pesc.pw Open in urlscan Pro
34.224.185.197 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://pesc.pw/4ym8w9/
Submission Tags: gc
Submission: On May 28 via api (May 28th 2023, 2:56:07 pm UTC) from JP — Scanned from JP

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 55 HTTP transactions. The main IP is 34.224.185.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pesc.pw.

This is the only time pesc.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	34.224.185.197 34.224.185.197	14618 (AMAZON-AES) (AMAZON-AES)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.194.245.22 34.194.245.22	14618 (AMAZON-AES) (AMAZON-AES)
1	172.67.23.85 172.67.23.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
7	52.163.200.170 52.163.200.170	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	211.21.190.218 211.21.190.218	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
1 2	172.217.175.34 172.217.175.34	15169 (GOOGLE) (GOOGLE)
3	172.217.161.66 172.217.161.66	15169 (GOOGLE) (GOOGLE)
1	142.251.222.34 142.251.222.34	15169 (GOOGLE) (GOOGLE)
1	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
4	172.217.175.98 172.217.175.98	15169 (GOOGLE) (GOOGLE)
1	142.251.222.1 142.251.222.1	15169 (GOOGLE) (GOOGLE)
3	172.217.31.129 172.217.31.129	15169 (GOOGLE) (GOOGLE)
1	172.217.161.68 172.217.161.68	15169 (GOOGLE) (GOOGLE)
55	16

5 34.224.185.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-185-197.compute-1.amazonaws.com

pesc.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.245.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-245-22.compute-1.amazonaws.com

picsee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.23.85 (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-nrt1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.163.200.170 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.21.190.218 (Daan, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net

dmp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.1 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f1.1e100.net

dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.31.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.161.68 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 797 scontent-nrt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 60203	415 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	40 KB
8	tenmax.io ssp.tenmax.io — Cisco Umbrella Rank: 128878 dmp.tenmax.io — Cisco Umbrella Rank: 146745	4 KB
5	pesc.pw pesc.pw	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	22 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	126 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817	103 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 181	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	89 KB
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 84358	531 B
1	cacafly.net tenmax-static.cacafly.net — Cisco Umbrella Rank: 133329	42 KB
1	picsee.co picsee.co	33 KB
55	13

	Domain	Requested by
15	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	ssp.tenmax.io	tenmax-static.cacafly.net
5	pesc.pw	pesc.pw
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	maxcdn.bootstrapcdn.com	pesc.pw maxcdn.bootstrapcdn.com
2	www.googletagservices.com	1 redirects
2	connect.facebook.net	pesc.pw connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.jp	securepubads.g.doubleclick.net
1	scontent-nrt1-1.xx.fbcdn.net	www.facebook.com
1	dmp.tenmax.io	pesc.pw
1	tenmax-static.cacafly.net	pesc.pw
1	picsee.co	pesc.pw
55	18

This site contains links to these domains. Also see Links.

Domain
docs.google.com
pics.ee
www.facebook.com
picsee.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
pics.ee Amazon RSA 2048 M01	`2023-02-23` - `2023-12-01`	9 months	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2023-01-30` - `2024-02-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://pesc.pw/4ym8w9/
Frame ID: CB26AE4C0EE9F152C5F73E2DD072E092
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Frame ID: 210326F4F9C03FFBCBFB363BEDB059CD
Requests: 20 HTTP requests in this frame

Frame: https://dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 394AB55A07D0DCD0E5923AEFE6FF11DF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7A8C4B9B00262C7DA3D97BB194BC07C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 888ACB7D562C3B7B054E02DE744C6623
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not Found | PicSee 皮克看見

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

80 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

16
IPs

5
Countries

907 kB
Transfer

2990 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/document/d/1aVxQWiAwF4TrteIPEQomL3NhIu2qQQb9EnRg_RbRIqM/edit

Search URL Search Domain Scan URL

URL: https://pics.ee/register.php?lang=Array
Title: 会員登録

Search URL Search Domain Scan URL

URL: https://www.facebook.com/picsee.co
Title: 製作者について

Search URL Search Domain Scan URL

URL: https://picsee.io/login?utm_source=navbar&utm_medium=picsee.co
Title: ログイン

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://connect.facebook.net/zh_TW/sdk.js HTTP 307
https://connect.facebook.net/zh_TW/sdk.js

Request Chain 15

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pesc.pw/4ym8w9/ 10 KB
4 KB 401ms
200ms Document
text/html 34.224.185.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://pesc.pw/4ym8w9/

Protocol

HTTP/1.1

Server

34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-185-197.compute-1.amazonaws.com

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

c9712ede169730c01a19406041eb675023e91f8c9168316633a74a84855a3ad3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: ja-JP

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3480
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 May 2023 14:55:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
X-Frame-Options: DENY

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
19 KB 43ms
22ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: pesc.pw
URL: http://pesc.pw/4ym8w9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 495
age: 14217607
cdn-cachedat: 10/08/2021 02:25:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 104056a48772bac099fac16aea943270
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7ce757761dab8a7b-NRT
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 42ms
21ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: pesc.pw
URL: http://pesc.pw/4ym8w9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 637
age: 1513069
cdn-cachedat: 05/15/2022 09:31:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7b037083eda106239825636414d5921a
timing-allow-origin: *
cdn-requestcountrycode: BR
cdn-status: 200
cf-ray: 7ce757761dad8a7b-NRT
cdn-requestpullsuccess: True

GET
H/1.1 404
Not Found picsee.css
pesc.pw/4ym8w9/js/ 0
0 180ms
179ms Stylesheet
text/html 34.224.185.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pesc.pw/4ym8w9/js/picsee.css
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Server: 34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-185-197.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/4ym8w9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
Content-Length: 290
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
picsee.co/js/ 94 KB
33 KB 901ms
367ms Script
application/javascript 34.194.245.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://picsee.co/js/jquery-1.11.1.min.js
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.245.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-245-22.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:46:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jul 2016 10:24:02 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1762a-53731516dd7dc-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33225

GET
H/1.1 404
Not Found bootstrap.min.js
pesc.pw/4ym8w9/js/ 0
0 340ms
172ms Script
text/html 34.224.185.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pesc.pw/4ym8w9/js/bootstrap.min.js
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Server: 34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-185-197.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/4ym8w9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
Content-Length: 296
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found utility.js
pesc.pw/4ym8w9/js/ 0
0 361ms
180ms Script
text/html 34.224.185.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pesc.pw/4ym8w9/js/utility.js
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Server: 34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-185-197.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/4ym8w9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
Content-Length: 290
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found picsee_light_web.png
pesc.pw/4ym8w9/images/ 304 B
304 B 179ms
178ms Image
text/html 34.224.185.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pesc.pw/4ym8w9/images/picsee_light_web.png
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Server: 34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-185-197.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 3a3c8b0f72b97645354eca37f7b3defb290c79e778912cfa1219dd6f8632995e

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/4ym8w9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
Content-Length: 304
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ 138 KB
42 KB 34ms
23ms Script
application/javascript 172.67.23.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Server: 172.67.23.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b8ac9c3928d88b3ab41e6e3c220551da08e23fb224d8dd7337055e3f20d1bc

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 28 May 2023 14:55:58 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Content-MD5: 0pLg90lCZsGxvchxtxywPA==
Age: 2391
Transfer-Encoding: chunked
X-Cache: TCP_MISS
Connection: keep-alive
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 May 2023 01:26:17 GMT
Server: cloudflare
ETag: 0x8DB502C6326F7F9
X-Azure-Ref: 0v75ZZAAAAACJAc5NBKxORYgjD2GvkZ0iVFlPMDFFREdFMjMxNQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: a870faf2-701e-00a6-3c26-82dae9000000
Access-Control-Expose-Headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
Cache-Control: max-age=1800
x-ms-version: 2009-09-19
CF-RAY: 7ce757796fb1af8d-NRT

GET
H2

200

sdk.js Show response
connect.facebook.net/zh_TW/
Redirect Chain

http://connect.facebook.net/zh_TW/sdk.js
https://connect.facebook.net/zh_TW/sdk.js

3 KB
3 KB

32ms
11ms

Script
application/x-javascript

31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: pesc.pw
URL: http://pesc.pw/4ym8w9/

Protocol

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3608de79066893530a63b58df5565500a7012dce5adc76298d4903f9f69b5eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 May 2023 14:55:59 GMT
content-md5: 5VpZshlfisJpTumD0M0xxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: O7ewWujq7g2pNw4UxuET/RCy1azgmzEfR114K5dswnmoqPO/FfjZCqKKluC/LOKRMPhTXWBfi87MfsunIiwPQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 6c0e679649ebd9fd12fb836ec4136504
cross-origin-opener-policy: same-origin-allow-popups
etag: "5abb48d3ebdc64f4a66bf2ad8fc7bbd4"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 28 May 2023 15:02:35 GMT

Redirect headers

Location: https://connect.facebook.net/zh_TW/sdk.js#xfbml=1&version=v2.6&appId=150378901782986
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 29ms
15ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://pesc.pw
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 824579
cdn-cachedat: 12/11/2022 18:06:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e7fbfdb1ddd8f7dedfeb862f42bd7073
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7ce7577c2f57f5c4-NRT
cdn-requestpullsuccess: True

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ 156 B
506 B 152ms
76ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=0cf0b05622074fba&referer=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&bodyWidth=1600&bodyHeight=1200&cacheBuster=810f0f27-ce15-43ca-9619-4eb72b001dfc
Requested by: Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 04ac7b68a138ce1c270939df43081758607938aaaf277e7228f60fce12864e0e

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:59 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://pesc.pw
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 156
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H/1.1 200 b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ 43 B
528 B 177ms
44ms Image
image/gif 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=560854806
Requested by: Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Daan, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 May 2023 14:55:59 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 307 KB
87 KB 31ms
14ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=c7859639373e5e52ba26e53c27d18e94

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3c7cff8309231f181b3e31b4229a5a15618d061df72ff9ef17c58a44c4b36c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://pesc.pw/
Origin: http://pesc.pw
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 May 2023 14:55:59 GMT
content-md5: BPLHwyTj3W8ZuZagtQGl1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88797
x-fb-rlafr: 0
x-fb-debug: TLopwwHNEOZtmIuGfQFhls4jwVgyvwEGMN0lZrmOggVx9vkO6n0U7z9R36noENVNr5x0JTLUIxuWD2ocsoKArQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 25fc30481b12f58b95630fd2a975e9d9
cross-origin-opener-policy: same-origin-allow-popups
etag: "92092faf4b3b443ac8b84baf79a91602"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 May 2024 12:51:21 GMT

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/universal/ 2 KB
2 KB 77ms
77ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=0cf0b05622074fba&sessionId=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&referer=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&bodyWidth=1600&bodyHeight=1200&cacheBuster=5b902a94-fb5b-4aa9-964d-b2a6e2fd01e8
Requested by: Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 39f015b619cb9faadcf48dbd74d4400e7749eb5c9e3f57992851f67795c16427

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:59 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://pesc.pw
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1964
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H2 200 page.php Show response
www.facebook.com/v2.6/plugins/ Frame 2103 43 KB
16 KB 192ms
165ms Document
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=c7859639373e5e52ba26e53c27d18e94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

3899790754757f7b5ab647f20a62041baf4839a389a46deb51144d55d277a7c3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pesc.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 14:55:59 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: yMUeju4i1q53gWPpArO/cPN7/1CnbFp4UHzW5EuASILxatZBVv0Ru7etmcRA/XqBAtTiNDgebAMU8ua/tzZjvg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

75 KB
25 KB

126ms
61ms

Script
text/javascript

172.217.175.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Protocol

Server

172.217.175.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s19-in-f2.1e100.net

Software

cafe /

Resource Hash

9457275ee3f3e642dfbc736be60495e25184469a77090acad39c57a3ad9d8622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25142
x-xss-protection: 0
server: cafe
etag: 880 / 19505 / m202305230101 / config-hash: 5486929009166019583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 May 2023 14:55:59 GMT

Redirect headers

Date: Sun, 28 May 2023 14:55:59 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Sun, 28 May 2023 14:55:59 GMT

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ 0
206 B 241ms
77ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&chid=a1ebcf323fa54a53&sid=0cf0b05622074fba
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:55:59 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Cva8ktIyd-j.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/ Frame 2103 26 KB
7 KB 40ms
9ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

254ede6ffe0001c81bd064abca52d69f6754b569d600bf0659b0136d947c6621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9SVdPUmBfAprIYqT7WgTyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6513
x-fb-rlafr: 0
x-fb-debug: HAfJr8MWWU5xHWX+ac7Ymd2FAXp27fdvJAzuxHZYuXk3au46CTiGjbbYB/POP9K6jlGr6lF+AmG01P9lJwPIWg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 26 May 2024 18:02:45 GMT

GET
H2 200 HRaWhBfUmGv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 2103 306 KB
80 KB 40ms
10ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

779fdaeef21c970fb8a891075d133a8f1af2edecfa84a163dacaec282532eb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jwS50NRWDVCsnuQqzZTZoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81676
x-fb-rlafr: 0
x-fb-debug: IaH58/J2BD4pxgFhLgsMnvCw8J5tGzk0RM2dsDBOOsLcyTYOflQ7oZKELUZAEzY0ltiY8c/PNOEaPA4IA6uAhw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 24 May 2024 01:55:35 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 2103 5 KB
2 KB 40ms
10ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: fnhmgqGbgJtjoByozw9Gw7AGxgEB6VH1b+WKPBCmdtRFjAZGE6aiBiyts/o9VfXNGK8BCxMZ7RJRU7Zz8nldHQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), hid=(), midi=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 15 May 2024 17:21:29 GMT

GET
H2 200 h1xpMC2dKHT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 2103 97 KB
29 KB 60ms
31ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/h1xpMC2dKHT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

0f613b1e2ef73a8770843e1718e19f885cfe6daf55b581004157d81d3aca46bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uqd4cvblnRLKt1GlCXEcaQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29615
x-fb-rlafr: 0
x-fb-debug: r6F6SQHXyw0K/2QCjDAEoOxTjMwkdSGa74ghBnOoI43Jn8TiBQ0eOT9XQkzJ1XiUW03YLGrSUjcDFUpE2XCeKA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 25 May 2024 21:18:15 GMT

GET
H2 200 u7vXL4wqpHG.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 2103 53 KB
15 KB 60ms
31ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/u7vXL4wqpHG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b953d0fb96f5b4ea6594885c638348f09f7337bbf738e1971766c2bb892bd2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bsoj/AK7Of7zgv4/+WeXhg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14960
x-fb-rlafr: 0
x-fb-debug: SFtqHF2Pyw6F3x5FTugYgOLQ2iusBetNRiAxAZaVJQgFfu2c/g3dO5f1zDhM3klKmPLOxL7Oq/Tn7Et3PLgong==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 26 May 2024 17:50:35 GMT

GET
H2 200 n-dMbnkaqug.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFvO4/yE/l/zh_TW/ Frame 2103 232 KB
66 KB 60ms
32ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFvO4/yE/l/zh_TW/n-dMbnkaqug.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

7cba4259001374bb1ce948211208eb4b5c2c85420d250f9014f0ad66f16013a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o5QcK/9rL1eGxmzu9L7TYw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66808
x-fb-rlafr: 0
x-fb-debug: DbdNFGgmWNfxzc+7d/i8dmDluK2wr+yVCJ7knUfYlOFuecoTml7uusQWMHGuGVncY7PhfE3M7oqLa9FHPa2ZlQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 25 May 2024 16:27:14 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2103 507 B
579 B 60ms
32ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: UlSHoAXYtyH8BBKNjPzSd1qK3xfoKGZlfhoQWYZJSZkKPpmUzdJOePfZKjoct861VKyQIA/eAlNSojhi6SGSXg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), hid=(), magnetometer=(), screen-wake-lock=(), serial=()
timing-allow-origin: *
expires: Wed, 15 May 2024 16:43:38 GMT

GET
H2 200 dalteBytAMf.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/ Frame 2103 103 KB
30 KB 59ms
32ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

a7b298630023d94b5bd14101c2d8c778c770aeb0f82cf6a92f970b382ac88a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: S3KvT8Ypbe6pJ55Nv8LqGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30727
x-fb-rlafr: 0
x-fb-debug: gknjvIKYyM6j069kVCZ8cAaH9jmeIqaDGYvZwKHK3OjevQkYZKGi6cdShMcxmIW40ldLyZvCA2Syk16biGCnYg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 24 May 2024 00:28:50 GMT

GET
H2 200 307033773_475730861255924_260010209900194639_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2103 2 KB
2 KB 10ms
8ms Image
image/jpeg 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/307033773_475730861255924_260010209900194639_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=yodxPzAEbA4AX9MbBGe&_nc_ht=scontent-nrt1-1.xx&edm=AGwHaCsEAAAA&oh=00_AfC-5Napm_Kxs7MzQaa4TWU9zsY5cN0w2F12xzvIPypw3A&oe=64779E11
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-nrt1.fbcdn.net
Software: /
Resource Hash: e356f9a7dca07bb3bd80ec37975001def289dd048dcd41b933e898f9600dcfdf

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 15 Oct 2022 06:15:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2107119048
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4180281520
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1639

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/ 403 KB
125 KB 68ms
14ms Script
text/javascript 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

cafe /

Resource Hash

8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:09:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85572
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127382
x-xss-protection: 0
server: cafe
etag: 12178286523779166803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 26 May 2024 15:09:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 57 B
593 B 109ms
50ms XHR
application/json 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pesc.pw

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

cafe /

Resource Hash

6c359951abc2828f7de4f05b48bd81d93f4cf15e2f0d8fa199b39204c8192cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
x-xss-protection: 0
expires: Sun, 28 May 2023 14:55:59 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2103 573 B
630 B 26ms
15ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: lswEbjYbNNApylmgJJssjBYUtRjav88lFRAJqLYnZR63/1uqeHafFXT3KTxp/Xmqvhnp4Rrm7A1oFa/wnho60Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 23 May 2024 21:41:44 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 2103 14 KB
5 KB 145ms
145ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=messages&config_json=%7B%22app_id%22%3A%22150378901782986%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fpicsee.co%22%2C%22width%22%3A340%2C%22height%22%3A300%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22messages%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22http%3A%2F%2Fpesc.pw%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19505.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007577662&__s=%3A%3Aot2k7b&__hsi=7238247219846206989&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w&__csr=&locale=zh_TW&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

1344684a74fa60b34263e6044990574c2312bcfc3387b6ad758fa1346b7260b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ynJhtp1pgiTfui0oMNvv6X
Referer: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 28 May 2023 14:55:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: SJO6DG2GDBj/Bd03cASqWc7QTZ4FaytePZvZF6/Vkj+YLG+mVESaV4ceJ2iPqUonCiP9Bz3aRebrWKLrzK+W0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 2103 113 B
843 B 129ms
128ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

180cfcc9e154f00f127029a4e464f9f204c08818fd432225e7b02e97ebfbb1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ynJhtp1pgiTfui0oMNvv6X
Referer: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 28 May 2023 14:55:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: PcK4uWfsfTzklWBX4qGRt7mUenf6bajAFjZYZyBUbFZHdA8bVLvcjgUgCSlIQ26UvOWzVnvk92VSLA5z8VoPyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2103 1 KB
1 KB 8ms
7ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:55:59 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: 7xm8fzhp9sRNQwI9xw0CIEAONyEsOdtnZC/z4fb6dXf6nO96KErnlaRkQO8fsDgCguT5Z6CmbItyIRwJNFpgRQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 23 May 2024 20:49:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
531 B 99ms
46ms Script
application/javascript 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=pesc.pw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 104ms
49ms Script
application/javascript 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pesc.pw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 691 B
719 B 86ms
86ms XHR
text/plain 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3118574355830733&correlator=3490866240308408&eid=31074924%2C31074947%2C31068825&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2C0cf0b05622074fba&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=1&adks=3166569463&sfv=1-0-40&prev_scp=adx_region%3DTWN%26line_item_type%3DadExchange%252CadSense&eri=4&sc=0&cookie_enabled=1&abxe=1&dt=1685285759975&lmt=1685285759&dlt=1685285758389&idt=1559&adxs=640&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&frm=20&vis=1&psz=0x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1161122089.1685285760&ga_sid=1685285760&ga_hid=975756947&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

cafe /

Resource Hash

45216008437131403583395317de456203882ab9b42abea99f6d1b0ef98d3c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://pesc.pw
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 117ms
63ms XHR
application/json 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

07f6d4ee656a6fe72044db9d1cc9d43e9adcae9f9c1d1474f7870a30ef0b5c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11182
x-xss-protection: 0

GET
H2 200 container.html Show response
dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 394A 6 KB
3 KB 110ms
53ms Document
text/html 142.251.222.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pesc.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 14:56:00 GMT
expires: Mon, 27 May 2024 14:56:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ie4NzwkOHw_.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ Frame 2103 2 KB
812 B 11ms
11ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ie4NzwkOHw_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1f403f00df2aaf1e25d0167cb3e573f8de7325227289d0f4e6eab9d3bae88315

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h3w71WJr6aQMTe3pMRCkiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 757
x-fb-rlafr: 0
x-fb-debug: Gndh4hhIYS/U6AWWR1T6WkCAB/cbXScPn9g62lzv+e89gLdazo9h1cqbhONp/oOyaH7l9zUsIebwbrvpVbLbZQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sun, 26 May 2024 19:24:02 GMT

GET
H3 200 7yrFj6puK50.js Show response
static.xx.fbcdn.net/rsrc.php/v3illq4/yg/l/zh_TW/ Frame 2103 30 KB
9 KB 11ms
11ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3illq4/yg/l/zh_TW/7yrFj6puK50.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

52e58984f59116698f9cc8464044a18862a220f2020a0fa56c2b860aa281d155

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q4/b5Ju+1K+JknsQoJs9AA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8772
x-fb-rlafr: 0
x-fb-debug: NpfZ1mrFIl5llflgWV5iVfB5jZSYFV7Xg8uaL6bfZ+JcTFzZnCcLae7xjDGo+tiDqZsB9D8Toncf/5MsVPUaaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=()
timing-allow-origin: *
priority: u=1
expires: Wed, 15 May 2024 17:21:33 GMT

GET
H3 200 V0rSkbgCgwf.js Show response
static.xx.fbcdn.net/rsrc.php/v3il-Z4/yi/l/zh_TW/ Frame 2103 403 KB
95 KB 12ms
11ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3il-Z4/yi/l/zh_TW/V0rSkbgCgwf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

89d0302a29aa4deb47abffd286ea3ffe1314a530aadabc3b3ef18899ce5428af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QAKnrgQd6a85XAdkfslsSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 97182
x-fb-rlafr: 0
x-fb-debug: NQ8Fd4H7KOtAQoSiTxpWl3hcYGzBGdVV5NOklTLHwZqGgnKd7netzZ9skB42IhRR4wL32L1cFHxVVS8V1wbHcw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Fri, 24 May 2024 16:15:38 GMT

GET
H3 200 9ggHta3Ft7L.js Show response
static.xx.fbcdn.net/rsrc.php/v3iND64/yW/l/zh_TW/ Frame 2103 330 KB
77 KB 18ms
18ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iND64/yW/l/zh_TW/9ggHta3Ft7L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b1ed9c369301102c5044c8505a76ef048a50925fb066c45e50adb49af2034613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9AXUIhA+bc614jNXOqeg9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79216
x-fb-rlafr: 0
x-fb-debug: t6c664+SKx8CbM6xoBDCDRHlZJzyP2glTVadta8PNdSMuKd49iv3r2PwFB0cItuLOSRmMm4uBju4mVgD2dbc9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Wed, 22 May 2024 22:19:30 GMT

GET
H3 200 YWYVXKjsEuT.js Show response
static.xx.fbcdn.net/rsrc.php/v3iKhz4/yd/l/zh_TW/ Frame 2103 976 B
588 B 29ms
29ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iKhz4/yd/l/zh_TW/YWYVXKjsEuT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

187a03638a93e007de6af54df8f5426b24bba7b0f699215dd143c589811b590f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3jxDH6tXMOT9/+Tabk4anA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 533
x-fb-rlafr: 0
x-fb-debug: UvI7r1lKn1h/kN0Gqy10jICEpYJcd+SYjF4v/RXLsvAz7bXArZJwol1RtQihOS4rT6jp0xa4kTutfL7v9fX6TQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Wed, 22 May 2024 14:00:22 GMT

GET
H/1.1 204
No Content noFill
ssp.tenmax.io/supply/tracking/ 0
206 B 81ms
80ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/noFill?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&chid=a1ebcf323fa54a53&sid=0cf0b05622074fba
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:56:00 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK ad Show response
ssp.tenmax.io/supply/v3/universal/ 2 B
350 B 99ms
98ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp.tenmax.io/supply/v3/universal/ad?rmaxSpaceId=0cf0b05622074fba&sessionId=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&ts=1685285759499&id=e43da42c47f0425a&referer=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&bodyWidth=1600&bodyHeight=1200&cacheBuster=05fd1f90-8575-41a6-96bd-d4638143b566
Requested by: Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:56:00 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://pesc.pw
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ 0
206 B 157ms
76ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&chid=e43da42c47f0425a&sid=0cf0b05622074fba
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:56:00 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 122ms
67ms Script
text/javascript 172.217.31.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 May 2023 14:56:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 2103 113 B
145 B 127ms
127ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

e313b6d5c906b030a686447d7f1c09b518b4618b4c19e12ef66e943aa4c696f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ynJhtp1pgiTfui0oMNvv6X
Referer: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 28 May 2023 14:56:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: DxHUqs5OVsjZs0t2H5JJDn5yjB4U813Ex+uhvEXOMnWfoPC1bbReifjIpN+bNrjRjtk8d7mA/egQokGOBZFnlA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
206 B 135ms
79ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 14:56:00 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7A8 13 KB
5 KB 13ms
10ms Document
text/html 172.217.31.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pesc.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 173915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 14:37:25 GMT
expires: Sat, 25 May 2024 14:37:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 888A 783 B
1 KB 108ms
49ms Document
text/html 172.217.161.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f4.1e100.net

Software

GSE /

Resource Hash

0f6154ff0721601e21fb68de6e226de8953a1eaa89adc9d9b6499cb17cec934a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mUl0ype52BoCJcwJfaAiDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://pesc.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-mUl0ype52BoCJcwJfaAiDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 14:56:00 GMT
expires: Sun, 28 May 2023 14:56:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js Show response
pagead2.googlesyndication.com/bg/ Frame D7A8 37 KB
14 KB 53ms
10ms Script
text/javascript 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

sffe /

Resource Hash

d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:53:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 414168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 19:53:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 888A 0
0 46ms
46ms Image
text/html 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=3118574355830733&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7A8 0
10 B 8ms
8ms Image
text/plain 172.217.31.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G_Oc1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:56:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Image
text/html 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305230101&jk=3118574355830733&bg=!jI-lj9vNAAZu7ficTu07ADkAdvg8Wtxu4va91BxyIa3xZ5F-8q59AvyqKADgxskySoUNRykW83WIFbLJUfXBoIP5I5GeOMJzG4MCAAAAWFIAAAACaAEHmQKh1SsPqz7c5vxTa2BNIdOUABJtzBLwXk32OyjJakSP1IUwra_P4_SAeoTNI90XKSIDTkUbtKbMx9g1KHCpeE0hTCFHxDZYg8I2_EqZLEi0v8nS7hMEnwfjMhmFKEjtNQibBHxYLVOvIXfY_d2H85cl95TZw7S85WHIdDVYjh7nn6LUP8pVcXr3CDAz9YfA7lpKHXQ5drafpkUMs3zMF17KptNAhS5HXFvxK_y-0WXuiuejo0yZJg9hOMKgkTtJAQvTeiyk11dmRCVlMUdnmK9Is3Jajv2by-WxFBz_LP6wmz6DJ3KysVaCoJfHMY2rAD70SL_hBBowqwDlj9KexdVzEuVTXUKvME-XoyIjy_pE3-Tlqxnk15ns3LhJVR3tfm8yVig9PInhMTIuHtp_77t0AjV_PHa0zJI-s7r5J8nxQQ-74TkvPQKHD_f_fBZew-xJ3RiKij0s6FM7lEPmkD3-olPYbV4G9xLA7hGwazUtmeyqSOYl9cz01WsuwkKVQSF-QLbdXs7VqJNC6FXbe_nXrZHXPydw03TktwrM2OhyHiFT16Ups6ZfHXef3M9Tw5rh5QxEWwi9jJxAX47oIzQRJm1oJpub3D-7BVKRBS3BeUmFL2K1YcJUeG5LpOLMldI1L2wLL7XWRgmVJvCQcKNm9cfyBxciI1j33f--K6PXvvIoFt2yw5X34TdltrHNCW9yJvfWmwg0OeCdPBKTxA9YPTmatyNP_MMg4eBcgEIRiiYRXmiOCM3yEuOJNzTG4SLUBQhIPGzqHDxjLkkxPhWKCkRexkyOj0Vc246Rhp-n08vmOisD_238N4HAdkNQ2hsrwLYLkuZUCAGBwBYfF_7NiqZZnFmJDbr071xIukJbefa-0PFrWt08VTPwMzxASKmH_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: http://pesc.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pesc.pw/4ym8w9/	1970-01-20 12:51:17	Name: /4ym8w9/ Value: 1
pesc.pw/4ym8w9	1970-01-20 20:53:41	Name: browser_uuid Value: 47481AB5-F872-E55E-39BF-EFA1DF678AB9
.pesc.pw/4ym8w9	1970-01-20 12:51:17	Name: 4ym8w9 Value: 1
pesc.pw/	1969-12-31 23:59:59	Name: lang Value: ja-jp
picsee.co/	1970-01-20 12:08:06	Name: AWSELBCORS Value: 857901F90A8FB9EC38D630240291ED2961407CD978F71C05F171F480C5C1D4D63320BF8566E072E56671A06125C5FEEF570259D843CB5952A5678474C4CD39FE60DF2DBEAA
.tenmax.io/	1970-01-20 21:44:05	Name: uid Value: c1edcf40-fd67-11ed-901e-675fa9a36d99
.tenmax.io/	1970-01-20 12:09:32	Name: wt Value: 1
.doubleclick.net/	1970-01-20 12:08:06	Name: test_cookie Value: CheckForPermission
.pesc.pw/	1970-01-20 21:29:41	Name: __gads Value: ID=6dcf2db69ecf90d1:T=1685285760:RT=1685285760:S=ALNI_MZGi1n1qyRfigt43vSNKgOl-LtgFw
.pesc.pw/	1970-01-20 21:29:41	Name: __gpi Value: UID=00000c0bf98f2ce0:T=1685285760:RT=1685285760:S=ALNI_MbfKcXmYBIsl8oq9VLXDvvOZmDJKA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pesc.pw/4ym8w9/js/picsee.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://pesc.pw/4ym8w9/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://pesc.pw/4ym8w9/js/utility.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://pesc.pw/4ym8w9/images/picsee_light_web.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
connect.facebook.net
dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com
dmp.tenmax.io
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pesc.pw
picsee.co
scontent-nrt1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
ssp.tenmax.io
static.xx.fbcdn.net
tenmax-static.cacafly.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
104.18.10.207
142.250.199.98
142.251.222.1
142.251.222.34
172.217.161.66
172.217.161.68
172.217.175.34
172.217.175.98
172.217.31.129
172.67.23.85
211.21.190.218
31.13.82.36
31.13.82.7
34.194.245.22
34.224.185.197
52.163.200.170
04ac7b68a138ce1c270939df43081758607938aaaf277e7228f60fce12864e0e
07f6d4ee656a6fe72044db9d1cc9d43e9adcae9f9c1d1474f7870a30ef0b5c3b
0f613b1e2ef73a8770843e1718e19f885cfe6daf55b581004157d81d3aca46bc
0f6154ff0721601e21fb68de6e226de8953a1eaa89adc9d9b6499cb17cec934a
1344684a74fa60b34263e6044990574c2312bcfc3387b6ad758fa1346b7260b9
180cfcc9e154f00f127029a4e464f9f204c08818fd432225e7b02e97ebfbb1c5
187a03638a93e007de6af54df8f5426b24bba7b0f699215dd143c589811b590f
1f403f00df2aaf1e25d0167cb3e573f8de7325227289d0f4e6eab9d3bae88315
254ede6ffe0001c81bd064abca52d69f6754b569d600bf0659b0136d947c6621
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3608de79066893530a63b58df5565500a7012dce5adc76298d4903f9f69b5eb1
3899790754757f7b5ab647f20a62041baf4839a389a46deb51144d55d277a7c3
39f015b619cb9faadcf48dbd74d4400e7749eb5c9e3f57992851f67795c16427
3a3c8b0f72b97645354eca37f7b3defb290c79e778912cfa1219dd6f8632995e
3c7cff8309231f181b3e31b4229a5a15618d061df72ff9ef17c58a44c4b36c44
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45216008437131403583395317de456203882ab9b42abea99f6d1b0ef98d3c77
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
52e58984f59116698f9cc8464044a18862a220f2020a0fa56c2b860aa281d155
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c359951abc2828f7de4f05b48bd81d93f4cf15e2f0d8fa199b39204c8192cfd
779fdaeef21c970fb8a891075d133a8f1af2edecfa84a163dacaec282532eb44
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cba4259001374bb1ce948211208eb4b5c2c85420d250f9014f0ad66f16013a8
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
89d0302a29aa4deb47abffd286ea3ffe1314a530aadabc3b3ef18899ce5428af
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
9457275ee3f3e642dfbc736be60495e25184469a77090acad39c57a3ad9d8622
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7b298630023d94b5bd14101c2d8c778c770aeb0f82cf6a92f970b382ac88a2a
a7b8ac9c3928d88b3ab41e6e3c220551da08e23fb224d8dd7337055e3f20d1bc
b1ed9c369301102c5044c8505a76ef048a50925fb066c45e50adb49af2034613
b953d0fb96f5b4ea6594885c638348f09f7337bbf738e1971766c2bb892bd2fa
c9712ede169730c01a19406041eb675023e91f8c9168316633a74a84855a3ad3
d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3
e313b6d5c906b030a686447d7f1c09b518b4618b4c19e12ef66e943aa4c696f9
e356f9a7dca07bb3bd80ec37975001def289dd048dcd41b933e898f9600dcfdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

pesc.pw Open in urlscan Pro 34.224.185.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

80 %HTTPS

0 %IPv6

13 Domains

18 Subdomains

16 IPs

5 Countries

907 kBTransfer

2990 kBSize

10 Cookies

4 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pesc.pw Open in urlscan Pro
34.224.185.197 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

80 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

16
IPs

5
Countries

907 kB
Transfer

2990 kB
Size

10
Cookies

55 HTTP transactions
0 data transactions