peso138itu.com Open in urlscan Pro
104.21.44.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://peso138itu.com/
Submission: On December 28 via api (December 28th 2024, 5:54:06 pm UTC) from US — Scanned from US

Summary HTTP 90 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 90 HTTP transactions. The main IP is 104.21.44.195, located in and belongs to CLOUDFLARENET, US. The main domain is peso138itu.com.
TLS certificate: Issued by WE1 on December 28th 2024. Valid for: 3 months.

This is the only time peso138itu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	104.21.44.195 104.21.44.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.207.97 173.194.207.97	15169 (GOOGLE) (GOOGLE)
1	173.194.204.95 173.194.204.95	15169 (GOOGLE) (GOOGLE)
4	104.128.72.66 104.128.72.66	23470 (RELIABLESITE) (RELIABLESITE)
1	173.194.175.95 173.194.175.95	15169 (GOOGLE) (GOOGLE)
4	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
43	3.162.130.81 3.162.130.81	16509 (AMAZON-02) (AMAZON-02)
6	104.26.8.209 104.26.8.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.66.94 173.194.66.94	15169 (GOOGLE) (GOOGLE)
1	198.252.99.139 198.252.99.139	20068 (HAWKHOST) (HAWKHOST)
3	18.160.0.57 18.160.0.57	16509 (AMAZON-02) (AMAZON-02)
6	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	173.194.66.139 173.194.66.139	15169 (GOOGLE) (GOOGLE)
90	14

17 104.21.44.195 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

peso138itu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.128.72.66 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.175.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 3.162.130.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-130-81.iad61.r.cloudfront.net

d33egg70nrp50s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.8.209 (None, )

ASN13335 (CLOUDFLARENET, US)

api2-baj.imgzm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.252.99.139 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 139.99.252.198.static.reverse.arandomserver.com

madu-asli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.0.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-0-57.iad12.r.cloudfront.net

dhro5khzpwdga.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.139 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	cloudfront.net d33egg70nrp50s.cloudfront.net dhro5khzpwdga.cloudfront.net	1 MB
17	peso138itu.com 1 redirects peso138itu.com	569 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	629 B
6	imgzm.com api2-baj.imgzm.com	3 MB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	83 KB
4	ibb.co i.ibb.co — Cisco Umbrella Rank: 14048	3 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415	26 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	madu-asli.com madu-asli.com	1 MB
1	gstatic.com fonts.gstatic.com	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
0	livechatinc.com Failed cdn.livechatinc.com Failed
90	12

	Domain	Requested by
43	d33egg70nrp50s.cloudfront.net	peso138itu.com
17	peso138itu.com	1 redirects peso138itu.com
6	www.facebook.com	peso138itu.com
6	api2-baj.imgzm.com	peso138itu.com
4	connect.facebook.net	peso138itu.com connect.facebook.net
4	i.ibb.co	peso138itu.com
3	dhro5khzpwdga.cloudfront.net	peso138itu.com
1	www.google-analytics.com	www.googletagmanager.com
1	madu-asli.com	peso138itu.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	peso138itu.com
1	fonts.googleapis.com	peso138itu.com
1	www.googletagmanager.com	peso138itu.com
0	cdn.livechatinc.com Failed	peso138itu.com
90	14

This site contains links to these domains. Also see Links.

Domain
game-apk.s3.ap-northeast-1.amazonaws.com
peso138bisa.org
siamengine.com
api.whatsapp.com
t.me
bio.site
rtpgacorpeso138.org
www.facebook.com

Subject Issuer	Validity	Valid
peso138itu.com WE1	`2024-12-28` - `2025-03-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ibb.co E5	`2024-12-20` - `2025-03-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
imgzm.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
webmail.madu-asli.com R11	`2024-12-06` - `2025-03-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://peso138itu.com/
Frame ID: 36FA32447CEF28C6A6CD15969BC8AAFF
Requests: 89 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Peso138 Lapak Situs Judi Online Terbaik Dan Taruhan Bola Terpercaya

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

10468 kB
Transfer

11866 kB
Size

8
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://game-apk.s3.ap-northeast-1.amazonaws.com/baj.apk
Title: Unduh

Search URL Search Domain Scan URL

URL: https://peso138bisa.org/

Search URL Search Domain Scan URL

URL: https://siamengine.com/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=6282319346799&text&type=phone_number&app_absent=0

Search URL Search Domain Scan URL

URL: https://t.me/peso138

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6282319346799
Title: 6282319346799

Search URL Search Domain Scan URL

URL: https://bio.site/PESO138slot
Title: peso138

Search URL Search Domain Scan URL

URL: https://rtpgacorpeso138.org/

Search URL Search Domain Scan URL

URL: https://t.me/peso138tele

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/2364974157027097

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://peso138itu.com/assets/js/jquery-2.2.4.min.js HTTP 302
https://peso138itu.com/not-found?request=/assets/js/jquery-2.2.4.min.js

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
peso138itu.com/ 306 KB
33 KB 616ms
463ms Document
text/html 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60576d77f1512fabfb338a5c73c45834f3dc59b9f410096220902bdb8b6730ef

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 8f9369a65e820fd1-LAX
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Sat, 28 Dec 2024 17:53:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXQdL4a6lXbzzxqlU%2B44h9oUdaNEL1BHOkxbtxxHD5z9WYhGGBpNSLXrldryJoLgDE2eVnJJFDOPlrYElmswbxNc9WKEMoIgcFgSsx8MGpejsHePV6u4j2TEqmS4THQowA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=61768&min_rtt=61409&rtt_var=10248&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4480&delivery_rate=318&cwnd=12000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=494&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 glyphicons-halflings-regular.woff
peso138itu.com/fonts/ 16 KB
18 KB 475ms
473ms Font
font/x-woff 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/fonts/glyphicons-halflings-regular.woff

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://peso138itu.com/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"0223c94fc4cdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGpniC4ahvRzjmk%2FPIoqOGstmmXLaSRYsO7TY3oo5ZQaStod6cPVz8ycSFeKfjJD2FKNFWzMSnqgm%2FeoWOvbK1bKlavnd314US8QO4PEW4HM61QXHJGQg0f%2BDwLqgH57vw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=65833&min_rtt=61262&rtt_var=6459&sent=104&recv=51&lost=0&retrans=0&sent_bytes=101756&recv_bytes=11934&delivery_rate=396105&cwnd=30000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1065&x=1", cfExtPri, cfHdrFlush;dur=16
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: font/x-woff
vary: Accept-Encoding
last-modified: Fri, 13 Dec 2024 01:16:04 GMT
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb540fd1-LAX
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 FontsFreeNetAvenirLTStdBook.woff2
peso138itu.com/fonts/ 11 KB
12 KB 476ms
474ms Font
application/font-woff2 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/fonts/FontsFreeNetAvenirLTStdBook.woff2

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7d5e3860149bb5d1e59df734697b181838a3c3ddb63908254988c59fddd917

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "0223c94fc4cdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Z%2FZAqItWPXOdMAAbaCZGeqR2q42NJTsW2VwCA4snvvmT7u517KrGGQGEWto9XwLBvyM4B8P8aa%2BpVFHqqURRlMhw4EUQ%2FeAiUI%2BTV5zW8D%2BaS26CLKRoiUGP5hBDx%2Bp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=65833&min_rtt=61262&rtt_var=6459&sent=104&recv=51&lost=0&retrans=0&sent_bytes=101756&recv_bytes=11934&delivery_rate=396105&cwnd=30000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1051&x=1", cfExtPri, cfHdrFlush;dur=30
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/font-woff2
last-modified: Fri, 13 Dec 2024 01:16:04 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb580fd1-LAX
accept-ranges: bytes
content-length: 11132
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 FontsFreeNetAvenirLTStdBlack.woff2
peso138itu.com/fonts/ 11 KB
12 KB 537ms
535ms Font
application/font-woff2 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/fonts/FontsFreeNetAvenirLTStdBlack.woff2

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

570cc99295fc16547d33d86c8067bad9c7b7da7f2fa96f8e738d33ead4a709c1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "0223c94fc4cdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOQ70l1nEfrm%2BxbmfOMcnc9jhsHS5OnMs4%2BU4D%2B%2FajccBmhONEK6MBjMAhQyrSWqDlADVoXrFj44xG6169auEhX7XuObCLX%2F14GjGUJvDeZmYyL9KPCvOxs4vew2ZnDtFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=65833&min_rtt=61262&rtt_var=6459&sent=104&recv=51&lost=0&retrans=0&sent_bytes=101756&recv_bytes=11934&delivery_rate=396105&cwnd=30000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1058&x=1", cfExtPri, cfHdrFlush;dur=23
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/font-woff2
last-modified: Fri, 13 Dec 2024 01:16:04 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb5b0fd1-LAX
accept-ranges: bytes
content-length: 10868
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 AvenirLTStdRoman.woff2
peso138itu.com/fonts/ 11 KB
12 KB 538ms
537ms Font
application/font-woff2 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/fonts/AvenirLTStdRoman.woff2

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bd716e214f1e9f9a3a6024a79496ed83890081419bb315fec00d19c79d5b9

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "0223c94fc4cdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bjp3Rs8yPfSKFbhOCg4XUv3KRLDtKgn%2FQ%2B6UW0z%2Bw7Z0cogtbQsT0EO3Z8Zi1gF7SWzLrFORqgfMsK1QdgjZibn6yb0pYZHaiPNnzM7Ju3sCN%2FcJc4WisTnsVYsw3alPNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=64760&min_rtt=61262&rtt_var=547&sent=129&recv=63&lost=0&retrans=0&sent_bytes=129984&recv_bytes=12462&delivery_rate=450207&cwnd=30000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1082&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/font-woff2
last-modified: Fri, 13 Dec 2024 01:16:04 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb5e0fd1-LAX
accept-ranges: bytes
content-length: 11080
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 zoom-beta-css
peso138itu.com/Content/ 261 KB
65 KB 301ms
299ms Stylesheet
text/css 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c92515b136159325232f512fff1eb7dd95013dd987c188b9da151cddd6156f57

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlWmg7CPenkJnruBhDvrxksQR2otOO4v26Q9UaDfX0L3aGiP4TPyjJKCOmtOfRJvLJ9DO3h3KIE7LR6oIXd9Qls007MheFV8QaaK4oxNc6NupuormJiWjogKadqL2tXHjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:53:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62357&min_rtt=61294&rtt_var=778&sent=56&recv=34&lost=0&retrans=0&sent_bytes=50170&recv_bytes=11192&delivery_rate=153733&cwnd=20400&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=907&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 28 Dec 2024 17:53:56 GMT
vary: User-Agent,Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb600fd1-LAX
content-length: 64562
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 zoom-beta-css
peso138itu.com/Content/Home/ 28 KB
8 KB 286ms
285ms Stylesheet
text/css 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/Content/Home/zoom-beta-css?v=_6mAgZC-VsJuYq1Zj6CSp6oi1N9lbMG00FoX7EklIhY1

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97977aca177a7cdd7a43bdcf77d41387cf0d377a618ea1723144a8922b2e3c26

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqrPEpAQjbkC0lL8ZWBGzQdcggE5Jo7CZOJTqBGCm1r%2Fq8sNuZxwvAa22zwqwIZ3AIJeIsORyNu%2F1Bv2ubT%2FeLUSmyq9RNFQ1uE0OP56huhvSkPHEXZUT361jBKhJ%2FPv8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:53:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62357&min_rtt=61294&rtt_var=778&sent=45&recv=34&lost=0&retrans=0&sent_bytes=38872&recv_bytes=11192&delivery_rate=153733&cwnd=20400&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 28 Dec 2024 17:53:56 GMT
vary: User-Agent,Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb630fd1-LAX
content-length: 6993
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 slick.css
peso138itu.com/Content/ 2 KB
2 KB 293ms
292ms Stylesheet
text/css 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/Content/slick.css

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
etag: "1DB4CFC930AF500"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2aS4JWslWJL1a0eW8ktVG7F7gS4TFRBwooYXrvdgz2Pvc4CPf%2F7TyapoK6Dx8QwtTCR987yHyXtPAze73OsxU1xI%2B51am1Ai1LQxCb1QFmXocOlXNEE87hp6FfLc3FoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 29 Dec 2024 15:00:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62357&min_rtt=61294&rtt_var=778&sent=53&recv=34&lost=0&retrans=0&sent_bytes=47697&recv_bytes=11192&delivery_rate=153733&cwnd=20400&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=900&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/css
last-modified: Fri, 13 Dec 2024 01:16:02 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb640fd1-LAX
accept-ranges: bytes
content-length: 773
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 zoom-beta-dark-green-css
peso138itu.com/Content/Theme/ 34 KB
10 KB 347ms
346ms Stylesheet
text/css 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/Content/Theme/zoom-beta-dark-green-css?v=sXwya9cuByozfI5M-7mA7fMAaFCier-D-QjcEBaqT6g1

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fe9cee6a2e6e5516491b863c6c65a77f2a45c6ffbc940eb11bd5f47ca85d251

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0QhiKPc6WdZOCCbe3cNS0Pnh%2BsvRi0WnvYLJS8UePl8iJboRFwsBDAJB7htYJLEJ%2BUyLk10kwSw8N8DHN4crIIG3ntDZVKisv8DlCA6UuvamBKP3tZdLmbPtYJA7VwUHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:53:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62357&min_rtt=61294&rtt_var=778&sent=66&recv=34&lost=0&retrans=0&sent_bytes=59272&recv_bytes=11192&delivery_rate=153733&cwnd=20400&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=947&x=1", cfExtPri, cfHdrFlush;dur=8
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 28 Dec 2024 17:53:57 GMT
vary: User-Agent,Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369a9fb680fd1-LAX
content-length: 8685
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 542ms
204ms Script
application/javascript 173.194.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GW87154QM9

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4da6c0ab543dbc896a31fdee24d3460100f228535468d666774ca21e3219b90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 28 Dec 2024 17:53:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109933
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 562ms
215ms Stylesheet
text/css 173.194.204.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:900&display=swap

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f95.1e100.net

Software

ESF /

Resource Hash

4abf3c38c0e85233cc2c8f59ee8ffe5a52679b4a32b4357cfd2e108c76a03f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 17:53:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 28 Dec 2024 17:30:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 zxcxgif.gif
i.ibb.co/px1FQ9g/ 369 KB
370 KB 225ms
66ms Image
image/gif 104.128.72.66
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/px1FQ9g/zxcxgif.gif
Requested by: Host: peso138itu.com
URL: https://peso138itu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.128.72.66 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: openresty /
Resource Hash: 1be0e4b54eab0e61e0555a9e91069c69d60777ab2ad37997b9960e14b16fe3bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 377853
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: image/gif
last-modified: Thu, 15 Feb 2024 07:56:45 GMT
server: openresty

GET
H2 200 zxcff.gif
i.ibb.co/zJqtbv3/ 411 KB
412 KB 225ms
65ms Image
image/gif 104.128.72.66
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zJqtbv3/zxcff.gif
Requested by: Host: peso138itu.com
URL: https://peso138itu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.128.72.66 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: openresty /
Resource Hash: e0fcc9e1648360a6e830e6f7675a3a963c149199eb96150c02f58340c7b7385f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 421045
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: image/gif
last-modified: Thu, 15 Feb 2024 07:56:19 GMT
server: openresty

GET
H2 200 zxc.gif
i.ibb.co/bgZHDMy/ 402 KB
403 KB 143ms
138ms Image
image/gif 104.128.72.66
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/bgZHDMy/zxc.gif
Requested by: Host: peso138itu.com
URL: https://peso138itu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.128.72.66 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: openresty /
Resource Hash: 23eae2f023f3ce0f49256daf39192cc59e0fa40d48fbbbc387a94765cc99686b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 411888
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: image/gif
last-modified: Thu, 15 Feb 2024 07:55:35 GMT
server: openresty

GET
H3

404

not-found
peso138itu.com/
Redirect Chain

https://peso138itu.com/assets/js/jquery-2.2.4.min.js
https://peso138itu.com/not-found?request=/assets/js/jquery-2.2.4.min.js

0
0

305ms
301ms

Script
text/html

104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/not-found?request=/assets/js/jquery-2.2.4.min.js

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCuXPsIgVl90n65XT2T8XU6OtqvBVKBZLB%2BgPckw7CK6KdZX3APxS%2Bk7K9aeD%2FPAR4MtvPFu6gp4sh9utvjQmy6gAMwUbeC3%2F5LNNO%2Fy4srq%2FhbZ3UNjHq7lFpy0lFH%2F9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f9369af9ac90fd1-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=66679&min_rtt=61097&rtt_var=3068&sent=507&recv=116&lost=0&retrans=0&sent_bytes=562795&recv_bytes=19743&delivery_rate=874726&cwnd=154800&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1799&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

Redirect headers

cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avxxAxcusHNl0nit5USLsatyW%2FzlyMs9gewWCO%2FewTawNfC%2FZFiMJrBi37%2BITuW52qN5PVuagxoAcel4pik%2F1adczAV2dg1KnB3%2B9iY2pn6PpVqiOcOhseRUdSHH8d%2B%2Byg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=66822&min_rtt=61097&rtt_var=4256&sent=325&recv=87&lost=0&retrans=0&sent_bytes=351499&recv_bytes=17736&delivery_rate=335607&cwnd=93600&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1487&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: private
location: /not-found?request=/assets/js/jquery-2.2.4.min.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369ad7fc30fd1-LAX
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 524ms
182ms Script
text/javascript 173.194.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f95.1e100.net

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
age: 335074
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 20:49:23 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24715
x-xss-protection: 0
server: sffe

GET
H2 200 bonusrollingansetiaphari.png
i.ibb.co/Zxk4s58/ 2 MB
2 MB 143ms
139ms Image
image/png 104.128.72.66
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Zxk4s58/bonusrollingansetiaphari.png
Requested by: Host: peso138itu.com
URL: https://peso138itu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.128.72.66 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: openresty /
Resource Hash: b9e1558a8b170c16521da2097960487e705020a83221cd55eb01dd2538622fa0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2350990
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: image/png
last-modified: Tue, 06 Aug 2024 05:43:34 GMT
server: openresty

GET
H3 200 zoom-beta-js Show response
peso138itu.com/bundles/ 602 KB
231 KB 199ms
196ms Script
application/javascript 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/bundles/zoom-beta-js?v=IQtg2ROEYeDTinhf3NAXn5FbXVYkKFkDNf7CJ_jnTm01

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73079bf8fa24bc45d28416c3802fe6d47117be9939bc901615a9078247135d51

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obttNgRRsmqHWVaQhY86udt3OUDeWp0jl6AdRAGgI2eUGA2OveDXLBigZTO1HyRQcccuAjZek06zJDnYvTWXb59Jp58WCI1wUvE4eKNMlQRyl9VG943c0FShZV7pT%2B47TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:53:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62377&min_rtt=61097&rtt_var=1233&sent=204&recv=80&lost=0&retrans=0&sent_bytes=208821&recv_bytes=17426&delivery_rate=721145&cwnd=60000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1357&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 28 Dec 2024 17:53:57 GMT
vary: User-Agent,Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369ad7fc50fd1-LAX
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 zoom-beta-js Show response
peso138itu.com/bundles/Home/ 54 KB
20 KB 191ms
188ms Script
application/javascript 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/bundles/Home/zoom-beta-js?v=TLdLqOVMsHL4f4MlMLMwmd4JgszEJB5XhwwYZTG4yvw1

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f199014e724e483f3f9c4f47acf5c4483a9c12c4790fd36adb889f1e68d6536e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOGGBrQw71rUJWaLJa%2BGKkmqb0XKfKb9aftU8kWTcTMKSaeO95Gj1m7fOhmrYZbcw9EUzawdvomi%2BvpMLyPxv%2Bw17p%2BUvosubNUOlcGW3HumA680vcilDqinde4Dev7K0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:53:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62377&min_rtt=61097&rtt_var=1233&sent=185&recv=80&lost=0&retrans=0&sent_bytes=188509&recv_bytes=17426&delivery_rate=721145&cwnd=60000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1351&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 28 Dec 2024 17:53:57 GMT
vary: User-Agent,Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369ad7fc60fd1-LAX
content-length: 18610
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 forgot-password-js Show response
peso138itu.com/bundles/Account/ 2 KB
2 KB 191ms
189ms Script
application/javascript 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/bundles/Account/forgot-password-js?v=83JsNUR_c9QobGGeaxQkMqxy6qxKSWyVwYAM6ZDufaY1

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97839efa08c2da0184a9403d8286c9623db8e41a434b52b9b5f0bb19126ae0e8

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2U1m1ufp9SuPZe1q9QJMnKvagexvZncgvl0q7C%2F379c7Plc26Y3jur4833inkR%2BF0JiYjyWs%2BZowIbTlqlqWyzVYvSuMPa%2BeqAKCVHXXWqxsDxtvp5ckj1nAon06Z0g6A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:53:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62377&min_rtt=61097&rtt_var=1233&sent=182&recv=80&lost=0&retrans=0&sent_bytes=185899&recv_bytes=17426&delivery_rate=721145&cwnd=60000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1350&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 28 Dec 2024 17:53:57 GMT
vary: User-Agent,Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369ad7fc70fd1-LAX
content-length: 888
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 257ms
127ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-puAdGpWo' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-puAdGpWo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=24, mss=1232, tbw=8229, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: OnVdJ1/t5wgKBd4SLC2u/CvLA0WfkKYzxaV6e5rWJX7ZglbxhB+hqglG5U8o+ezUUq9beY8pD55rl5u9a8zJ2g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET tracking.js
cdn.livechatinc.com/ 0
0

GET
H2 200 flags.png
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/ 24 KB
25 KB 508ms
183ms Image
image/png 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/flags.png?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1c39fbe2913ec3a15d82e5817e820273c5ca61fc18e2cb8cae299d4209396994

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02bd3be537d71:0"
age: 471053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: EPQjLBdtZqjkvamtmURbYb86sF9HR-gavcZxCnllwxfkMzs-cqOHGw==
date: Mon, 23 Dec 2024 07:03:04 GMT
content-type: image/png
last-modified: Fri, 23 Apr 2021 02:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 24949
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 news.png
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/ 1 KB
2 KB 449ms
124ms Image
image/png 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/news.png?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/Content/Home/zoom-beta-css?v=_6mAgZC-VsJuYq1Zj6CSp6oi1N9lbMG00FoX7EklIhY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

9aa0f664efedb9b1ba39b3e538fd2b21f2d45bb82145836a9082f04dcaa23d31

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0fbbb8ee1a4d71:0"
age: 471483
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ZWM86y78sqjbuyidRhzUgZ4DHg5UOP6pahA_TpEWBAUePH7GM_XOxA==
date: Mon, 23 Dec 2024 06:55:54 GMT
content-type: image/png
last-modified: Wed, 08 Sep 2021 18:44:30 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1239
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 background.jpg
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/providers/ 20 KB
21 KB 693ms
371ms Image
image/jpeg 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/providers/background.jpg?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

ea1ec80639f202eb859a7778669c34b53b379bb63f3bef0b18ae174a5f7fd982

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02bd3be537d71:0"
age: 471478
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: XIdll28RA41IiDUzs2xtMEP6wjjn29fEcqiE9wHK08viwElZLTkrBQ==
date: Mon, 23 Dec 2024 06:55:58 GMT
content-type: image/jpeg
last-modified: Fri, 23 Apr 2021 02:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 20164
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET download-apk-background.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/ 0
0

GET
H3 200 Gilroy-ExtraBold.ttf
peso138itu.com/fonts/ 130 KB
132 KB 317ms
316ms Font
application/octet-stream 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/fonts/Gilroy-ExtraBold.ttf

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61fc7ed265000892c743cb4fc7b1e154ece3698476145f93e6c2be125ba692a3

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Response headers

cf-cache-status: BYPASS
etag: "0223c94fc4cdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ohs5g5SnBhZLdJ%2B9Bd%2BTUpe%2BSI4F1ydUv5vJWwjWw791yOram4xB1GltauhLSdmXXkqjCnu%2FANPR0dl0yn%2BptJR3XYK8VRi0LQR3b5oujwaDOswNJiZVribxNPe8sQGZKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=67258&min_rtt=61097&rtt_var=3427&sent=351&recv=89&lost=0&retrans=0&sent_bytes=380651&recv_bytes=17827&delivery_rate=350528&cwnd=108000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1507&x=1", cfExtPri, cfHdrFlush;dur=21
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/octet-stream
last-modified: Fri, 13 Dec 2024 01:16:04 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369adc82b0fd1-LAX
accept-ranges: bytes
content-length: 133044
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H3 200 Open24DisplaySt.woff2
peso138itu.com/fonts/ 6 KB
8 KB 315ms
315ms Font
application/font-woff2 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/fonts/Open24DisplaySt.woff2

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Response headers

cf-cache-status: BYPASS
etag: "0223c94fc4cdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvMihULjAbMGNVRnNSLTb39YfVF68fCzzqtp%2BnJoPMIN4zk%2FNCwzg8Zn5rCGL0nC1Z2%2B4VuJgw6frbDy0GNOSVA2Ocuqyc5ia61d6a9AOkjS3e60bWPThnWjNx2VwcrfWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=67258&min_rtt=61097&rtt_var=3427&sent=351&recv=89&lost=0&retrans=0&sent_bytes=380651&recv_bytes=17827&delivery_rate=350528&cwnd=108000&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=1504&x=1", cfExtPri, cfHdrFlush;dur=24
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/font-woff2
last-modified: Fri, 13 Dec 2024 01:16:04 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369adc82c0fd1-LAX
accept-ranges: bytes
content-length: 6100
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 logo_f3f02809-322c-4e6d-a6f9-cb78e9447c9e_1735387721277.png
api2-baj.imgzm.com/images/baj/ 34 KB
35 KB 685ms
425ms Image
image/png 104.26.8.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-baj.imgzm.com/images/baj/logo_f3f02809-322c-4e6d-a6f9-cb78e9447c9e_1735387721277.png

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d11beab04c9fc46ae0025c952f2e2e727ac6b50b7e24d3ba2f295f0512533c26

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "28f406e2159db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nt7xQrxN4NJ4kFrFrff41pMwCD8GQCG02k8H8V5XCCK1ECoXrMDy%2BktxR%2B5sN7r%2Ba7J0Jr8Kqw4JUtEOQ0oyheR5x8OgCy4Hfuf8g87PcaLwnmg1GvGR7WNVcB8T96c31aMlqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=6128&min_rtt=956&rtt_var=10285&sent=32&recv=19&lost=0&retrans=0&sent_bytes=35848&recv_bytes=2788&delivery_rate=25142857&cwnd=257&unsent_bytes=0&cid=f1dbac62140ac19b&ts=500&x=0"
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Sat, 28 Dec 2024 12:10:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369af580c0921-LAX
accept-ranges: bytes
content-length: 35018
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 search.svg
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/ 755 B
2 KB 651ms
354ms Image
image/svg+xml 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/search.svg?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

21293667a429419f3af4379e1209a8ac836493a5a2470aeca31de4df86b68362

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "097d59c2d3cdb1:0"
age: 471594
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: AXg0-o39f1XAHjOS-yvc4eNH0lpBsNZAQzj7foQkU0V2lCKhrfe1cQ==
date: Mon, 23 Dec 2024 06:54:03 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Nov 2024 15:54:14 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 755
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 hot-games.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 464 B
1 KB 578ms
369ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/hot-games.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

45b9293a1455b9ee82e190750c930a7f95b7dfa86be62377a6c9e718aa2ef163

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471052
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: NUuD3QgMxWRbW70S7GAmyfQ60YcTyPYwkGP6TcsaNlt6C-wQrw9ENA==
date: Mon, 23 Dec 2024 07:03:05 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 464
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 slots.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 750 B
2 KB 380ms
246ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/slots.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

ed15c0207d54dfc19b575e1d676e0d602af3ff523440ada99d0d76dfd72dbc64

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471508
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 60b-nMoeJq63pXtJJVPooF7HXgZtm2seHZh1OipUXP9Eh1mZIB9NGA==
date: Mon, 23 Dec 2024 06:55:29 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 750
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 casino.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 426 B
1 KB 502ms
367ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/casino.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

17eb87f74d828874ab836e15fe438a545eb4107a25293bc15a4743ac96faf0aa

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471508
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: SXQc0yvvx60o11D-kLq5HvsRaDPryAGU25cfCv20qbuZWrjYOgZ7RQ==
date: Mon, 23 Dec 2024 06:55:29 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 426
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 others.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 464 B
1 KB 439ms
304ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/others.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

e7f808cd993032f20a3babbc669ea25f6efcc5abef00ddc7ff030696c6037445

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471256
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: CxOXhDn-t7zI70-m50LkR1b-bO_3ZjR2uCQ3iWRplljpsWqt0ZLLsA==
date: Mon, 23 Dec 2024 06:59:41 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 464
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 sports.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 748 B
2 KB 346ms
210ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/sports.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

bf0e701d3e9795e9d4baef6281091dc9ae7cc2991e8e5b4d0001be6c5cc7f52d

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "06420f35b5da1:0"
age: 471508
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 1KYlbOD6czBMbe7CEk8hOL-8qeeJwuTKfRu20SX77VYil9Shyyk0gg==
date: Mon, 23 Dec 2024 06:55:29 GMT
content-type: image/webp
last-modified: Mon, 23 Oct 2023 02:52:24 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 748
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 crash-game.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 592 B
2 KB 436ms
299ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/crash-game.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

19ead60a413cec6448c2e3faa81c8539a3339b1059a92f85cb40c5f30e45c547

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0ae117461d5d91:0"
age: 471256
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: MgAHAJbAmdFNLb-F3gyYoFPkUjdCBNSMoC0diakhPiNQKf7TawFlKg==
date: Mon, 23 Dec 2024 06:59:41 GMT
content-type: image/webp
last-modified: Wed, 23 Aug 2023 01:30:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 592
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 arcade.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 464 B
1 KB 501ms
366ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/arcade.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

f289b2094f489806a4d2a3b8ad7fd117d9266f27564fab6f0945363f2911e0ff

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471255
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: p_crHTAK3Sfpad1D2_ttcEg-TOikW9yEDiNjAhHJvVlsnH5jSvMt3w==
date: Mon, 23 Dec 2024 06:59:42 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 464
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 poker.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 338 B
1 KB 437ms
302ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/poker.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

45c79f230205a13d70249daef4c3855e87513af12f74bde1aa27657a3b3828d5

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471121
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: FIh7jFfYRSkhHNvZ1yVsfyprskjFS8cwHiGiO28QK-xr60qlZSGDnQ==
date: Mon, 23 Dec 2024 07:01:56 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 338
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 e-sports.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 598 B
2 KB 383ms
249ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/e-sports.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

f7120221be97cb120192256877ef8a5d65859e5ceb1f207e277305d264122fc2

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0f0e2d134e1d91:0"
age: 471255
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: a_DRnBKMvZDazcZENfyvHqJa1tmlyQI2xJvgEVG-k5ml33Da7z3T3A==
date: Mon, 23 Dec 2024 06:59:42 GMT
content-type: image/webp
last-modified: Thu, 07 Sep 2023 02:41:36 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 598
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 cockfight.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 674 B
2 KB 432ms
298ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/cockfight.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

b898f6976cd680b4a9078d0858be78e22f9b2cedc16b35a45c0ea3989c9095ad

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a378d88bbda1:0"
age: 471255
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: gameKNt04UTw3klP4nrBk9vQh2k0MayXPGkDR14BhgtZpPZbcbsCmw==
date: Mon, 23 Dec 2024 06:59:42 GMT
content-type: image/webp
last-modified: Mon, 10 Jun 2024 22:50:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 674
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 promotion.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/ 442 B
1 KB 432ms
297ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/site-menu/promotion.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1eae3862b5b366b0ca906a60109b592280b959a070114ef67bc847c4af96568b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471052
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: CPuD61Wk1bBhrBUqjk1QOWF3kcf2AROr1sTIxEYbeGbhH1H-10H13w==
date: Mon, 23 Dec 2024 07:03:05 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 442
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 id_cbd_cbecb81f-eb07-4360-98ad-7bbe9df256c5_1735389685227.jpg
api2-baj.imgzm.com/images/baj/ 529 KB
530 KB 812ms
652ms Image
image/jpeg 104.26.8.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-baj.imgzm.com/images/baj/id_cbd_cbecb81f-eb07-4360-98ad-7bbe9df256c5_1735389685227.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2050a4c533cb03e04f8a7095659b026623c34b04dcc6c23b0a204d0e0df5fb5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "27dc1cd2759db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OYqQZ5tiu%2BZKd4HgnEpROuuf0%2FsKnBwr0caMqq%2BM5Yg6CvK%2FwDJXv%2FEU8Pxj2rSR21oEl8WUBGY41AHn7ftUqQ2kizrCxMXNQDsqqFMW4Q%2B9XPHrmLUPrR%2B4Z%2FEgoIX7epIBSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=8653&min_rtt=932&rtt_var=3332&sent=180&recv=130&lost=0&retrans=3&sent_bytes=235064&recv_bytes=2788&delivery_rate=46553248&cwnd=257&unsent_bytes=0&cid=f1dbac62140ac19b&ts=567&x=0"
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Sat, 28 Dec 2024 12:50:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369af580a0921-LAX
accept-ranges: bytes
content-length: 541255
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 id_cbd_b8335e81-7278-4e13-9e91-8a9ee39f7bfd_1735388684210.jpg
api2-baj.imgzm.com/images/baj/ 672 KB
674 KB 684ms
582ms Image
image/jpeg 104.26.8.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-baj.imgzm.com/images/baj/id_cbd_b8335e81-7278-4e13-9e91-8a9ee39f7bfd_1735388684210.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8a3fdaefe36a6dbe9457c0a0e3e4a86c1b0424fa3e5daa72f4c815282097cc

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "a5048492459db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOJVuQOR7IzvV5a%2FEmeyfb7nk0qvUJ6nu%2FpEs7mvWTo4uGjvg%2B4OaZ0Annv%2B%2BZXyux%2FWAq5HgMKAOdu4rPVHjoCbUlJDkCUmAcWJbtaJ6Y6PVUgfDdwwg5PNvwSi5HTZiaZQcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=1127&min_rtt=934&rtt_var=18&sent=110&recv=79&lost=0&retrans=2&sent_bytes=141030&recv_bytes=2788&delivery_rate=46553248&cwnd=257&unsent_bytes=0&cid=f1dbac62140ac19b&ts=528&x=0"
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Sat, 28 Dec 2024 12:30:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369af58060921-LAX
accept-ranges: bytes
content-length: 688435
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 id_cbd_20d08a74-50fb-480e-85ee-8054e0555cc9_1735388714943.jpg
api2-baj.imgzm.com/images/baj/ 785 KB
786 KB 739ms
639ms Image
image/jpeg 104.26.8.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-baj.imgzm.com/images/baj/id_cbd_20d08a74-50fb-480e-85ee-8054e0555cc9_1735388714943.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d01d9f182115699dfb2ec9fc404a3aef8564dde6f1e3c7afdfd8f25f088cde5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "b4e60492459db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5GiI0UJd%2Fk48Sc5DRLeL9mJutTv1cCFCQMX4IFGI9%2FxHlh64rfV%2BXQwvp4sFVgUaFnAG2GWgFF%2BxhQ0DAoTyUHqWTgoPwtOR2S0%2BnKALBr2UIWRm8KaK9IbYtA0IpveU3RidA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=1065&min_rtt=932&rtt_var=39&sent=156&recv=117&lost=0&retrans=2&sent_bytes=203492&recv_bytes=2788&delivery_rate=46553248&cwnd=257&unsent_bytes=0&cid=f1dbac62140ac19b&ts=545&x=0"
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Sat, 28 Dec 2024 12:30:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369af580e0921-LAX
accept-ranges: bytes
content-length: 803606
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 id_cbd_50b4761b-ca7f-4ca7-aa72-bf46d8a1fe2a_1735388709007.jpg
api2-baj.imgzm.com/images/baj/ 654 KB
655 KB 690ms
595ms Image
image/jpeg 104.26.8.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-baj.imgzm.com/images/baj/id_cbd_50b4761b-ca7f-4ca7-aa72-bf46d8a1fe2a_1735388709007.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571a7eb7310a30f3f8c6f2c7bdc23088557ee6e81ea40ebae2c1d8f3f6f5d3c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "a5d89c492459db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3SaTRHa0A2ThGcw7Gr%2BXFmkCf6lj%2FmZlapTaQEXkEhOdIDX3hLZs2IWUYxd84NOnkm24sW0sdNKJNjFAbzZdgRwvFwCIGfhjcWpXlW8Axwj40xhoPDadzbDIHDZskS93fiUIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=1068&min_rtt=934&rtt_var=32&sent=133&recv=94&lost=0&retrans=2&sent_bytes=172048&recv_bytes=2788&delivery_rate=46553248&cwnd=257&unsent_bytes=0&cid=f1dbac62140ac19b&ts=536&x=0"
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Sat, 28 Dec 2024 12:30:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369af98940921-LAX
accept-ranges: bytes
content-length: 669242
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 id_cbd_26e57a86-1414-4e24-93f2-31ef9ab50f0c_1735388715943.jpg
api2-baj.imgzm.com/images/baj/ 642 KB
644 KB 439ms
344ms Image
image/jpeg 104.26.8.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-baj.imgzm.com/images/baj/id_cbd_26e57a86-1414-4e24-93f2-31ef9ab50f0c_1735388715943.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc861a06336aac540d871c4ccdf13d7b1b2d61c28be17d32735081d372c36e1c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cf-cache-status: BYPASS
etag: "93c92e482459db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLytUYSv92w86v6CHEdxiPiDxQkEWbmw0yPXI3m7Ds5Vqr92ItkwVaVQO%2B1NWmGmgr4kppWlsG9wu%2FT6jssyTIzxwHO2R7eRsiNLIqgNxsJYnQd0K1fmYyfXyRE8eelVgmpZpw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=989&min_rtt=967&rtt_var=140&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4019&recv_bytes=2788&delivery_rate=4141086&cwnd=254&unsent_bytes=0&cid=f1dbac62140ac19b&ts=417&x=0"
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Sat, 28 Dec 2024 12:30:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369af58100921-LAX
accept-ranges: bytes
content-length: 657864
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 jackpot-play-logo-desktop-v2.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/jackpot/ 2 KB
3 KB 506ms
368ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/jackpot/jackpot-play-logo-desktop-v2.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

d5764279fe4b7e27d481581b1b68590f32574d05d0fb52a89a7b3c9628aba0c4

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0bfde333918db1:0"
age: 471052
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: DCa85DMOh38KeCuiA8JcdMD6hEjp3Ll7tqK3HYt77UaCvkLPo0bkNg==
date: Mon, 23 Dec 2024 07:03:05 GMT
content-type: image/webp
last-modified: Sun, 06 Oct 2024 21:46:30 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1690
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 chevron-left.svg
d33egg70nrp50s.cloudfront.net/Images/icons/ 1 KB
1 KB 527ms
390ms Image
image/svg+xml 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/icons/chevron-left.svg?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

6299e76b8da9fc905a6a4641e0500771db314e628cb9cf1553ca7e547461d441

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: br
etag: W/"ffee515acf10d71:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 4dvQyEXwtsiCjupesqnBPfTz1B90uzYlDBmHfYxOcfv8etrIA09n1g==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 04 Mar 2021 08:21:19 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 chevron-right.svg
d33egg70nrp50s.cloudfront.net/Images/icons/ 1 KB
2 KB 502ms
365ms Image
image/svg+xml 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/icons/chevron-right.svg?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

b4a82b7916c7e0e789b91fb4a107048b0362c3882073d8539543835fcfe01007

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
etag: W/"edeb2263cf10d71:0"
age: 471529
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: vPwbMTLN3GvuGlB72tUr5Ahyab94nujzpP909sCSrdTeNr-0L6tSsQ==
date: Mon, 23 Dec 2024 06:55:08 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 04 Mar 2021 08:21:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vs20olympxmas.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 20 KB
20 KB 429ms
291ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vs20olympxmas.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

12ccc9ecdea2a7b95cd45ff8557075d4dabb7b0a6dee6b3f8685105becf123e1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "035f34a3cdb1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: sArtp9vGXmfVQIVUMlT_6wlmNQva0Lcvslf19hE18tB1qhrlU4JYrg==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Thu, 21 Nov 2024 19:24:14 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 19986
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 mahjong-ways.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/ 34 KB
35 KB 350ms
347ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/mahjong-ways.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

e262397b71ee6b04ae7e5cb5e652fb084bdc6306a37f7e9dfd6a0f66524a1151

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "cfd93e9bbb9d71:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 35x_s3Q3X395p2fZNyqyxF91aeHmxJv9G4Pj29VqcK6fMS21CpY-Dw==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Tue, 23 Feb 2021 08:12:19 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 34566
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vswaysmherc.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 22 KB
23 KB 446ms
308ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vswaysmherc.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

dde6f1bae86a1266a2df3cb7b78b03adcdf08b38201bfab685b170acda3c4223

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "03891cef3adb1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 3nyd0pG8aOvZic7xYrjMOxJiIYSuRo_w5UEzfFo13A3DJTZQ4ANaNQ==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Wed, 20 Nov 2024 01:53:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 22958
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vswaysmahwblck.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 27 KB
28 KB 360ms
357ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vswaysmahwblck.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

0fd71e30974d09f0bb01779cee63aadd869ef56b048ba31e901e5a865de3cb6d

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "014d86b9d2ddb1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 9a79Tycjmef7bUwe-PfRkxbS0pDo75cDmqSM5KS2-Y3VCXDTFUKhLA==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Sun, 03 Nov 2024 03:06:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 27614
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 HACKSAW_1562.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/HACKSAW/ 23 KB
24 KB 502ms
363ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/HACKSAW/HACKSAW_1562.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

7caaec122fa393248cd9e9236aa0be4178cd01964eed18e79c6e1c8a0bf773f3

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0989e79f13db1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: PBJZEKtZD1kjrQbuIK2-705RJBILnXdBu_LJmlSZF4kGE_LZdMDVVQ==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 02:22:40 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 23670
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vs20pquestx.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 22 KB
23 KB 368ms
365ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vs20pquestx.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

51745230ac06943d7150a637641d5a48b8f59018984b9581df93568cc63857e5

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0e583fd02fdb1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: eVDv6J5HUVcBE2xoNNaqTi9VJ-v05BTsGjec6Aj67K0XFw0SATkXpQ==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Tue, 05 Nov 2024 22:15:40 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 22074
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 JetX_JetX.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/SMARTSOFT/ 9 KB
10 KB 456ms
318ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/SMARTSOFT/JetX_JetX.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

6c6a94095536ec9d59650e7db4f7ce3d5d3307c7543f67921c6ecee32ab3933b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0b9dc9b8c4bdb1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0QQNPgnyIBsi7lVH5SvO-0jfKOXOBm0Gf97QlmuWqQhi4RvVxlw2pQ==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Wed, 11 Dec 2024 05:22:02 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8850
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 HACKSAW_1534.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/HACKSAW/ 27 KB
27 KB 375ms
373ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/HACKSAW/HACKSAW_1534.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

09721128a7d707f9676591226f7cab6cbf389f5c7a032ac8909d6824127c9122

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "05ee14be5d0da1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: pPAYCh13zRJPhAiVSOw7netL-ILhbdeY87MZjpw-XvydZCcqez0XxA==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Mon, 08 Jul 2024 03:17:00 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 27140
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vs20slot88sb.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 25 KB
25 KB 364ms
226ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vs20slot88sb.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

673e2814835361675040925f32ee9c3160de03e49c38883d6ef0499c38d0c6ea

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "03891cef3adb1:0"
age: 471606
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: hNNGvDF6018_DhQBx6qob13BnAqkaTCjl_3h71aTHrt60R_WY2__gg==
date: Mon, 23 Dec 2024 06:53:51 GMT
content-type: image/webp
last-modified: Wed, 20 Nov 2024 01:53:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25106
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 mahjong-ways2.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/ 25 KB
26 KB 391ms
389ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/mahjong-ways2.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1876f7407e2fffa619daf635dd318f3905d952766058246d5f0937c7b05622d9

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "6ceb549bbb9d71:0"
age: 471605
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: B6xbS-HmQ_fgbiN9NmBr8sjxqidR4s7Zsd_8SLH0O05ZucqF2BbSQA==
date: Mon, 23 Dec 2024 06:53:52 GMT
content-type: image/webp
last-modified: Tue, 23 Feb 2021 08:12:20 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25730
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vs20starlightx.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 38 KB
39 KB 470ms
332ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vs20starlightx.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

ffb0ecd67a1f6b9a5528b02a800b6ce23a78a77c2d8caae3b8d196aefd6a4ffb

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0e3444a4422da1:0"
age: 471605
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 12xtMRe_p5ezGpxf65a6-LdjYCvZzh_M5-BoWYPDx7H42PshIJgYHQ==
date: Mon, 23 Dec 2024 06:53:52 GMT
content-type: image/webp
last-modified: Tue, 28 Nov 2023 21:46:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 39178
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 PGSOFT_135.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/ 18 KB
19 KB 390ms
387ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/PGSOFT_135.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

3e46abc53022c69a796895546c2bb96724cc96dcb796a9efcce89d35b83a8dda

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0efc7fe69b0d81:0"
age: 471605
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Y1D9f1_hkq0h088N5EkJTBtwzY6_p2e2qP73vPqfEIzCcT9AeTqYpg==
date: Mon, 23 Dec 2024 06:53:52 GMT
content-type: image/webp
last-modified: Mon, 15 Aug 2022 05:43:50 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 18608
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 SMG_luckyTwinsNexus.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/MICROGAMING/ 20 KB
21 KB 489ms
351ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/MICROGAMING/SMG_luckyTwinsNexus.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

034dfedce358bdfc5f184778d7ae7bf96d2d5ed6808e31514ec894c187792ad2

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "050b0af8bfdb1:0"
age: 471605
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: BRBD7thyI-nuB2It7iGmevZMjx0nJZ-m58ScpZdit0eLQl0kCa4GrA==
date: Mon, 23 Dec 2024 06:53:52 GMT
content-type: image/webp
last-modified: Wed, 25 Sep 2024 20:44:16 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 20514
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 SGNexusKoiGate.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/HABANERO/ 26 KB
27 KB 390ms
388ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/HABANERO/SGNexusKoiGate.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

3b3031cd1aa57a87b059fe5537c5c805b948d41405519c66aae77ca610696168

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0c7125bf62da1:0"
age: 471605
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: vUD_BE7UDWluN4PCSLFt_Dk5bm6z8CBtvaV2wFZARrAvxUdLSisnag==
date: Mon, 23 Dec 2024 06:53:52 GMT
content-type: image/webp
last-modified: Sun, 18 Feb 2024 23:06:46 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 26910
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vs20nexusgates.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 19 KB
20 KB 403ms
269ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vs20nexusgates.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

a0a0f9163b303351f2fea2062173ada33342339e2c64d94448f3ef55c96394e7

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0b28ca7cbdbd91:0"
age: 471485
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: l2pFlrH9tjqD5NFP2O6vGbyqOmRvq8P1f-LPd2JmqXH6P6kbqFHduA==
date: Mon, 23 Dec 2024 06:55:52 GMT
content-type: image/webp
last-modified: Thu, 31 Aug 2023 05:26:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 19570
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vs20olympx.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 20 KB
21 KB 396ms
394ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vs20olympx.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

24f9cae35fd5632d6b1a4476c613baab8a90290c004b12a832d276c0ff22d953

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0a7f3696c53da1:0"
age: 471605
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 9WstojvemisM9_hJNyQFNGJaelj1QLf3LCL82qpfKIqxPMbOzCf2Eg==
date: Mon, 23 Dec 2024 06:53:52 GMT
content-type: image/webp
last-modified: Tue, 30 Jan 2024 11:06:46 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 20786
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 treasures-aztec.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/ 32 KB
33 KB 411ms
409ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PGSOFT/treasures-aztec.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

37f55f44c5b641dadcb6b07ba874a7cc5db91fc11e077604bba035361bfdd1f9

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "9c7f8e9ebb9d71:0"
age: 470930
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: GUSQ4J1xLTR0VZMz-AxaMvJ3OIIgzdlxwmopihKQ_CuvOG6q0uqIMg==
date: Mon, 23 Dec 2024 07:05:07 GMT
content-type: image/webp
last-modified: Tue, 23 Feb 2021 08:12:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 32332
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 vswaysmahwin2.webp
d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/ 22 KB
23 KB 415ms
413ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/providers-v2/PP/vswaysmahwin2.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

3fb4c25e326c6bb30a3ff0d9d08a89aa51c4ae294a0a61e1e345b3d40c6d972e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "037c544d719db1:0"
age: 471522
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KlV2orhx3_bW2YokUVBH3wrAWZg_E4EdVQ21gMA3Yv6YIve3v1hwwA==
date: Mon, 23 Dec 2024 06:55:15 GMT
content-type: image/webp
last-modified: Tue, 08 Oct 2024 23:10:30 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 22796
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 21 KB
21 KB 268ms
131ms Font
font/woff2 173.194.66.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f94.1e100.net

Software

sffe /

Resource Hash

3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://peso138itu.com
Referer: https://fonts.googleapis.com/

Response headers

age: 596979
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Dec 2025 20:04:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Dec 2024 20:04:18 GMT
last-modified: Wed, 01 May 2024 20:31:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21904
x-xss-protection: 0
server: sffe

GET
H2 200 PP.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/providers/ 74 KB
75 KB 399ms
397ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/providers/PP.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

601e4182b617cccafd2bb42f061e6af4575791dd8e1260eeb9ae0430c812f7b8

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "03f22501a1cda1:0"
age: 471475
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 8Z-0n_O5tF1rkOOW_YfrqyQd8N3vh5TIL2vBWu1IQaCRhu6GI00RpQ==
date: Mon, 23 Dec 2024 06:56:01 GMT
content-type: image/webp
last-modified: Tue, 21 Nov 2023 01:30:30 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 75610
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H3 200 1686981462080444 Show response
connect.facebook.net/signals/config/ 78 KB
16 KB 229ms
229ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1686981462080444?v=2.9.179&r=stable&domain=peso138itu.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

b9d1fd43c65c406e6685e7eee655ba1b004e04034b5e7e17aadf84d8719268af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-HBPVDga8' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-HBPVDga8' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=80, mss=1232, tbw=74329, tp=71, tpl=0, uplat=102, ullat=0
pragma: public
x-fb-debug: 4BFyzjRub+z63lmcMk88DiGZQH+9JiAxspm8XidlkLKwOP67vmnKX+MqP2ki89H1HB5+4NCvFYcXJR47Ahwdsw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 peso138bannerhigh.jpeg
madu-asli.com/media/ 1 MB
1 MB 319ms
102ms Image
image/jpeg 198.252.99.139
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://madu-asli.com/media/peso138bannerhigh.jpeg
Requested by: Host: peso138itu.com
URL: https://peso138itu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.99.139 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 139.99.252.198.static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 36a59dbe7333ec5ff4731866d5c8cd543f5c54da9b50c378a7adafe08945c5d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cache-control: public, max-age=604800
expires: Sat, 04 Jan 2025 17:53:58 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1530510
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/jpeg
last-modified: Thu, 19 Dec 2024 06:25:41 GMT
server: LiteSpeed

GET
H2 200 live-chat.webp
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/footer-menu/ 324 B
1 KB 131ms
129ms Image
image/webp 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/footer-menu/live-chat.webp?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

02f272d1a24d204cd9625dd783e9a9958070ded210186daac05e7c3c60d7ba80

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02a5e8faa37d71:0"
age: 471508
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 1NmDCDRV1ZKeU4ylgZ5noS9zDVq6gmAFJVDooKXGXKZ_yV9XDFLIuA==
date: Mon, 23 Dec 2024 06:55:29 GMT
content-type: image/webp
last-modified: Thu, 22 Apr 2021 19:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 324
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

OPTIONS
H2 204 progressive-jackpot
dhro5khzpwdga.cloudfront.net/ 0
0 854ms
492ms Preflight 18.160.0.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dhro5khzpwdga.cloudfront.net/progressive-jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.0.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-0-57.iad12.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://peso138itu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
date: Sat, 28 Dec 2024 17:53:58 GMT
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft
strict-transport-security: max-age=15552001; includeSubDomains; preload
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-amz-cf-id: atFx0H_lnK_b_k2UOq1DgCOHbOuCO7cInQeUd6a4bpDVzNoiYqgopA==
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 notification.png
d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/popup/ 3 KB
4 KB 157ms
157ms Image
image/png 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/layout/popup/notification.png?v=20241125

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/Content/zoom-beta-css?v=9U2bfZt_HFYmVsrpz7RRmcwHn1QQthVBcb1P6kxyTKc1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

c54143f726291cacdc5bf8c8a42fde67796eb1f4368e6c887fcda6697e36b514

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "02bd3be537d71:0"
age: 470378
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ffVty3wIRuGbdpa0aLToYZ92bsXADqoVRo-6bkJkHCX8zsAp2jk20Q==
date: Mon, 23 Dec 2024 07:14:20 GMT
content-type: image/png
last-modified: Fri, 23 Apr 2021 02:06:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3487
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 progressive-jackpot Show response
dhro5khzpwdga.cloudfront.net/ 14 B
948 B 408ms
408ms XHR
application/json 18.160.0.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dhro5khzpwdga.cloudfront.net/progressive-jackpot

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/bundles/zoom-beta-js?v=IQtg2ROEYeDTinhf3NAXn5FbXVYkKFkDNf7CJ_jnTm01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.0.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-0-57.iad12.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

61dc6c5a773415f2e249a051c25d323c398da1f83793cfdfaf31a9423ebc71f9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://peso138itu.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: ApR_d_xxgozLGslYDqzVaB3iniD4dcEhCZVBbyMRs84qFZvDz9Mjvg==
date: Sat, 28 Dec 2024 17:53:59 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft
x-amz-cf-pop: IAD12-P3

GET
H2 200 live22-santa-cash-dash-desktop.jpg
d33egg70nrp50s.cloudfront.net/Images/banners/home/ 120 KB
121 KB 125ms
122ms Image
image/jpeg 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/banners/home/live22-santa-cash-dash-desktop.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

c8d07560dffcbf860414713b0057323a1d2a1c675c0c6228be5e98d75634ad38

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "03919c46344db1:0"
age: 471561
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: iycPLP_9iYAlYCcCNu_DLIsyHb6ZZElSOmmKHXuVDgyQXdhyq1yzHQ==
date: Mon, 23 Dec 2024 06:54:37 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 02:42:02 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 122713
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 ygg-xmas-tree-desktop.jpeg
d33egg70nrp50s.cloudfront.net/Images/banners/home/ 213 KB
214 KB 191ms
188ms Image
image/jpeg 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/banners/home/ygg-xmas-tree-desktop.jpeg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

f0265e18b2862ea08d267dfeb937de0300de8c4ecae0cf9b2cdf9daa46f5b94b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0223b6344db1:0"
age: 471561
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: svWu7pSB_89CwumumCEvXxytmt8d_E3U4iMqY6opIn__9MtGjbmU8w==
date: Mon, 23 Dec 2024 06:54:37 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 02:38:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 218050
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 nex4d-banner-october-desktop.jpg
d33egg70nrp50s.cloudfront.net/Images/banners/home/ 208 KB
209 KB 202ms
200ms Image
image/jpeg 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/banners/home/nex4d-banner-october-desktop.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

15821c35c766752be967944e7920e766718565cb457028c051db497faf1e1fe9

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "04ff6688c10db1:0"
age: 471561
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rueKy1DTd3XOOX7QZyTrzPfyeOP5RNR0FY27JNphaS45VbWIgIFZNQ==
date: Mon, 23 Dec 2024 06:54:37 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 03:21:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 212591
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H2 200 ps-pesta-natal-santa-desktop.jpg
d33egg70nrp50s.cloudfront.net/Images/banners/home/ 213 KB
215 KB 219ms
217ms Image
image/jpeg 3.162.130.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33egg70nrp50s.cloudfront.net/Images/banners/home/ps-pesta-natal-santa-desktop.jpg

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.130.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-130-81.iad61.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

e45efa4a0408db43925fb65cd7867ec8ac213f6d766a6088786ddfdbff087908

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

etag: "0bdbab5a4fdb1:0"
age: 471561
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 8777gXwQk-UC5tvqI61qzULJ5-3wmKtjIyNcf7BR2VrnTMUBWaJK-w==
date: Mon, 23 Dec 2024 06:54:37 GMT
content-type: image/jpeg
last-modified: Mon, 16 Dec 2024 01:30:10 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 218605
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD61-P3
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft

GET
H3 200 1074759487587396 Show response
connect.facebook.net/signals/config/ 28 KB
3 KB 238ms
237ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1074759487587396?v=2.9.179&r=stable&domain=peso138itu.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C135%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

935f337f7b7615d68340e8ead1cb2602e7925e6074bf894315d723cfcb3639d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-hY0u9DJQ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-hY0u9DJQ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=127, rtx=0, c=93, mss=1232, tbw=91337, tp=88, tpl=0, uplat=106, ullat=0
pragma: public
x-fb-debug: lKCyrJ8FwvEyg1cKXC8kYaFIYSqItX47GugiKLa20OL3IAub+k8XgNQe+hXw87TVcWYPoDABp/uZK5H9lpCF9A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 259ms
128ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686981462080444&ev=PageView&dl=https%3A%2F%2Fpeso138itu.com%2F&rl=&if=false&ts=1735408438241&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735408438236.605907244812508806&cs_est=true&ler=empty&cdl=API_unavailable&it=1735408437748&coo=false&rqm=GET

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=123, rtx=0, c=24, mss=1232, tbw=8278, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
199 B 416ms
285ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1686981462080444&ev=PageView&dl=https%3A%2F%2Fpeso138itu.com%2F&rl=&if=false&ts=1735408438241&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735408438236.605907244812508806&cs_est=true&ler=empty&cdl=API_unavailable&it=1735408437748&coo=false&rqm=FGET

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453522488303171618"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: QBX1GyADmxKcE/Y+tZahH2jT9WOGxpucG1CMsq0Svv0X0AUqjcVkARQgD2qMJrapslsCBbLpDWYTvEeXZQBt+g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453522488303171618", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=26, mss=1232, tbw=9034, tp=24, tpl=0, uplat=160, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 537ms
285ms Fetch
text/plain 173.194.66.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GW87154QM9&gtm=45je4cc1v9175661752za200&_p=1735408437315&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1100734053.1735408438&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735408438&sct=1&seg=0&dl=https%3A%2F%2Fpeso138itu.com%2F&dt=Peso138%20Lapak%20Situs%20Judi%20Online%20Terbaik%20Dan%20Taruhan%20Bola%20Terpercaya&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2331
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GW87154QM9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qo-in-f139.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://peso138itu.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 1820148218512235 Show response
connect.facebook.net/signals/config/ 28 KB
3 KB 226ms
225ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1820148218512235?v=2.9.179&r=stable&domain=peso138itu.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C135%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

e966703d2dfaa3ba17f078f8f1eac71c59b236f245b950b625dc9095e218c557

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-PkAMnl8G' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-PkAMnl8G' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=127, rtx=0, c=97, mss=1232, tbw=95513, tp=93, tpl=0, uplat=99, ullat=0
pragma: public
x-fb-debug: /Hcs52d2dToEVv9oyZisoQ6OxAoYyTzht8qXPJZgEYK6Y8ekft5zkIvj9SwHNByft5kvXCDcSjXidUK3d4siOg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 128ms
126ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1074759487587396&ev=PageView&dl=https%3A%2F%2Fpeso138itu.com%2F&rl=&if=false&ts=1735408438492&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735408438236.605907244812508806&cs_est=true&ler=empty&cdl=API_unavailable&it=1735408437748&coo=false&rqm=GET

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=123, rtx=0, c=26, mss=1232, tbw=8874, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
190 B 208ms
206ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1074759487587396&ev=PageView&dl=https%3A%2F%2Fpeso138itu.com%2F&rl=&if=false&ts=1735408438492&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735408438236.605907244812508806&cs_est=true&ler=empty&cdl=API_unavailable&it=1735408437748&coo=false&rqm=FGET

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453522487934853226"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: tPxci0SClEkfzfUnAwv0618DH7skhbnsAS8rTSTYd6lGnXsImb8Bu5gCB6qsiwp6i/1RS5W5l2neawjY83Iz5w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453522487934853226", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=26, mss=1232, tbw=12282, tp=27, tpl=0, uplat=80, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 127ms
125ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1820148218512235&ev=PageView&dl=https%3A%2F%2Fpeso138itu.com%2F&rl=&if=false&ts=1735408438735&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735408438236.605907244812508806&cs_est=true&ler=empty&cdl=API_unavailable&it=1735408437748&coo=false&rqm=GET

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=123, rtx=0, c=30, mss=1232, tbw=13354, tp=32, tpl=0, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 208ms
207ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1820148218512235&ev=PageView&dl=https%3A%2F%2Fpeso138itu.com%2F&rl=&if=false&ts=1735408438735&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735408438236.605907244812508806&cs_est=true&ler=empty&cdl=API_unavailable&it=1735408437748&coo=false&rqm=FGET

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://peso138itu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453522486421065235"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 17:53:58 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: NskGb7EQ7Ucw/4f614AxxV0TZ0PVuiwBZdST433QLug9zH37fLoBMJzK9g2Di7rquD2xZHl6+Azc6sLrR5zk8g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453522486421065235", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=123, rtx=0, c=30, mss=1232, tbw=13514, tp=34, tpl=0, uplat=81, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 online Show response
peso138itu.com/session/ 56 B
2 KB 192ms
191ms XHR
application/json 104.21.44.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://peso138itu.com/session/online

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/bundles/zoom-beta-js?v=IQtg2ROEYeDTinhf3NAXn5FbXVYkKFkDNf7CJ_jnTm01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://peso138itu.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3tBNO7d79xO7Er09NOoY7F02Oo%2BiJHW0wR0k9thEYdwPSiP2xwXqSkaDEUcneNt%2FZvk0DmN9cAEizoc9tMCTseVYUsyH%2BnJ%2FqDLqnDcOQ4S8PM5l5Ty8ztSgxqLPHQ66A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=66508&min_rtt=61097&rtt_var=1245&sent=542&recv=121&lost=0&retrans=0&sent_bytes=601038&recv_bytes=20847&delivery_rate=541113&cwnd=154800&unsent_bytes=0&cid=a4f48f8ed076c5db&ts=7118&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 17:54:03 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: private, s-maxage=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f9369d179de0fd1-LAX
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: cloudflare

GET
H2 200 progressive-jackpot Show response
dhro5khzpwdga.cloudfront.net/ 14 B
946 B 414ms
413ms XHR
application/json 18.160.0.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dhro5khzpwdga.cloudfront.net/progressive-jackpot

Requested by

Host: peso138itu.com
URL: https://peso138itu.com/bundles/zoom-beta-js?v=IQtg2ROEYeDTinhf3NAXn5FbXVYkKFkDNf7CJ_jnTm01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.0.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-0-57.iad12.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

4bdf83b95a89151d74435b858e1c50adeb373f659de88fa4a4edf23db143dd35

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://peso138itu.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: aQ9em3erO3F-Zb4__UH7z5FqO-XEi714LgyxJJ0R7kq2-i_vfIMp8A==
date: Sat, 28 Dec 2024 17:54:03 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
server: TrillionSoft
x-amz-cf-pop: IAD12-P3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Domain: d33egg70nrp50s.cloudfront.net
URL: https://d33egg70nrp50s.cloudfront.net/Images/zoom-beta/dark-green/home/download-apk-background.webp?v=20241125

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
peso138itu.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: nbbb4nt3cjlt01qme4kldrgn
peso138itu.com/	1970-01-21 02:03:57	Name: popup-home-page Value: true
peso138itu.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: PjLSKZ6Zfgnc-Zl0ldspKzfFARovTSOm1gghL_PHieqDO8zJM0hLh0BMKCALAmNb50-Pb1vDaVPvsrjidzRmrCXkqiCtzWUew1RGmu1JryQ1
.peso138itu.com/	1970-01-21 04:13:04	Name: _fbp Value: fb.1.1735408438236.605907244812508806
.peso138itu.com/	1970-01-21 11:39:28	Name: _ga_GW87154QM9 Value: GS1.1.1735408438.1.0.1735408438.0.0.0
.peso138itu.com/	1970-01-21 11:39:28	Name: _ga Value: GA1.1.1100734053.1735408438
peso138itu.com/	1970-01-21 02:13:33	Name: AWSALBTG Value: qP0uXA/Z/LAO7zIjuhxSavx6YGWY/Uy4lb0/O4EbfLJHTEOoywfiZq5XFiBsjthH4+eJPO2/kEt6J2NAYZXJeGuXZL8dDlsMX6wrwSyUxphIawsVcjRgjsnQEZuB+ID9uU40W1aRo2ht9iF0gQyv2RMOMrCsnDqLRO4blOFpyPhp/2cQrys=
peso138itu.com/	1970-01-21 02:13:33	Name: AWSALB Value: Gv2IAXqhonBlNAB3A/0TO/pWa/MB0UauXaQ2yXfog90mRND6WJjQsOaWxyVP8qopMBTxt5xWxnJZUmo6GEdhZWu3EU5dYWwBp3TUdnb1mXXcDDwnP6eGC5WEHqxd

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://peso138itu.com/not-found?request=/assets/js/jquery-2.2.4.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://peso138itu.com/ Message: Refused to execute script from 'https://peso138itu.com/not-found?request=/assets/js/jquery-2.2.4.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
recommendation	verbose	URL: https://peso138itu.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://peso138itu.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api2-baj.imgzm.com
cdn.livechatinc.com
connect.facebook.net
d33egg70nrp50s.cloudfront.net
dhro5khzpwdga.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
madu-asli.com
peso138itu.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
cdn.livechatinc.com
d33egg70nrp50s.cloudfront.net
104.128.72.66
104.21.44.195
104.26.8.209
173.194.175.95
173.194.204.95
173.194.207.97
173.194.66.139
173.194.66.94
18.160.0.57
198.252.99.139
3.162.130.81
31.13.66.19
31.13.66.35
02f272d1a24d204cd9625dd783e9a9958070ded210186daac05e7c3c60d7ba80
034dfedce358bdfc5f184778d7ae7bf96d2d5ed6808e31514ec894c187792ad2
09721128a7d707f9676591226f7cab6cbf389f5c7a032ac8909d6824127c9122
0fd71e30974d09f0bb01779cee63aadd869ef56b048ba31e901e5a865de3cb6d
12ccc9ecdea2a7b95cd45ff8557075d4dabb7b0a6dee6b3f8685105becf123e1
15821c35c766752be967944e7920e766718565cb457028c051db497faf1e1fe9
17eb87f74d828874ab836e15fe438a545eb4107a25293bc15a4743ac96faf0aa
1876f7407e2fffa619daf635dd318f3905d952766058246d5f0937c7b05622d9
19ead60a413cec6448c2e3faa81c8539a3339b1059a92f85cb40c5f30e45c547
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
1be0e4b54eab0e61e0555a9e91069c69d60777ab2ad37997b9960e14b16fe3bc
1c39fbe2913ec3a15d82e5817e820273c5ca61fc18e2cb8cae299d4209396994
1c7d5e3860149bb5d1e59df734697b181838a3c3ddb63908254988c59fddd917
1eae3862b5b366b0ca906a60109b592280b959a070114ef67bc847c4af96568b
21293667a429419f3af4379e1209a8ac836493a5a2470aeca31de4df86b68362
23eae2f023f3ce0f49256daf39192cc59e0fa40d48fbbbc387a94765cc99686b
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
24f9cae35fd5632d6b1a4476c613baab8a90290c004b12a832d276c0ff22d953
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
2d01d9f182115699dfb2ec9fc404a3aef8564dde6f1e3c7afdfd8f25f088cde5
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00
36a59dbe7333ec5ff4731866d5c8cd543f5c54da9b50c378a7adafe08945c5d7
37f55f44c5b641dadcb6b07ba874a7cc5db91fc11e077604bba035361bfdd1f9
3b3031cd1aa57a87b059fe5537c5c805b948d41405519c66aae77ca610696168
3e46abc53022c69a796895546c2bb96724cc96dcb796a9efcce89d35b83a8dda
3fb4c25e326c6bb30a3ff0d9d08a89aa51c4ae294a0a61e1e345b3d40c6d972e
45b9293a1455b9ee82e190750c930a7f95b7dfa86be62377a6c9e718aa2ef163
45c79f230205a13d70249daef4c3855e87513af12f74bde1aa27657a3b3828d5
4abf3c38c0e85233cc2c8f59ee8ffe5a52679b4a32b4357cfd2e108c76a03f74
4bdf83b95a89151d74435b858e1c50adeb373f659de88fa4a4edf23db143dd35
4c8a3fdaefe36a6dbe9457c0a0e3e4a86c1b0424fa3e5daa72f4c815282097cc
4da6c0ab543dbc896a31fdee24d3460100f228535468d666774ca21e3219b90a
51745230ac06943d7150a637641d5a48b8f59018984b9581df93568cc63857e5
570cc99295fc16547d33d86c8067bad9c7b7da7f2fa96f8e738d33ead4a709c1
601e4182b617cccafd2bb42f061e6af4575791dd8e1260eeb9ae0430c812f7b8
60576d77f1512fabfb338a5c73c45834f3dc59b9f410096220902bdb8b6730ef
61dc6c5a773415f2e249a051c25d323c398da1f83793cfdfaf31a9423ebc71f9
61fc7ed265000892c743cb4fc7b1e154ece3698476145f93e6c2be125ba692a3
6299e76b8da9fc905a6a4641e0500771db314e628cb9cf1553ca7e547461d441
673e2814835361675040925f32ee9c3160de03e49c38883d6ef0499c38d0c6ea
6c6a94095536ec9d59650e7db4f7ce3d5d3307c7543f67921c6ecee32ab3933b
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
73079bf8fa24bc45d28416c3802fe6d47117be9939bc901615a9078247135d51
7571a7eb7310a30f3f8c6f2c7bdc23088557ee6e81ea40ebae2c1d8f3f6f5d3c
7caaec122fa393248cd9e9236aa0be4178cd01964eed18e79c6e1c8a0bf773f3
935f337f7b7615d68340e8ead1cb2602e7925e6074bf894315d723cfcb3639d0
97839efa08c2da0184a9403d8286c9623db8e41a434b52b9b5f0bb19126ae0e8
97977aca177a7cdd7a43bdcf77d41387cf0d377a618ea1723144a8922b2e3c26
9aa0f664efedb9b1ba39b3e538fd2b21f2d45bb82145836a9082f04dcaa23d31
9fe9cee6a2e6e5516491b863c6c65a77f2a45c6ffbc940eb11bd5f47ca85d251
a0a0f9163b303351f2fea2062173ada33342339e2c64d94448f3ef55c96394e7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b05bd716e214f1e9f9a3a6024a79496ed83890081419bb315fec00d19c79d5b9
b2050a4c533cb03e04f8a7095659b026623c34b04dcc6c23b0a204d0e0df5fb5
b4a82b7916c7e0e789b91fb4a107048b0362c3882073d8539543835fcfe01007
b898f6976cd680b4a9078d0858be78e22f9b2cedc16b35a45c0ea3989c9095ad
b9d1fd43c65c406e6685e7eee655ba1b004e04034b5e7e17aadf84d8719268af
b9e1558a8b170c16521da2097960487e705020a83221cd55eb01dd2538622fa0
bf0e701d3e9795e9d4baef6281091dc9ae7cc2991e8e5b4d0001be6c5cc7f52d
c54143f726291cacdc5bf8c8a42fde67796eb1f4368e6c887fcda6697e36b514
c8d07560dffcbf860414713b0057323a1d2a1c675c0c6228be5e98d75634ad38
c92515b136159325232f512fff1eb7dd95013dd987c188b9da151cddd6156f57
cc861a06336aac540d871c4ccdf13d7b1b2d61c28be17d32735081d372c36e1c
d11beab04c9fc46ae0025c952f2e2e727ac6b50b7e24d3ba2f295f0512533c26
d5764279fe4b7e27d481581b1b68590f32574d05d0fb52a89a7b3c9628aba0c4
dde6f1bae86a1266a2df3cb7b78b03adcdf08b38201bfab685b170acda3c4223
e0fcc9e1648360a6e830e6f7675a3a963c149199eb96150c02f58340c7b7385f
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e262397b71ee6b04ae7e5cb5e652fb084bdc6306a37f7e9dfd6a0f66524a1151
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45efa4a0408db43925fb65cd7867ec8ac213f6d766a6088786ddfdbff087908
e7f808cd993032f20a3babbc669ea25f6efcc5abef00ddc7ff030696c6037445
e966703d2dfaa3ba17f078f8f1eac71c59b236f245b950b625dc9095e218c557
ea1ec80639f202eb859a7778669c34b53b379bb63f3bef0b18ae174a5f7fd982
ed15c0207d54dfc19b575e1d676e0d602af3ff523440ada99d0d76dfd72dbc64
f0265e18b2862ea08d267dfeb937de0300de8c4ecae0cf9b2cdf9daa46f5b94b
f199014e724e483f3f9c4f47acf5c4483a9c12c4790fd36adb889f1e68d6536e
f289b2094f489806a4d2a3b8ad7fd117d9266f27564fab6f0945363f2911e0ff
f7120221be97cb120192256877ef8a5d65859e5ceb1f207e277305d264122fc2
ffb0ecd67a1f6b9a5528b02a800b6ce23a78a77c2d8caae3b8d196aefd6a4ffb

peso138itu.com Open in urlscan Pro 104.21.44.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

97 %HTTPS

0 %IPv6

12 Domains

14 Subdomains

14 IPs

2 Countries

10468 kBTransfer

11866 kBSize

8 Cookies

10 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

peso138itu.com Open in urlscan Pro
104.21.44.195 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

10468 kB
Transfer

11866 kB
Size

8
Cookies

90 HTTP transactions
0 data transactions