ms
67ms Ping
application/json 167.148.196.76
NET3

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/bigoad/trackingview?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.9267703457.1764669557&pixel_id=905377540764602624&timestamp_ms=1764669557370&extra=%7B%22action%22%3A%22page_view%22%2C%22configId%22%3A%22905377540764602624%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A951%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.148.196.76 , Germany, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: 4be469ab0dccc607c3844eb18ce24e898d1e803876864d88901217dceba93976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-bdf92d8757aa6616abaadd46c67996d6-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 enrich_ipv6
analytics-ipv6.tiktokw.us/ipv6/ 0
946 B 165ms
114ms Ping
text/plain 23.50.131.200
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://analytics-ipv6.tiktokw.us/ipv6/enrich_ipv6

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYyNDJlNWM5MQ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-50-131-200.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
x-cache-remote: TCP_MISS from a23-3-98-142.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-992afe98b9405e84f19be223dce3e955) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 02 Dec 2025 09:59:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=20, inner; dur=16
x-cache: TCP_MISS from a23-41-167-72.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-992afe98b9405e84f19be223dce3e955) (-)
date: Tue, 02 Dec 2025 09:59:17 GMT
x-akamai-request-id: c826eb31.c0795d31
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01561eee4dd0e7a471696bbb5ce52199cc2c9a5ce1d156da57728b5112c7152404b29ec749c019541bb41bda3850d20c7caa45754d703ac87d19a5385d0520caf5b9bcc17206fdfee3d7b98aebb2fb64c0f60378fdfdb83cb4314edff6e8a85d1e91f3f2cc25fd333f68208e475510b063
strict-transport-security: max-age=31536000 ; includeSubDomains
x-origin-response-time: 20,23.3.98.142
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2512020959173C4185FC2B65CD9202AB-319319D4B79C53A0-00
content-length: 0
x-parent-response-time: 106,23.41.167.72
x-tt-logid: 202512020959173C4185FC2B65CD9202AB
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
757 B 114ms
113ms Ping
text/plain 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYyNDJlNWM5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 02 Dec 2025 09:59:17 GMT
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=4, origin; dur=101
x-cache: TCP_MISS from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
date: Tue, 02 Dec 2025 09:59:17 GMT
x-akamai-request-id: 6958f04b
x-tt-trace-host: 01561eee4dd0e7a471696bbb5ce52199cc7851450014bd28ccd591941e361098f135cf79403e4abcb536ff1ec5b12087f9b1a6b8d297221d9496e4dc2d816aa4944a4cf5d7ba90d6b0a18e0edd0a934db94b61e2a26f863641381c8f270de093bb
access-control-allow-headers: Authorization,*
x-origin-response-time: 101,2.18.28.202
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-25120209591774BCAEE8090F8E91B705-0A6E1FCFDB75A241-00
content-length: 0
x-tt-logid: 2025120209591774BCAEE8090F8E91B705
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
917 B 158ms
157ms Ping
text/plain 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYyNDJlNWM5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
x-cache-remote: TCP_MISS from a23-48-100-24.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 02 Dec 2025 09:59:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=19, inner; dur=17
x-cache: TCP_MISS from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
date: Tue, 02 Dec 2025 09:59:17 GMT
x-akamai-request-id: 390f4615.6958f050
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01561eee4dd0e7a471696bbb5ce52199cc2742196ae45bbad81a4d3e797dba86c09ea326530b1b9da352182013ecfe413e58176c38ac1bfd92fc0aa4ba5f65129e531b4343fc710bc9a8edfc395199194032d54bcc83a41c32b3d536db8079ef99f506163882b80838bd536b0b3f8d9663
x-origin-response-time: 20,23.48.100.24
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-25120209591706B149DDBC9DB68FE959-1C03E9E929906EA5-00
content-length: 0
x-parent-response-time: 107,2.18.28.202
x-tt-logid: 2025120209591706B149DDBC9DB68FE959
server: nginx

POST
H2 200 trackingview
api.topnotchs.site/bigoad/ 105 B
218 B 109ms
38ms Ping
application/json 164.90.87.92
NETSTAR-AS-AP NET...

General

Check archive.org

Download Go to

Full URL: https://api.topnotchs.site/bigoad/trackingview?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.7500421001.1764669558&pixel_id=905590502367205376&timestamp_ms=1764669557511&extra=%7B%22action%22%3A%22init%22%2C%22configId%22%3A%22905590502367205376%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1092%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905590502367205376
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.87.92 , Germany, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 011965e526181153da2966de4cd60f3e8ee49394b4fb7d0f1e1f435f4934566b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-056f49df62fcbaadca9d008e5da4e0ee-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 trackingview
api.topnotchs.site/bigoad/ 105 B
219 B 110ms
39ms Ping
application/json 164.90.87.92
NETSTAR-AS-AP NET...

General

Check archive.org

Download Go to

Full URL: https://api.topnotchs.site/bigoad/trackingview?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.7500421001.1764669558&pixel_id=905590502367205376&timestamp_ms=1764669557512&extra=%7B%22action%22%3A%22page_view%22%2C%22configId%22%3A%22905590502367205376%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1093%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905590502367205376
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.87.92 , Germany, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 235eccedb4e1a49cf1eb67d61f67c159076f7957580f013e7dff2d0ef5bf1a6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-957203b270e1e08a5c7c95aae538fa9f-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 trackingview
api.topnotchs.site/bigoad/ 105 B
218 B 109ms
39ms Ping
application/json 164.90.87.92
NETSTAR-AS-AP NET...

General

Check archive.org

Download Go to

Full URL: https://api.topnotchs.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_page_loaded%22%2C%22pixel_num%22%3A%22multiple%22%2C%22pixel_id%22%3A%22905377540764602624%3B905590502367205376%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1093%7D&pixel_id=log_pixel_id
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905590502367205376
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.87.92 , Germany, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 011965e526181153da2966de4cd60f3e8ee49394b4fb7d0f1e1f435f4934566b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-9cacc2561ea2a87cde45019ffee45857-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

GET
H3 200 config Show response
www.pndnsns.shop/app-api/countdown/138909/front/ 119 B
412 B 197ms
197ms XHR
application/json 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/app-api/countdown/138909/front/config?type=2,3&product_id=22109130&collection_ids=
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1869ece4fc72864b82af19ed6805d8ad684f4f7130b9d8941dba5144e01755e

Request headers

Referer: https://www.pndnsns.shop/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: */*

Response headers

shop-domain: lichen409.zenshop.cn
access-control-max-age: 1800
access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
x-app-id: 23
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: *
access-control-request-headers: *
access-control-allow-credentials: true
x-trace-id: 94567D8D-CA68-868C-CB44-C0F36ADF0656
cf-ray: 9a79f87eae95f7ae-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 config Show response
www.pndnsns.shop/app-api/googletranslate/138909/front/ 734 B
726 B 201ms
201ms XHR
application/json 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/app-api/googletranslate/138909/front/config
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 452efa24bbe591c260908438c16fd950b0b7a0fd509c6161e2767e2d5891f21d

Request headers

Referer: https://www.pndnsns.shop/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

shop-domain: lichen409.zenshop.cn
access-control-max-age: 1800
access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
x-app-id: 90
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: *
access-control-request-headers: *
access-control-allow-credentials: true
x-trace-id: 0983C89A-70CD-C392-134A-E372829529F1
cf-ray: 9a79f87ecec1f7ae-FRA
access-control-allow-origin: *
server: cloudflare

POST
H2 200 trackingview
api.topnotchs.site/bigoad/ 105 B
218 B 20ms
19ms Ping
application/json 164.90.87.92
NETSTAR-AS-AP NET...

General

Check archive.org

Download Go to

Full URL: https://api.topnotchs.site/bigoad/trackingview?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.6001978942.1764669558&pixel_id=905661166887505920&timestamp_ms=1764669557613&extra=%7B%22action%22%3A%22init%22%2C%22configId%22%3A%22905661166887505920%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1194%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905661166887505920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.87.92 , Germany, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 534d1a3535fcce63822b583135e6636ddef90de9957615ebac9451079f5b0c8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-eeba9cb4a2bcc92cc9ec3bc1ebbb2258-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 trackingview
api.topnotchs.site/bigoad/ 105 B
218 B 72ms
72ms Ping
application/json 164.90.87.92
NETSTAR-AS-AP NET...

General

Check archive.org

Download Go to

Full URL: https://api.topnotchs.site/bigoad/trackingview?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.6001978942.1764669558&pixel_id=905661166887505920&timestamp_ms=1764669557614&extra=%7B%22action%22%3A%22page_view%22%2C%22configId%22%3A%22905661166887505920%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1194%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905661166887505920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.87.92 , Germany, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 7b8c30b37021f1e245eadfcc5f4883b07de96542b5bc5470569c49a55140da23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-e3c59a800dae7ac7b5828ea8a87334f1-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 trackingview
api.topnotchs.site/bigoad/ 105 B
217 B 71ms
71ms Ping
application/json 164.90.87.92
NETSTAR-AS-AP NET...

General

Check archive.org

Download Go to

Full URL: https://api.topnotchs.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_page_loaded%22%2C%22pixel_num%22%3A%22multiple%22%2C%22pixel_id%22%3A%22905377540764602624%3B905590502367205376%3B905661166887505920%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A1195%7D&pixel_id=log_pixel_id
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905661166887505920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.87.92 , Germany, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 155b985ef1adde40ada7c58c85d36bc85df4b9dd55c2272f855c5e68eb2604d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-8f2c2c23fae124a337e27c0e1ae622d9-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json
server: openresty

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
758 B 120ms
119ms Ping
text/plain 23.207.210.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYyNDJlNWM5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.210.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-207-210-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 02 Dec 2025 09:59:17 GMT
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=4, origin; dur=108
x-cache: TCP_MISS from a2-18-28-202.deploy.akamaitechnologies.com (AkamaiGHost/22.3.2.1-811eb0bc095268e0c68e3c1c2197f35a) (-)
date: Tue, 02 Dec 2025 09:59:17 GMT
x-akamai-request-id: 6958f288
x-tt-trace-host: 01561eee4dd0e7a471696bbb5ce52199cc7851450014bd28ccd591941e361098f135cf79403e4abcb536ff1ec5b12087f90b599424d60c101521759b5e4a920b264d47db82f657cf1e286133ad5cfbfe2ec9939b7adcb1b06596b043f65804986f
access-control-allow-headers: Authorization,*
x-origin-response-time: 108,2.18.28.202
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-25120209591774BCAEE8090F8E91B724-3C1AEB1CF40A7403-00
content-length: 0
x-tt-logid: 2025120209591774BCAEE8090F8E91B724
server: nginx

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 143ms
127ms Fetch
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=2200596010353066

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2200596010353066?v=2.9.243&r=stable&domain=www.pndnsns.shop&hme=fdfab1132115f4ac7aabc9fd7eee63947594f6e6f1735b47a225dd71217525d3&ex_m=89%2C147%2C127%2C18%2C65%2C66%2C120%2C61%2C41%2C121%2C70%2C60%2C134%2C78%2C13%2C88%2C26%2C115%2C108%2C68%2C71%2C114%2C131%2C97%2C136%2C7%2C3%2C4%2C6%2C5%2C2%2C79%2C87%2C137%2C214%2C158%2C55%2C216%2C217%2C48%2C173%2C25%2C67%2C222%2C221%2C161%2C28%2C54%2C8%2C57%2C83%2C84%2C85%2C90%2C111%2C27%2C24%2C113%2C110%2C109%2C128%2C69%2C130%2C129%2C43%2C53%2C105%2C12%2C133%2C38%2C203%2C205%2C168%2C21%2C22%2C23%2C15%2C16%2C37%2C33%2C35%2C34%2C74%2C80%2C82%2C95%2C119%2C122%2C39%2C96%2C19%2C17%2C101%2C62%2C31%2C124%2C123%2C125%2C116%2C20%2C30%2C52%2C94%2C132%2C63%2C14%2C126%2C29%2C183%2C154%2C275%2C201%2C145%2C186%2C179%2C155%2C92%2C112%2C73%2C103%2C47%2C40%2C102%2C107%2C51%2C58%2C42%2C98%2C46%2C49%2C45%2C86%2C135%2C0%2C106%2C11%2C104%2C9%2C1%2C50%2C81%2C56%2C59%2C100%2C77%2C76%2C44%2C117%2C75%2C72%2C64%2C99%2C91%2C36%2C118%2C32%2C93%2C10%2C138

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-bFRTIlUi' blob: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7579198037530273455&cpp=C3&cv=1030476050&st=1764669557818"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: image/png
vary: Origin, Accept-Encoding
x-fb-debug: KbOu9K+cLGL4pWkO5OHS8URiEV6nW3lwFNC/I0lcsFktxGf0JtfIDHkNIgVWmt6kFUMYcgky+21y87LEm1MD3w==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7579198037530273455&cpp=C3&cv=1030476050&st=1764669557818", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-bFRTIlUi' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5254, tp=11, tpl=0, uplat=118, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 25ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2200596010353066&ev=PageView&dl=https%3A%2F%2Fwww.pndnsns.shop%2F&rl=&if=false&ts=1764669557737&cd[event_category]=index&sw=1600&sh=1200&v=2.9.243&r=stable&ec=0&o=4126&fbp=fb.1.1764669556606.262842115966792171&ler=empty&cdl=API_unavailable&pmd[title]=Cialis&pmd[description]=Cialis&pmd[keywords]=Cialis&plt=908.1999969482422&it=1764669557356&coo=false&eid=1764669556875.4425637.8843315&tm=1&expv2[0]=pl0&expv2[1]=el3&expv2[2]=bc1&expv2[3]=mr2&rqm=GET

Requested by

Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4732, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 416ms
400ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2200596010353066&ev=PageView&dl=https%3A%2F%2Fwww.pndnsns.shop%2F&rl=&if=false&ts=1764669557737&cd[event_category]=index&sw=1600&sh=1200&v=2.9.243&r=stable&ec=0&o=4126&fbp=fb.1.1764669556606.262842115966792171&ler=empty&cdl=API_unavailable&pmd[title]=Cialis&pmd[description]=Cialis&pmd[keywords]=Cialis&plt=908.1999969482422&it=1764669557356&coo=false&eid=1764669556875.4425637.8843315&tm=1&expv2[0]=pl0&expv2[1]=el3&expv2[2]=bc1&expv2[3]=mr2&rqm=FGET

Requested by

Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-p0m0Bh6W' blob: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7579198035597955426&cpp=C3&cv=1030476050&st=1764669557819"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 09:59:18 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ze6LK10NB+YBAZWK5Zuq3e7zByCZ1BVI8O0+ucY5lwICr40N86wXdLQDlbEzKR9y6JRFoNwpAX30U9q8GNDcBw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7579198035597955426&cpp=C3&cv=1030476050&st=1764669557819", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-p0m0Bh6W' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5372, tp=13, tpl=0, uplat=391, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 config Show response
www.pndnsns.shop/app-api/trusttool/138909/ 3 KB
1 KB 208ms
208ms XHR
application/json 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/app-api/trusttool/138909/config?route=index/index
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/public.js?v=66cb554f598ff6027edd1441293a7622120211
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d525f8cbf5420475f5b2dee66596613f13a086c60b3314521026167cd0d0817

Request headers

Referer: https://www.pndnsns.shop/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

shop-domain: lichen409.zenshop.cn
access-control-max-age: 1800
access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
x-app-id: 74
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:17 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: *
access-control-request-headers: *
access-control-allow-credentials: true
x-trace-id: 727BFB6F-6BED-BC12-EC61-07E7AEEFF69E
cf-ray: 9a79f8800963f7ae-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 5ca3440d2ad22ff34b0c.woff2
www.pndnsns.shop/dist/front/assets/ 4 KB
4 KB 179ms
179ms Font
application/octet-stream 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/dist/front/assets/5ca3440d2ad22ff34b0c.woff2
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be807033d7d59a652cf81be7cadf8f986d4e7dda4d51e57b8587b70c671d24e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.pndnsns.shop
Referer: https://www.pndnsns.shop/

Response headers

content-md5: 5gzhaod59kj3k1IPOznTkQ==
access-control-max-age: 300
x-oss-storage-class: Standard
cf-cache-status: MISS
etag: "E60CE16A8779F648F793520F3B39D391"
x-oss-object-type: Normal
access-control-allow-methods: GET, POST, PUT, HEAD
expires: Wed, 10 Dec 2025 09:59:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:18 GMT
x-oss-server-time: 1
x-oss-ec: 0048-00000113
content-disposition: attachment
vary: Origin, Accept-Encoding
content-type: application/octet-stream
priority: u=0,i=?0
last-modified: Tue, 02 Dec 2025 09:41:46 GMT
cache-control: public, max-age=691200
x-oss-hash-crc64ecma: 8404660285287436718
cf-ray: 9a79f8816c29f7ae-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3672
x-oss-request-id: 692EB87694D0DB32353306F3
x-oss-force-download: true
server: cloudflare

POST
H2 200 trackingevent
api.affiliations.site/bigoad/ 0
0 18ms
16ms Ping
application/json 167.148.196.76
NET3

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/bigoad/trackingevent?it=1764669557370&title=Cialis&referer=&resolution=1200*1600&lang=de-DE&url=https%3A%2F%2Fwww.pndnsns.shop%2F&host=www.pndnsns.shop&cookie_id=BA1.1.4530563901.1764669557&session_id=BA1.1.9267703457.1764669557&pixel_id=905377540764602624&timestamp_ms=1764669558479&event_id=page_load&value=1&extra=%7B%22load_t%22%3A%222060.40%22%7D&event_extra=%7B%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.148.196.76 , Germany, ASN21840 (NET3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

POST
H2 200 trackingview
api.affiliations.site/bigoad/ 105 B
218 B 26ms
24ms Ping
application/json 167.148.196.76
NET3

General

Check archive.org

Download Go to

Full URL: https://api.affiliations.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_page_loaded%22%2C%22pixel_num%22%3A%22multiple%22%2C%22pixel_id%22%3A%22905377540764602624%3B905590502367205376%3B905661166887505920%22%2C%22wst%22%3A373%2C%22drt%22%3A908%2C%22lgt%22%3A2061%7D&pixel_id=log_pixel_id
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=905377540764602624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.148.196.76 , Germany, ASN21840 (NET3, US),
Reverse DNS
Software: openresty /
Resource Hash: 8967a378536e24731b2818c3d0bc203904599631cfee0763e6f927fb5f55d3a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

bigotraceresponse: 00-e5b6c883ac27d2097b086802ad492905-0-00
content-length: 105
date: Tue, 02 Dec 2025 09:59:18 GMT
content-type: application/json
server: openresty

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 23ms
22ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.817db39b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

14be830b39aed76c5e77563d5db9c0bd1afb957bb65d2d52017abfc7a4a73ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "b462a55c1e834f2e7c5c9c4cfa3c0de6"
x-cdn: akamai
content-length: 2107
date: Tue, 02 Dec 2025 09:59:18 GMT
akamai-grn: 0.8c6656b8.1764669558.16a5a042
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 73B5 565 B
695 B 216ms
181ms Document
text/html 104.75.88.209
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.817db39b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.pndnsns.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.8c6656b8.1764669558.16a5a18d
alt-svc: h3=":443"; ma=604800
cache-control: max-age=86400
content-encoding: gzip
content-length: 326
content-type: text/html; charset=utf-8
date: Tue, 02 Dec 2025 09:59:18 GMT
pinterest-version: dff5cb827b529f41d87ce6216cbc9b7c688a3a14
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 7541037069948487
x-pinterest-rid-128bit: 2d91e5daa0d2e87268a72542d055080b

POST
H3 200 collect Show response
www.pndnsns.shop/homeapi/ 12 B
208 B 184ms
182ms Fetch
text/html 104.16.211.68
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.pndnsns.shop/homeapi/collect
Requested by: Host: www.pndnsns.shop
URL: https://www.pndnsns.shop/uploads/0/theme/default/assets/gtag.js?v=38996bb99df43180b2adf076fa8a11aa120211-1117
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.211.68 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53604ce6156235c253750cf502dc5f4866a076b3308130c1324dfb06f0d9f332

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.pndnsns.shop/

Response headers

trace_id: 0E452F59-D728-C013-B4D0-5B0E9EF098E5
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 9a79f885ccc6f7ae-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 09:59:18 GMT
content-type: text/html;charset=utf-8
server: cloudflare
priority: u=1,i

GET
H3 200 138909_68c076251796ef8e533072e2d77d0c59.png
ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251029/ 42 KB
42 KB 188ms
188ms Other
image/png 34.54.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251029/138909_68c076251796ef8e533072e2d77d0c59.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.54.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.54.34.bc.googleusercontent.com
Software: AliyunOSS /
Resource Hash: 5e40e3c1fcfedc0e255bb72a36e4d521926d7b257d99803a5a6af9fd35dec7e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: iE+Kp/acUZX7TwArx3YTIA==
x-oss-storage-class: Standard
etag: "884F8AA7F69C5195FB4F002BC7761320"
x-oss-object-type: Normal
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 09:59:18 GMT
x-oss-server-time: 21
x-oss-ec: 0048-00000113
content-disposition: inline
vary: Origin
content-type: image/png
last-modified: Thu, 30 Oct 2025 03:39:19 GMT
cache-control: public,max-age=2592000
x-oss-hash-crc64ecma: 6120817547176545173
via: 1.1 google
accept-ranges: bytes
content-length: 42839
x-oss-request-id: 692EB87691795F3438CE54A7
x-oss-force-download: false
server: AliyunOSS

GET
H3 200 138909_68c076251796ef8e533072e2d77d0c59.png
ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251029/ 42 KB
0 0ms
0ms Other
image/png 34.54.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ssl.ssl-images-mar.com/uploads/138909/cart/resources/20251029/138909_68c076251796ef8e533072e2d77d0c59.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.54.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.54.34.bc.googleusercontent.com
Software: AliyunOSS /
Resource Hash: 5e40e3c1fcfedc0e255bb72a36e4d521926d7b257d99803a5a6af9fd35dec7e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.pndnsns.shop/

Response headers

content-md5: iE+Kp/acUZX7TwArx3YTIA==
x-oss-storage-class: Standard
etag: "884F8AA7F69C5195FB4F002BC7761320"
x-oss-object-type: Normal
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 09:59:18 GMT
x-oss-server-time: 21
x-oss-ec: 0048-00000113
content-disposition: inline
vary: Origin
content-type: image/png
last-modified: Thu, 30 Oct 2025 03:39:19 GMT
cache-control: public,max-age=2592000
x-oss-hash-crc64ecma: 6120817547176545173
via: 1.1 google
accept-ranges: bytes
content-length: 42839
x-oss-request-id: 692EB87691795F3438CE54A7
x-oss-force-download: false
server: AliyunOSS

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fake Shop (Retail)

141 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pndnsns.shop/	1970-01-21 12:20:45	Name: _fbp Value: fb.1.1764669556606.262842115966792171
www.pndnsns.shop/	1970-01-21 10:32:45	Name: _auth_debug Value: ob8yh806o3cw8haf%2BHI0iUuzRlxTeGck9VznzUPEnsCrh6x3A3BTO8%2BDRkonQHZ7VVkh9LqoKOQy%2F6rxJB9HlX7QepVKTf6d9352mA%3D%3D
www.pndnsns.shop/	1970-01-21 19:47:09	Name: shop_global_visit_id Value: F7E79E95-5B01-8DA5-38C2-90301D03AABE
www.pndnsns.shop/	1970-01-21 19:47:09	Name: shop_checkout_visit_id Value: BC8BA2D0-0861-CFB3-681D-E8FA7E2D326D
www.pndnsns.shop/	1970-01-21 10:12:35	Name: shop_global_visit_session Value: 88EC2C60-F097-567F-9D83-F44CE66BC966
www.pndnsns.shop/	1970-01-21 10:54:21	Name: utm_source Value: direct
www.pndnsns.shop/	1970-01-21 10:54:21	Name: utm_medium Value: default
www.pndnsns.shop/	1970-01-21 10:54:21	Name: order_utm_history Value: %5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1764669556%2C%22expire_time%22%3A1767261556%7D%5D
www.pndnsns.shop/	1970-01-21 18:56:45	Name: landing_page Value: aHR0cHM6Ly93d3cucG5kbnNucy5zaG9wLw%3D%3D
www.pndnsns.shop/	1970-01-21 10:11:11	Name: shop_keep_alive Value: 3B84854E-78E9-C374-DAB2-13C499F243BD
www.pndnsns.shop/	1970-01-21 10:54:21	Name: first_http_referer Value: null
www.pndnsns.shop/	1970-01-21 19:47:09	Name: first_visit_time Value: 1764669556
www.pndnsns.shop/	1969-12-31 23:59:59	Name: currency_code Value: EUR
www.pndnsns.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6b9df822bc6804175379d124abb7ab6d
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_ua Value: Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F142.0.0.0%2520Safari%252F537.36
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_pu Value:
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_tz Value: Etc%2FGMT-1
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_ss Value: 1600X1200
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_lang Value: de-DE
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_vs Value: 1600X1200
www.pndnsns.shop/	1970-01-21 10:12:35	Name: _AGZFGGA_dt Value: 2025-12-02%2010%3A59%3A16
www.pndnsns.shop/	1970-01-21 19:47:09	Name: _bge_ci Value: BA1.1.4530563901.1764669557
.tiktok.com/	1970-01-21 19:32:45	Name: _ttp Value: 36Hhlqbs8ZhEmOSomRapxo6g1OB
.pndnsns.shop/	1970-01-21 19:32:45	Name: _tt_enable_cookie Value: 1
.pndnsns.shop/	1970-01-21 19:32:45	Name: _ttp Value: 01KBF812PC7C66CCM7DZR2R897_.tt.1
.pinterest.com/	1970-01-21 18:56:45	Name: ar_debug Value: 1
.pndnsns.shop/	1970-01-21 18:56:45	Name: _pin_unauth Value: dWlkPU56a3hPVEZoTmpRdFptSTVPQzAwTXpjMkxUa3lPVE10TkRBNU9UVTFOVGRtT1RSag
.pndnsns.shop/	1970-01-21 19:32:45	Name: ttcsid Value: 1764669557455::H94GPT5yR5451WlYp6sG.1.1764669557716.0
.pndnsns.shop/	1970-01-21 19:32:45	Name: ttcsid_D3AI843C77UFRPGD02J0 Value: 1764669557455::vh3Bx7VPx6LIkDFxc8LR.1.1764669557716.0
.pndnsns.shop/	1970-01-21 19:32:45	Name: ttcsid_D3B7VERC77UAH4NB0L60 Value: 1764669557455::tFx8Qa80qZu7O7HYDngU.1.1764669557716.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ipv6.tiktokw.us
analytics.tiktok.com
api.affiliations.site
api.imotech.video
api.topnotchs.site
connect.facebook.net
ct.pinterest.com
fonts.gstatic.com
s.pinimg.com
ssl.ssl-images-mar.com
www.facebook.com
www.pndnsns.shop
104.16.211.68
104.75.88.209
142.250.185.195
148.135.152.31
157.240.0.35
157.240.0.6
164.90.87.92
167.148.196.76
23.207.210.198
23.219.149.35
23.50.131.200
34.54.241.59
82.26.160.163
011965e526181153da2966de4cd60f3e8ee49394b4fb7d0f1e1f435f4934566b
10e78c2742fc55e62355f821dc199842bd4758e9e2360afa27f819a3339fd6d4
11627feac93cbccf8acac9cf056da802255c1947ee4d1e1577e9b604914c94ac
14be830b39aed76c5e77563d5db9c0bd1afb957bb65d2d52017abfc7a4a73ef1
155b985ef1adde40ada7c58c85d36bc85df4b9dd55c2272f855c5e68eb2604d9
1a8e3441261c1352303ba1f02f4bb329a99973a551e53cdc0d73408779b2c689
1f95990bb0a38b39c7dc7c12fbc4c7df4b6b72760fac40a99261fdc17329f5ef
235eccedb4e1a49cf1eb67d61f67c159076f7957580f013e7dff2d0ef5bf1a6e
2540f925445e0f489094b2cad74e2a8ed6b8f0d399c5d95f16f7c78f58e4c5d8
296e046f13cf47b8aae8acdd42c9ae0f480892838bcda6267e16807a83b82a52
2a97d74c1392ab16148b947399266a33b445420a34e1c7b0c72ccb49f45699f6
2b6fd6019ffee185b0f3f42db045b9e1bc4a57bae8784a5379cc186590f3a6bf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d7350ceeb153e40f2de4534e8bf4ee03656a6ca28fe077b831a143772f979a1
452efa24bbe591c260908438c16fd950b0b7a0fd509c6161e2767e2d5891f21d
4914a07205a13891d527b811790ea095649af508430b0b028b4193f07f24d971
4b638c3a1a9220751de6247a45b3978337f2682d5fd2fccdb3c1a0bd4deeaad0
4bbbce47dc747a750e5e24fcbf64f81a3f184909ba874c28922d6af2ed7abc94
4be469ab0dccc607c3844eb18ce24e898d1e803876864d88901217dceba93976
4e25819ca09671c6c21ad61432d91cb9484edf6b95c1196efb10ad458e54fcd3
534d1a3535fcce63822b583135e6636ddef90de9957615ebac9451079f5b0c8b
53604ce6156235c253750cf502dc5f4866a076b3308130c1324dfb06f0d9f332
5d525f8cbf5420475f5b2dee66596613f13a086c60b3314521026167cd0d0817
5e0ffd19baf03074dd0fe92d928c65bb9518a42ae2c3a4e7ae022714ed4ea534
5e40e3c1fcfedc0e255bb72a36e4d521926d7b257d99803a5a6af9fd35dec7e1
6c44bbc727cf6427aa8037d3fca1f734ec1f8275f2988ef26ace885605c7990c
713314623172816aed3e92295d9fa353bfcbd814131549f97194da955f26e144
7b0ae2371adf17c1e9482919e96329b15a0998141f7dc2344601e6a1f4b469f7
7b8c30b37021f1e245eadfcc5f4883b07de96542b5bc5470569c49a55140da23
81702366ef11ac8bbaec1521c6ce6c0c92d459bb870b32981f28281780143b25
84a2c23fe6c2b10dbd6dd97e37a448e2789a2bd37799d3a72d36e14505f50938
8967a378536e24731b2818c3d0bc203904599631cfee0763e6f927fb5f55d3a3
95eedeadf5b0820051459dcd697d01187784698ce746032fba611cff1e457e43
9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a
9be807033d7d59a652cf81be7cadf8f986d4e7dda4d51e57b8587b70c671d24e
9db30d4c4e957840df349a07562e9e68f8c8fae31321f450870a20a84987c9f5
9fa67a36ccf81274a9959d5b9f6303320f067e224ff8a8d7b4866982ffa54f9d
a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7
a5285ea1d06693856e53474c5b4720b281a089d8d0f270c9437885b5cc71f95e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b7c72442facb5541b2fd71be7ade3eac805413bf3a71afe0c9758db8251d36db
c74f98dc3e61177a7b6f45481c425caa759daaeed459a0e32c75cfebbd3d089c
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb9b6704edd8e55402bb522acbd4d81b28812846535e59f99bd681f5e5a75615
dcf878319a654ffa22f8290662b7cf5d589b4ead26080782408f81117d955256
e1869ece4fc72864b82af19ed6805d8ad684f4f7130b9d8941dba5144e01755e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58972f14e60ff958243af170ac82cb4075e26c8c252caf713b47c9872b5285c
e68879fbc2558543e283b7f082a5a698d32fc6f4e1efef3e981b6236ec7b8eb2
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ece477f4168a4db66df804bfe1d9a09dcea782db51850b9081a81c83abd6d208
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
ff59a767785a8e96166e7009b26416060b1906734df4371132923cb90eee917c

www.pndnsns.shop Open in urlscan Pro 104.16.211.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

0 %IPv6

12 Domains

12 Subdomains

14 IPs

4 Countries

3735 kBTransfer

6331 kBSize

30 Cookies

3 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pndnsns.shop Open in urlscan Pro
104.16.211.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

14
IPs

4
Countries

3735 kB
Transfer

6331 kB
Size

30
Cookies

61 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!