URL: http://pesc.pw/4ym8w9/
Submission Tags: gc
Submission: On May 28 via api from JP — Scanned from JP

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 55 HTTP transactions. The main IP is 34.224.185.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pesc.pw.
This is the only time pesc.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.224.185.197 14618 (AMAZON-AES)
3 104.18.10.207 13335 (CLOUDFLAR...)
1 34.194.245.22 14618 (AMAZON-AES)
1 172.67.23.85 13335 (CLOUDFLAR...)
18 31.13.82.7 32934 (FACEBOOK)
7 52.163.200.170 8075 (MICROSOFT...)
1 211.21.190.218 3462 (HINET Dat...)
4 31.13.82.36 32934 (FACEBOOK)
1 2 172.217.175.34 15169 (GOOGLE)
3 172.217.161.66 15169 (GOOGLE)
1 142.251.222.34 15169 (GOOGLE)
1 142.250.199.98 15169 (GOOGLE)
4 172.217.175.98 15169 (GOOGLE)
1 142.251.222.1 15169 (GOOGLE)
3 172.217.31.129 15169 (GOOGLE)
1 172.217.161.68 15169 (GOOGLE)
55 16
Apex Domain
Subdomains
Transfer
16 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 797
scontent-nrt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 60203
415 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
40 KB
8 tenmax.io
ssp.tenmax.io — Cisco Umbrella Rank: 128878
dmp.tenmax.io — Cisco Umbrella Rank: 146745
4 KB
5 pesc.pw
pesc.pw
4 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
22 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
126 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817
103 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
89 KB
1 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 84358
531 B
1 cacafly.net
tenmax-static.cacafly.net — Cisco Umbrella Rank: 133329
42 KB
1 picsee.co
picsee.co
33 KB
55 13
Domain Requested by
15 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
7 ssp.tenmax.io tenmax-static.cacafly.net
5 pesc.pw pesc.pw
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 www.facebook.com connect.facebook.net
static.xx.fbcdn.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 maxcdn.bootstrapcdn.com pesc.pw
maxcdn.bootstrapcdn.com
2 www.googletagservices.com 1 redirects
2 connect.facebook.net pesc.pw
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.jp securepubads.g.doubleclick.net
1 scontent-nrt1-1.xx.fbcdn.net www.facebook.com
1 dmp.tenmax.io pesc.pw
1 tenmax-static.cacafly.net pesc.pw
1 picsee.co pesc.pw
55 18

This site contains links to these domains. Also see Links.

Domain
docs.google.com
pics.ee
www.facebook.com
picsee.io
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
pics.ee
Amazon RSA 2048 M01
2023-02-23 -
2023-12-01
9 months crt.sh
*.tenmax.io
Gandi Standard SSL CA 2
2023-01-30 -
2024-02-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-03-06 -
2023-06-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh

This page contains 5 frames:

Primary Page: http://pesc.pw/4ym8w9/
Frame ID: CB26AE4C0EE9F152C5F73E2DD072E092
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Frame ID: 210326F4F9C03FFBCBFB363BEDB059CD
Requests: 20 HTTP requests in this frame

Frame: https://dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 394AB55A07D0DCD0E5923AEFE6FF11DF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7A8C4B9B00262C7DA3D97BB194BC07C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 888ACB7D562C3B7B054E02DE744C6623
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Not Found | PicSee 皮克看見

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

80 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

16
IPs

5
Countries

907 kB
Transfer

2990 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://connect.facebook.net/zh_TW/sdk.js HTTP 307
  • https://connect.facebook.net/zh_TW/sdk.js
Request Chain 15
  • http://www.googletagservices.com/tag/js/gpt.js HTTP 302
  • https://www.googletagservices.com/tag/js/gpt.js

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pesc.pw/4ym8w9/
10 KB
4 KB
Document
General
Full URL
http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Server
34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-185-197.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
c9712ede169730c01a19406041eb675023e91f8c9168316633a74a84855a3ad3
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
3480
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 May 2023 14:55:58 GMT
Server
Apache/2.4.7 (Ubuntu)
Vary
Accept-Encoding
X-Frame-Options
DENY
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/
115 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
495
age
14217607
cdn-cachedat
10/08/2021 02:25:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
104056a48772bac099fac16aea943270
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7ce757761dab8a7b-NRT
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
637
age
1513069
cdn-cachedat
05/15/2022 09:31:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7b037083eda106239825636414d5921a
timing-allow-origin
*
cdn-requestcountrycode
BR
cdn-status
200
cf-ray
7ce757761dad8a7b-NRT
cdn-requestpullsuccess
True
picsee.css
pesc.pw/4ym8w9/js/
0
0
Stylesheet
General
Full URL
http://pesc.pw/4ym8w9/js/picsee.css
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Server
34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-185-197.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/4ym8w9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:58 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
keep-alive
Content-Length
290
Content-Type
text/html; charset=iso-8859-1
jquery-1.11.1.min.js
picsee.co/js/
94 KB
33 KB
Script
General
Full URL
https://picsee.co/js/jquery-1.11.1.min.js
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.245.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-245-22.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:46:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Jul 2016 10:24:02 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1762a-53731516dd7dc-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33225
bootstrap.min.js
pesc.pw/4ym8w9/js/
0
0
Script
General
Full URL
http://pesc.pw/4ym8w9/js/bootstrap.min.js
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Server
34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-185-197.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/4ym8w9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:58 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
keep-alive
Content-Length
296
Content-Type
text/html; charset=iso-8859-1
utility.js
pesc.pw/4ym8w9/js/
0
0
Script
General
Full URL
http://pesc.pw/4ym8w9/js/utility.js
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Server
34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-185-197.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/4ym8w9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:58 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
keep-alive
Content-Length
290
Content-Type
text/html; charset=iso-8859-1
picsee_light_web.png
pesc.pw/4ym8w9/images/
304 B
304 B
Image
General
Full URL
http://pesc.pw/4ym8w9/images/picsee_light_web.png
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Server
34.224.185.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-185-197.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
3a3c8b0f72b97645354eca37f7b3defb290c79e778912cfa1219dd6f8632995e

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/4ym8w9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:58 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
keep-alive
Content-Length
304
Content-Type
text/html; charset=iso-8859-1
adsbytenmax.js
tenmax-static.cacafly.net/ssp/
138 KB
42 KB
Script
General
Full URL
http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Server
172.67.23.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b8ac9c3928d88b3ab41e6e3c220551da08e23fb224d8dd7337055e3f20d1bc

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Sun, 28 May 2023 14:55:58 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Content-MD5
0pLg90lCZsGxvchxtxywPA==
Age
2391
Transfer-Encoding
chunked
X-Cache
TCP_MISS
Connection
keep-alive
x-ms-lease-status
unlocked
Last-Modified
Tue, 09 May 2023 01:26:17 GMT
Server
cloudflare
ETag
0x8DB502C6326F7F9
X-Azure-Ref
0v75ZZAAAAACJAc5NBKxORYgjD2GvkZ0iVFlPMDFFREdFMjMxNQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
a870faf2-701e-00a6-3c26-82dae9000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
Cache-Control
max-age=1800
x-ms-version
2009-09-19
CF-RAY
7ce757796fb1af8d-NRT
sdk.js
connect.facebook.net/zh_TW/
Redirect Chain
  • http://connect.facebook.net/zh_TW/sdk.js
  • https://connect.facebook.net/zh_TW/sdk.js
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
H2
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3608de79066893530a63b58df5565500a7012dce5adc76298d4903f9f69b5eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 May 2023 14:55:59 GMT
content-md5
5VpZshlfisJpTumD0M0xxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
O7ewWujq7g2pNw4UxuET/RCy1azgmzEfR114K5dswnmoqPO/FfjZCqKKluC/LOKRMPhTXWBfi87MfsunIiwPQw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
6c0e679649ebd9fd12fb836ec4136504
cross-origin-opener-policy
same-origin-allow-popups
etag
"5abb48d3ebdc64f4a66bf2ad8fc7bbd4"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 28 May 2023 15:02:35 GMT

Redirect headers

Location
https://connect.facebook.net/zh_TW/sdk.js#xfbml=1&version=v2.6&appId=150378901782986
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://pesc.pw
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
912
age
824579
cdn-cachedat
12/11/2022 18:06:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e7fbfdb1ddd8f7dedfeb862f42bd7073
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7ce7577c2f57f5c4-NRT
cdn-requestpullsuccess
True
spaceSetting
ssp.tenmax.io/supply/v3/universal/
156 B
506 B
XHR
General
Full URL
http://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=0cf0b05622074fba&referer=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&bodyWidth=1600&bodyHeight=1200&cacheBuster=810f0f27-ce15-43ca-9619-4eb72b001dfc
Requested by
Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
04ac7b68a138ce1c270939df43081758607938aaaf277e7228f60fce12864e0e

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:59 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://pesc.pw
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
156
X-Application-Context
application:prod,aggregator,build-ext:58070
b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/
43 B
528 B
Image
General
Full URL
https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=560854806
Requested by
Host: pesc.pw
URL: http://pesc.pw/4ym8w9/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Daan, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 28 May 2023 14:55:59 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
sdk.js
connect.facebook.net/zh_TW/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=c7859639373e5e52ba26e53c27d18e94
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3c7cff8309231f181b3e31b4229a5a15618d061df72ff9ef17c58a44c4b36c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://pesc.pw/
Origin
http://pesc.pw
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 May 2023 14:55:59 GMT
content-md5
BPLHwyTj3W8ZuZagtQGl1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88797
x-fb-rlafr
0
x-fb-debug
TLopwwHNEOZtmIuGfQFhls4jwVgyvwEGMN0lZrmOggVx9vkO6n0U7z9R36noENVNr5x0JTLUIxuWD2ocsoKArQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
25fc30481b12f58b95630fd2a975e9d9
cross-origin-opener-policy
same-origin-allow-popups
etag
"92092faf4b3b443ac8b84baf79a91602"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 May 2024 12:51:21 GMT
plan
ssp.tenmax.io/supply/v3/universal/
2 KB
2 KB
XHR
General
Full URL
http://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=0cf0b05622074fba&sessionId=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&referer=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&bodyWidth=1600&bodyHeight=1200&cacheBuster=5b902a94-fb5b-4aa9-964d-b2a6e2fd01e8
Requested by
Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
39f015b619cb9faadcf48dbd74d4400e7749eb5c9e3f57992851f67795c16427

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:59 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://pesc.pw
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1964
X-Application-Context
application:prod,aggregator,build-ext:58070
page.php
www.facebook.com/v2.6/plugins/ Frame 2103
43 KB
16 KB
Document
General
Full URL
https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=c7859639373e5e52ba26e53c27d18e94
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
3899790754757f7b5ab647f20a62041baf4839a389a46deb51144d55d277a7c3
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pesc.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 28 May 2023 14:55:59 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
yMUeju4i1q53gWPpArO/cPN7/1CnbFp4UHzW5EuASILxatZBVv0Ru7etmcRA/XqBAtTiNDgebAMU8ua/tzZjvg==
x-fb-rlafr
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/
Redirect Chain
  • http://www.googletagservices.com/tag/js/gpt.js
  • https://www.googletagservices.com/tag/js/gpt.js
75 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9457275ee3f3e642dfbc736be60495e25184469a77090acad39c57a3ad9d8622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25142
x-xss-protection
0
server
cafe
etag
880 / 19505 / m202305230101 / config-hash: 5486929009166019583
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 28 May 2023 14:55:59 GMT

Redirect headers

Date
Sun, 28 May 2023 14:55:59 GMT
X-Content-Type-Options
nosniff
Server
cafe
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location
https://www.googletagservices.com/tag/js/gpt.js
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Sun, 28 May 2023 14:55:59 GMT
request
ssp.tenmax.io/supply/tracking/
0
206 B
Image
General
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&chid=a1ebcf323fa54a53&sid=0cf0b05622074fba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:55:59 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
Cva8ktIyd-j.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/ Frame 2103
26 KB
7 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
254ede6ffe0001c81bd064abca52d69f6754b569d600bf0659b0136d947c6621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9SVdPUmBfAprIYqT7WgTyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6513
x-fb-rlafr
0
x-fb-debug
HAfJr8MWWU5xHWX+ac7Ymd2FAXp27fdvJAzuxHZYuXk3au46CTiGjbbYB/POP9K6jlGr6lF+AmG01P9lJwPIWg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 26 May 2024 18:02:45 GMT
HRaWhBfUmGv.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 2103
306 KB
80 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
779fdaeef21c970fb8a891075d133a8f1af2edecfa84a163dacaec282532eb44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jwS50NRWDVCsnuQqzZTZoQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81676
x-fb-rlafr
0
x-fb-debug
IaH58/J2BD4pxgFhLgsMnvCw8J5tGzk0RM2dsDBOOsLcyTYOflQ7oZKELUZAEzY0ltiY8c/PNOEaPA4IA6uAhw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 24 May 2024 01:55:35 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 2103
5 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
koakLGY1v5R2GWTxsSnA3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1615
x-fb-rlafr
0
x-fb-debug
fnhmgqGbgJtjoByozw9Gw7AGxgEB6VH1b+WKPBCmdtRFjAZGE6aiBiyts/o9VfXNGK8BCxMZ7RJRU7Zz8nldHQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), hid=(), midi=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 15 May 2024 17:21:29 GMT
h1xpMC2dKHT.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 2103
97 KB
29 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/h1xpMC2dKHT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
0f613b1e2ef73a8770843e1718e19f885cfe6daf55b581004157d81d3aca46bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uqd4cvblnRLKt1GlCXEcaQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29615
x-fb-rlafr
0
x-fb-debug
r6F6SQHXyw0K/2QCjDAEoOxTjMwkdSGa74ghBnOoI43Jn8TiBQ0eOT9XQkzJ1XiUW03YLGrSUjcDFUpE2XCeKA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 25 May 2024 21:18:15 GMT
u7vXL4wqpHG.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 2103
53 KB
15 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/u7vXL4wqpHG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
b953d0fb96f5b4ea6594885c638348f09f7337bbf738e1971766c2bb892bd2fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bsoj/AK7Of7zgv4/+WeXhg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14960
x-fb-rlafr
0
x-fb-debug
SFtqHF2Pyw6F3x5FTugYgOLQ2iusBetNRiAxAZaVJQgFfu2c/g3dO5f1zDhM3klKmPLOxL7Oq/Tn7Et3PLgong==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 26 May 2024 17:50:35 GMT
n-dMbnkaqug.js
static.xx.fbcdn.net/rsrc.php/v3iFvO4/yE/l/zh_TW/ Frame 2103
232 KB
66 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFvO4/yE/l/zh_TW/n-dMbnkaqug.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
7cba4259001374bb1ce948211208eb4b5c2c85420d250f9014f0ad66f16013a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o5QcK/9rL1eGxmzu9L7TYw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66808
x-fb-rlafr
0
x-fb-debug
DbdNFGgmWNfxzc+7d/i8dmDluK2wr+yVCJ7knUfYlOFuecoTml7uusQWMHGuGVncY7PhfE3M7oqLa9FHPa2ZlQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 25 May 2024 16:27:14 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2103
507 B
579 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
UlSHoAXYtyH8BBKNjPzSd1qK3xfoKGZlfhoQWYZJSZkKPpmUzdJOePfZKjoct861VKyQIA/eAlNSojhi6SGSXg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), hid=(), magnetometer=(), screen-wake-lock=(), serial=()
timing-allow-origin
*
expires
Wed, 15 May 2024 16:43:38 GMT
dalteBytAMf.js
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/ Frame 2103
103 KB
30 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
a7b298630023d94b5bd14101c2d8c778c770aeb0f82cf6a92f970b382ac88a2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
S3KvT8Ypbe6pJ55Nv8LqGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30727
x-fb-rlafr
0
x-fb-debug
gknjvIKYyM6j069kVCZ8cAaH9jmeIqaDGYvZwKHK3OjevQkYZKGi6cdShMcxmIW40ldLyZvCA2Syk16biGCnYg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 24 May 2024 00:28:50 GMT
307033773_475730861255924_260010209900194639_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2103
2 KB
2 KB
Image
General
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/307033773_475730861255924_260010209900194639_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=yodxPzAEbA4AX9MbBGe&_nc_ht=scontent-nrt1-1.xx&edm=AGwHaCsEAAAA&oh=00_AfC-5Napm_Kxs7MzQaa4TWU9zsY5cN0w2F12xzvIPypw3A&oe=64779E11
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e356f9a7dca07bb3bd80ec37975001def289dd048dcd41b933e898f9600dcfdf

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sat, 15 Oct 2022 06:15:43 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2107119048
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4180281520
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1639
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/
403 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 15:09:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
85572
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127382
x-xss-protection
0
server
cafe
etag
12178286523779166803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 May 2024 15:09:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
57 B
593 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pesc.pw
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
6c359951abc2828f7de4f05b48bd81d93f4cf15e2f0d8fa199b39204c8192cfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
x-xss-protection
0
expires
Sun, 28 May 2023 14:55:59 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2103
573 B
630 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
lswEbjYbNNApylmgJJssjBYUtRjav88lFRAJqLYnZR63/1uqeHafFXT3KTxp/Xmqvhnp4Rrm7A1oFa/wnho60Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 23 May 2024 21:41:44 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 2103
14 KB
5 KB
XHR
General
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=messages&config_json=%7B%22app_id%22%3A%22150378901782986%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fpicsee.co%22%2C%22width%22%3A340%2C%22height%22%3A300%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22messages%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22http%3A%2F%2Fpesc.pw%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19505.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007577662&__s=%3A%3Aot2k7b&__hsi=7238247219846206989&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w&__csr=&locale=zh_TW&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
1344684a74fa60b34263e6044990574c2312bcfc3387b6ad758fa1346b7260b9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ynJhtp1pgiTfui0oMNvv6X
Referer
https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 28 May 2023 14:55:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
SJO6DG2GDBj/Bd03cASqWc7QTZ4FaytePZvZF6/Vkj+YLG+mVESaV4ceJ2iPqUonCiP9Bz3aRebrWKLrzK+W0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 2103
113 B
843 B
XHR
General
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
180cfcc9e154f00f127029a4e464f9f204c08818fd432225e7b02e97ebfbb1c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ynJhtp1pgiTfui0oMNvv6X
Referer
https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 28 May 2023 14:55:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
PcK4uWfsfTzklWBX4qGRt7mUenf6bajAFjZYZyBUbFZHdA8bVLvcjgUgCSlIQ26UvOWzVnvk92VSLA5z8VoPyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2103
1 KB
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/1,cross/Cva8ktIyd-j.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:55:59 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
7xm8fzhp9sRNQwI9xw0CIEAONyEsOdtnZC/z4fb6dXf6nO96KErnlaRkQO8fsDgCguT5Z6CmbItyIRwJNFpgRQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 23 May 2024 20:49:35 GMT
integrator.js
adservice.google.co.jp/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=pesc.pw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pesc.pw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
691 B
719 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3118574355830733&correlator=3490866240308408&eid=31074924%2C31074947%2C31068825&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2C0cf0b05622074fba&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=1&adks=3166569463&sfv=1-0-40&prev_scp=adx_region%3DTWN%26line_item_type%3DadExchange%252CadSense&eri=4&sc=0&cookie_enabled=1&abxe=1&dt=1685285759975&lmt=1685285759&dlt=1685285758389&idt=1559&adxs=640&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&frm=20&vis=1&psz=0x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1161122089.1685285760&ga_sid=1685285760&ga_hid=975756947&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
45216008437131403583395317de456203882ab9b42abea99f6d1b0ef98d3c77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
353
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pesc.pw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
cafe /
Resource Hash
07f6d4ee656a6fe72044db9d1cc9d43e9adcae9f9c1d1474f7870a30ef0b5c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11182
x-xss-protection
0
container.html
dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 394A
6 KB
3 KB
Document
General
Full URL
https://dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pesc.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 May 2023 14:56:00 GMT
expires
Mon, 27 May 2024 14:56:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ie4NzwkOHw_.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ Frame 2103
2 KB
812 B
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ie4NzwkOHw_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
1f403f00df2aaf1e25d0167cb3e573f8de7325227289d0f4e6eab9d3bae88315
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
h3w71WJr6aQMTe3pMRCkiQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
757
x-fb-rlafr
0
x-fb-debug
Gndh4hhIYS/U6AWWR1T6WkCAB/cbXScPn9g62lzv+e89gLdazo9h1cqbhONp/oOyaH7l9zUsIebwbrvpVbLbZQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Sun, 26 May 2024 19:24:02 GMT
7yrFj6puK50.js
static.xx.fbcdn.net/rsrc.php/v3illq4/yg/l/zh_TW/ Frame 2103
30 KB
9 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3illq4/yg/l/zh_TW/7yrFj6puK50.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
52e58984f59116698f9cc8464044a18862a220f2020a0fa56c2b860aa281d155
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q4/b5Ju+1K+JknsQoJs9AA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8772
x-fb-rlafr
0
x-fb-debug
NpfZ1mrFIl5llflgWV5iVfB5jZSYFV7Xg8uaL6bfZ+JcTFzZnCcLae7xjDGo+tiDqZsB9D8Toncf/5MsVPUaaQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=()
timing-allow-origin
*
priority
u=1
expires
Wed, 15 May 2024 17:21:33 GMT
V0rSkbgCgwf.js
static.xx.fbcdn.net/rsrc.php/v3il-Z4/yi/l/zh_TW/ Frame 2103
403 KB
95 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3il-Z4/yi/l/zh_TW/V0rSkbgCgwf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
89d0302a29aa4deb47abffd286ea3ffe1314a530aadabc3b3ef18899ce5428af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QAKnrgQd6a85XAdkfslsSw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
97182
x-fb-rlafr
0
x-fb-debug
NQ8Fd4H7KOtAQoSiTxpWl3hcYGzBGdVV5NOklTLHwZqGgnKd7netzZ9skB42IhRR4wL32L1cFHxVVS8V1wbHcw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Fri, 24 May 2024 16:15:38 GMT
9ggHta3Ft7L.js
static.xx.fbcdn.net/rsrc.php/v3iND64/yW/l/zh_TW/ Frame 2103
330 KB
77 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iND64/yW/l/zh_TW/9ggHta3Ft7L.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
b1ed9c369301102c5044c8505a76ef048a50925fb066c45e50adb49af2034613
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9AXUIhA+bc614jNXOqeg9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79216
x-fb-rlafr
0
x-fb-debug
t6c664+SKx8CbM6xoBDCDRHlZJzyP2glTVadta8PNdSMuKd49iv3r2PwFB0cItuLOSRmMm4uBju4mVgD2dbc9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Wed, 22 May 2024 22:19:30 GMT
YWYVXKjsEuT.js
static.xx.fbcdn.net/rsrc.php/v3iKhz4/yd/l/zh_TW/ Frame 2103
976 B
588 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iKhz4/yd/l/zh_TW/YWYVXKjsEuT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/HRaWhBfUmGv.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
187a03638a93e007de6af54df8f5426b24bba7b0f699215dd143c589811b590f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3jxDH6tXMOT9/+Tabk4anA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
533
x-fb-rlafr
0
x-fb-debug
UvI7r1lKn1h/kN0Gqy10jICEpYJcd+SYjF4v/RXLsvAz7bXArZJwol1RtQihOS4rT6jp0xa4kTutfL7v9fX6TQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Wed, 22 May 2024 14:00:22 GMT
noFill
ssp.tenmax.io/supply/tracking/
0
206 B
Image
General
Full URL
https://ssp.tenmax.io/supply/tracking/noFill?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&chid=a1ebcf323fa54a53&sid=0cf0b05622074fba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:56:00 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
ad
ssp.tenmax.io/supply/v3/universal/
2 B
350 B
XHR
General
Full URL
http://ssp.tenmax.io/supply/v3/universal/ad?rmaxSpaceId=0cf0b05622074fba&sessionId=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&ts=1685285759499&id=e43da42c47f0425a&referer=http%3A%2F%2Fpesc.pw%2F4ym8w9%2F&bodyWidth=1600&bodyHeight=1200&cacheBuster=05fd1f90-8575-41a6-96bd-d4638143b566
Requested by
Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:56:00 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://pesc.pw
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-Application-Context
application:prod,aggregator,build-ext:58070
request
ssp.tenmax.io/supply/tracking/
0
206 B
Image
General
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90&chid=e43da42c47f0425a&sid=0cf0b05622074fba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:56:00 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 May 2023 14:56:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 2103
113 B
145 B
XHR
General
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yP/l/zh_TW/dalteBytAMf.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
e313b6d5c906b030a686447d7f1c09b518b4618b4c19e12ef66e943aa4c696f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ynJhtp1pgiTfui0oMNvv6X
Referer
https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3328f2d47f542%26domain%3Dpesc.pw%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fpesc.pw%252Ff356a8af02dbb04%26relation%3Dparent.parent&container_width=1600&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 28 May 2023 14:56:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
DxHUqs5OVsjZs0t2H5JJDn5yjB4U813Ex+uhvEXOMnWfoPC1bbReifjIpN+bNrjRjtk8d7mA/egQokGOBZFnlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
done
ssp.tenmax.io/supply/tracking/
0
206 B
Image
General
Full URL
https://ssp.tenmax.io/supply/tracking/done?bid=c1e78db0-fd67-11ed-8cf0-3b6a3f742e90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 28 May 2023 14:56:00 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7A8
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pesc.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
173915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 14:37:25 GMT
expires
Sat, 25 May 2024 14:37:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 888A
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f4.1e100.net
Software
GSE /
Resource Hash
0f6154ff0721601e21fb68de6e226de8953a1eaa89adc9d9b6499cb17cec934a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mUl0ype52BoCJcwJfaAiDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pesc.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-mUl0ype52BoCJcwJfaAiDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 May 2023 14:56:00 GMT
expires
Sun, 28 May 2023 14:56:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js
pagead2.googlesyndication.com/bg/ Frame D7A8
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
sffe /
Resource Hash
d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:53:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
414168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 19:53:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 888A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=3118574355830733&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame D7A8
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?G_Oc1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 14:56:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305230101&jk=3118574355830733&bg=!jI-lj9vNAAZu7ficTu07ADkAdvg8Wtxu4va91BxyIa3xZ5F-8q59AvyqKADgxskySoUNRykW83WIFbLJUfXBoIP5I5GeOMJzG4MCAAAAWFIAAAACaAEHmQKh1SsPqz7c5vxTa2BNIdOUABJtzBLwXk32OyjJakSP1IUwra_P4_SAeoTNI90XKSIDTkUbtKbMx9g1KHCpeE0hTCFHxDZYg8I2_EqZLEi0v8nS7hMEnwfjMhmFKEjtNQibBHxYLVOvIXfY_d2H85cl95TZw7S85WHIdDVYjh7nn6LUP8pVcXr3CDAz9YfA7lpKHXQ5drafpkUMs3zMF17KptNAhS5HXFvxK_y-0WXuiuejo0yZJg9hOMKgkTtJAQvTeiyk11dmRCVlMUdnmK9Is3Jajv2by-WxFBz_LP6wmz6DJ3KysVaCoJfHMY2rAD70SL_hBBowqwDlj9KexdVzEuVTXUKvME-XoyIjy_pE3-Tlqxnk15ns3LhJVR3tfm8yVig9PInhMTIuHtp_77t0AjV_PHa0zJI-s7r5J8nxQQ-74TkvPQKHD_f_fBZew-xJ3RiKij0s6FM7lEPmkD3-olPYbV4G9xLA7hGwazUtmeyqSOYl9cz01WsuwkKVQSF-QLbdXs7VqJNC6FXbe_nXrZHXPydw03TktwrM2OhyHiFT16Ups6ZfHXef3M9Tw5rh5QxEWwi9jJxAX47oIzQRJm1oJpub3D-7BVKRBS3BeUmFL2K1YcJUeG5LpOLMldI1L2wLL7XWRgmVJvCQcKNm9cfyBxciI1j33f--K6PXvvIoFt2yw5X34TdltrHNCW9yJvfWmwg0OeCdPBKTxA9YPTmatyNP_MMg4eBcgEIRiiYRXmiOCM3yEuOJNzTG4SLUBQhIPGzqHDxjLkkxPhWKCkRexkyOj0Vc246Rhp-n08vmOisD_238N4HAdkNQ2hsrwLYLkuZUCAGBwBYfF_7NiqZZnFmJDbr071xIukJbefa-0PFrWt08VTPwMzxASKmH_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
http://pesc.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery function| showHideHTML object| _rmaxStyles$ object| _rmaxInlineStyles object| _rmaxScripts$ object| rmaxads object| googletag object| FB object| __buffer object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.pesc.pw/4ym8w9/ Name: /4ym8w9/
Value: 1
pesc.pw/4ym8w9 Name: browser_uuid
Value: 47481AB5-F872-E55E-39BF-EFA1DF678AB9
.pesc.pw/4ym8w9 Name: 4ym8w9
Value: 1
pesc.pw/ Name: lang
Value: ja-jp
picsee.co/ Name: AWSELBCORS
Value: 857901F90A8FB9EC38D630240291ED2961407CD978F71C05F171F480C5C1D4D63320BF8566E072E56671A06125C5FEEF570259D843CB5952A5678474C4CD39FE60DF2DBEAA
.tenmax.io/ Name: uid
Value: c1edcf40-fd67-11ed-901e-675fa9a36d99
.tenmax.io/ Name: wt
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pesc.pw/ Name: __gads
Value: ID=6dcf2db69ecf90d1:T=1685285760:RT=1685285760:S=ALNI_MZGi1n1qyRfigt43vSNKgOl-LtgFw
.pesc.pw/ Name: __gpi
Value: UID=00000c0bf98f2ce0:T=1685285760:RT=1685285760:S=ALNI_MbfKcXmYBIsl8oq9VLXDvvOZmDJKA

6 Console Messages

Source Level URL
Text
network error URL: http://pesc.pw/4ym8w9/js/picsee.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pesc.pw/4ym8w9/js/bootstrap.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pesc.pw/4ym8w9/js/utility.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pesc.pw/4ym8w9/images/picsee_light_web.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
connect.facebook.net
dd14b721e5f0eeb129f067a277f62330.safeframe.googlesyndication.com
dmp.tenmax.io
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pesc.pw
picsee.co
scontent-nrt1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
ssp.tenmax.io
static.xx.fbcdn.net
tenmax-static.cacafly.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
104.18.10.207
142.250.199.98
142.251.222.1
142.251.222.34
172.217.161.66
172.217.161.68
172.217.175.34
172.217.175.98
172.217.31.129
172.67.23.85
211.21.190.218
31.13.82.36
31.13.82.7
34.194.245.22
34.224.185.197
52.163.200.170
04ac7b68a138ce1c270939df43081758607938aaaf277e7228f60fce12864e0e
07f6d4ee656a6fe72044db9d1cc9d43e9adcae9f9c1d1474f7870a30ef0b5c3b
0f613b1e2ef73a8770843e1718e19f885cfe6daf55b581004157d81d3aca46bc
0f6154ff0721601e21fb68de6e226de8953a1eaa89adc9d9b6499cb17cec934a
1344684a74fa60b34263e6044990574c2312bcfc3387b6ad758fa1346b7260b9
180cfcc9e154f00f127029a4e464f9f204c08818fd432225e7b02e97ebfbb1c5
187a03638a93e007de6af54df8f5426b24bba7b0f699215dd143c589811b590f
1f403f00df2aaf1e25d0167cb3e573f8de7325227289d0f4e6eab9d3bae88315
254ede6ffe0001c81bd064abca52d69f6754b569d600bf0659b0136d947c6621
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3608de79066893530a63b58df5565500a7012dce5adc76298d4903f9f69b5eb1
3899790754757f7b5ab647f20a62041baf4839a389a46deb51144d55d277a7c3
39f015b619cb9faadcf48dbd74d4400e7749eb5c9e3f57992851f67795c16427
3a3c8b0f72b97645354eca37f7b3defb290c79e778912cfa1219dd6f8632995e
3c7cff8309231f181b3e31b4229a5a15618d061df72ff9ef17c58a44c4b36c44
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45216008437131403583395317de456203882ab9b42abea99f6d1b0ef98d3c77
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
52e58984f59116698f9cc8464044a18862a220f2020a0fa56c2b860aa281d155
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c359951abc2828f7de4f05b48bd81d93f4cf15e2f0d8fa199b39204c8192cfd
779fdaeef21c970fb8a891075d133a8f1af2edecfa84a163dacaec282532eb44
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cba4259001374bb1ce948211208eb4b5c2c85420d250f9014f0ad66f16013a8
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
89d0302a29aa4deb47abffd286ea3ffe1314a530aadabc3b3ef18899ce5428af
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
9457275ee3f3e642dfbc736be60495e25184469a77090acad39c57a3ad9d8622
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7b298630023d94b5bd14101c2d8c778c770aeb0f82cf6a92f970b382ac88a2a
a7b8ac9c3928d88b3ab41e6e3c220551da08e23fb224d8dd7337055e3f20d1bc
b1ed9c369301102c5044c8505a76ef048a50925fb066c45e50adb49af2034613
b953d0fb96f5b4ea6594885c638348f09f7337bbf738e1971766c2bb892bd2fa
c9712ede169730c01a19406041eb675023e91f8c9168316633a74a84855a3ad3
d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3
e313b6d5c906b030a686447d7f1c09b518b4618b4c19e12ef66e943aa4c696f9
e356f9a7dca07bb3bd80ec37975001def289dd048dcd41b933e898f9600dcfdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5