urlscan.io logo urlscan.io
SecurityTrails logo

d2auuxx522rbw.cloudfront.net Open in urlscan Pro
2600:9000:26e8:2a00:0:5def:3700:21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://l3wy4.com/
Effective URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Submission: On January 07 via api from BE — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2600:9000:26e8:2a00:0:5def:3700:21, located in United States and belongs to AMAZON-02, US. The main domain is d2auuxx522rbw.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 30th 2024. Valid for: a year.
This is the only time d2auuxx522rbw.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    103.42.28.11 (Tokyo, Japan)

ASN62468 (HKCLOUDX, US)
l3wy4.com
12    2600:9000:26e8:2a00:0:5def:3700:21 (United States)

ASN16509 (AMAZON-02, US)
d2auuxx522rbw.cloudfront.net
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:9000:2646:3200:16:3453:9f80:21 (United States)

ASN16509 (AMAZON-02, US)
d1f02e9hwxyr26.cloudfront.net
1    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 cloudfront.net
d2auuxx522rbw.cloudfront.net
d1f02e9hwxyr26.cloudfront.net
1 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
1 l3wy4.com
l3wy4.com
339 B
20 5
Domain Requested by
12 d2auuxx522rbw.cloudfront.net l3wy4.com
d2auuxx522rbw.cloudfront.net
2 d1f02e9hwxyr26.cloudfront.net d2auuxx522rbw.cloudfront.net
2 www.facebook.com d2auuxx522rbw.cloudfront.net
2 connect.facebook.net d2auuxx522rbw.cloudfront.net
connect.facebook.net
1 www.google-analytics.com d2auuxx522rbw.cloudfront.net
1 l3wy4.com
20 6

This site contains no links.

Subject Issuer Validity Valid
l3wy4.com
R11		 2025-01-01 -
2025-04-01		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-16 -
2025-01-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Frame ID: 4580D472C134123A126BAA6B262F38AF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://l3wy4.com/ Page URL
  2. https://d2auuxx522rbw.cloudfront.net/?dc=LYF304 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

20
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

1398 kB
Transfer

2984 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://l3wy4.com/ Page URL
  2. https://d2auuxx522rbw.cloudfront.net/?dc=LYF304 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
l3wy4.com/ 		186 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://l3wy4.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.42.28.11 Tokyo, Japan, ASN62468 (HKCLOUDX, US),
Reverse DNS
Software
cdn /
Resource Hash
ee20f8ecbe958cb99a90bf03c83fae64bedc8df610bceea685260a269be64407

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
186
content-type
text/html
date
Tue, 07 Jan 2025 18:12:20 GMT
etag
"67754f18-ba"
last-modified
Wed, 01 Jan 2025 14:20:08 GMT
server
cdn
x-cache-status
MISS
Primary Request /
d2auuxx522rbw.cloudfront.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Requested by
Host: l3wy4.com
URL: https://l3wy4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b128f150048fd7a7084f87cdf872079ea5790ea29b66b1b66f073cb1ffe2e1d4

Request headers

Referer
https://l3wy4.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 07 Jan 2025 18:12:20 GMT
etag
W/"677d31b4-999"
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
vary
Accept-Encoding
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
x-amz-cf-id
KXGv1SKhnogU5Ak3eSqYb2iD1zW6I-DQXN4PsrCUV4xAwHTTiMD3jA==
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
app.a89f7979.css
d2auuxx522rbw.cloudfront.net/css/ 		239 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a4c0957d3b5b9a7be679cb75d21ddbcaff0b5750f169b4ea2db7f348fa88d60e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/?dc=LYF304

Response headers

content-encoding
br
etag
W/"677d31b4-3bdde"
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
kiRCQKEIHbtioQm-kcKyq6k2oo9VJRc3UwLa-x36sZrWnI0R4Mj5CA==
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
text/css
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
vary
Accept-Encoding
chunk-vendors.7be1d2f7.css
d2auuxx522rbw.cloudfront.net/css/ 		143 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2auuxx522rbw.cloudfront.net/css/chunk-vendors.7be1d2f7.css
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2c4f2b8e3edfbdaab2bae4f717f8c8a85e9d8aff84c6b11c09779afe953a6176

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/?dc=LYF304

Response headers

content-encoding
br
etag
W/"677d31b4-23c09"
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
OV2XWCUG7I1TyEbWh7nsjPwucapD245pQM9D69oChxCZQhwiyaCFzA==
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
text/css
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
vary
Accept-Encoding
app.119c2639.js
d2auuxx522rbw.cloudfront.net/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2auuxx522rbw.cloudfront.net/js/app.119c2639.js
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0ef448b3cd16be75dcaecdca7463754e37117b0dcee4165b28c8149c5661dfeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/?dc=LYF304

Response headers

content-encoding
br
etag
W/"677d31b4-51bb"
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Yx_3cck1jF-7f3--Bw3MAvDttawTbyLmSmV-CHBmZffkBJVk3HoDBA==
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
application/javascript
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
vary
Accept-Encoding
chunk-vendors.159edaa4.js
d2auuxx522rbw.cloudfront.net/js/ 		1 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2auuxx522rbw.cloudfront.net/js/chunk-vendors.159edaa4.js
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
9025ac57ec64cbd741615cad9c77814b822f77a8ef0d4aef904c30db5ca082f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/?dc=LYF304

Response headers

content-encoding
br
etag
W/"677d31b4-15c1f7"
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
4s_5LJ1mLhRviEVR7oRYvnr8ezoNvO8lBkAIYCgdckUgMFnjFR1Jeg==
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
application/javascript
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-XYR1RJQY' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-XYR1RJQY' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4523, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
V0Avr3DcTNELLzZULDtfM/Yss+f6mMLuLhbutByW3RYHuDpaDPwoRMgJZvxVr0jACi4fbesR6NULfqlbq7N+Ag==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62279
x-xss-protection
0
origin-agent-cluster
?1
281707421634087
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/281707421634087?v=2.9.179&r=stable&domain=d2auuxx522rbw.cloudfront.net&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc41e9e2e757776e6c406a842e24c033a6d7d0221b079e0c06355c4a7e430bcb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KwFke31e' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KwFke31e' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=77, mss=1232, tbw=70539, tp=65, tpl=0, uplat=142, ullat=0
pragma
public
x-fb-debug
RvHKZZSzh38eKchDCHSSOqT30m7K2V8svxH4DSgwklaCD2ZTuB1lC8vRhAb01bzD5qcVEUMsh0OJjBfrjMMqeQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=281707421634087&ev=PageView&dl=https%3A%2F%2Fd2auuxx522rbw.cloudfront.net%2F%3Fdc%3DLYF304&rl=https%3A%2F%2Fl3wy4.com%2F&if=false&ts=1736273540915&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1736273540913.92762509719512810&ler=other&cdl=API_unavailable&it=1736273540718&coo=false&rqm=GET
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4570, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 07 Jan 2025 18:12:20 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=281707421634087&ev=PageView&dl=https%3A%2F%2Fd2auuxx522rbw.cloudfront.net%2F%3Fdc%3DLYF304&rl=https%3A%2F%2Fl3wy4.com%2F&if=false&ts=1736273540915&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1736273540913.92762509719512810&ler=other&cdl=API_unavailable&it=1736273540718&coo=false&rqm=FGET
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/?dc=LYF304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7457238077537507476"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:12:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
v8lSDXHx1CfPMaDT0qpbNYMz6rCmzm01Q7R2RiRQRZCwlwRWSNECYyQHvpe4BMPKp+UC7Rc9TCdgfo4ZAM9Bcg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7457238077537507476", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4938, tp=13, tpl=0, uplat=168, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
nuS0EDXSczKgf3Xh
d1f02e9hwxyr26.cloudfront.net/plm/okn/ijb/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1f02e9hwxyr26.cloudfront.net/plm/okn/ijb/nuS0EDXSczKgf3Xh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:3200:16:3453:9f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://d2auuxx522rbw.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Length,Content-Type,Authorization,X-User-Agent,User-Agent,temp
access-control-allow-methods
GET,POST,PUT,HEAD,DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition,Refresh-Authorization,Cur-Ver
access-control-max-age
0
allow
POST
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 07 Jan 2025 18:12:23 GMT
server
nginx/1.18.0 (Ubuntu)
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
x-amz-cf-id
BrRtGbTIb8V5hcP6VvJywwBA0EeJHYO-lYkBngVe-TTVBq1LFoztKg==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/js/chunk-vendors.159edaa4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/

Response headers

content-encoding
gzip
age
1212
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 19:52:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 17:52:11 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
bg.292da4c0.webp
d2auuxx522rbw.cloudfront.net/img/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2auuxx522rbw.cloudfront.net/img/bg.292da4c0.webp
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2ca39f8ed4ae5fa2bd9d0759c991db49f4602c0663ef780dbeaaf1ebd3add771

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css

Response headers

etag
"677d31b4-32ac2"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
207554
x-amz-cf-id
j2npmPbZyiK4VhNKN_Aa3DvKx6hnavf2EJxdWs2I_Wabt55Ta5v5Iw==
date
Tue, 07 Jan 2025 18:12:23 GMT
content-type
image/webp
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
logo.1b90e621.png
d2auuxx522rbw.cloudfront.net/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2auuxx522rbw.cloudfront.net/img/logo.1b90e621.png
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8f1cbee56c8b3d5cb3687122a4c82811384d72fb3159913c41e82147486d399b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css

Response headers

etag
"677d31b4-7864"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
30820
x-amz-cf-id
O8T8ppxxWAR_gXV8iAPyQf_6B7NEwz64bIr1ZIkdLO3_YVyvthY27Q==
date
Tue, 07 Jan 2025 18:12:23 GMT
content-type
image/png
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
contactBox.4b3a9236.png
d2auuxx522rbw.cloudfront.net/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2auuxx522rbw.cloudfront.net/img/contactBox.4b3a9236.png
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
235417a7e15785e4e68c76a98a026e91a921b9c09b60af66c1fcba2e278ba167

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css

Response headers

etag
"677d31b4-5c94"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
23700
x-amz-cf-id
FWUmBIocvtOKq5kQAmcCHtsca12k5BND0Sep3onQqWWlbVJczlTx1A==
date
Tue, 07 Jan 2025 18:12:23 GMT
content-type
image/png
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
figure.d18e316f.webp
d2auuxx522rbw.cloudfront.net/img/ 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2auuxx522rbw.cloudfront.net/img/figure.d18e316f.webp
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b7aba2837196cc609f5046fbec962891ee378a5ee658420d12fa9ff9c450e017

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css

Response headers

etag
"677d31b4-46522"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
288034
x-amz-cf-id
bBShGBsCij2hEVlNPU0qaDvuxcP8BIgvGP6Q7K9nruowJuPN6Vtwhg==
date
Tue, 07 Jan 2025 18:12:23 GMT
content-type
image/webp
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
logoText.bdffc5a3.webp
d2auuxx522rbw.cloudfront.net/img/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2auuxx522rbw.cloudfront.net/img/logoText.bdffc5a3.webp
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
5b0266a796653ee9496c853a0aead3f757d41e255cbfb278253e4d5242b16e2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css

Response headers

etag
"677d31b4-31bd0"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
203728
x-amz-cf-id
Ox0FHISFFIXTxFbLdI4-CQlDSwtHtg9fXm1GmffmxaJWNHrduxCzFw==
date
Tue, 07 Jan 2025 18:12:23 GMT
content-type
image/webp
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
installSuggestion.f61f58a1.webp
d2auuxx522rbw.cloudfront.net/img/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2auuxx522rbw.cloudfront.net/img/installSuggestion.f61f58a1.webp
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
30288ca8d4e65d1ce5b276b26676efacd1573588789a3840619440e6e1fac6b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/css/app.a89f7979.css

Response headers

etag
"677d31b4-12322"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
74530
x-amz-cf-id
BgKrcNW2l11KS8Abv0kHE6v38tV5cva2xEfNQ5y5mrEPT67s6QrVAg==
date
Tue, 07 Jan 2025 18:12:23 GMT
content-type
image/webp
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10
nuS0EDXSczKgf3Xh
d1f02e9hwxyr26.cloudfront.net/plm/okn/ijb/ 		258 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1f02e9hwxyr26.cloudfront.net/plm/okn/ijb/nuS0EDXSczKgf3Xh
Requested by
Host: d2auuxx522rbw.cloudfront.net
URL: https://d2auuxx522rbw.cloudfront.net/js/chunk-vendors.159edaa4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:3200:16:3453:9f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e05c319cf207f4592fe6884c6ece0a12cd2b3008e284fa6efdc94275a421a1f3

Request headers

Referer
https://d2auuxx522rbw.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

x-request-id
c3294ebb-df22-44c3-b4d7-994187e50c7c
access-control-expose-headers
Content-Disposition,Refresh-Authorization,Cur-Ver
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
258
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:12:24 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P5
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-id
Hl5PQMMWH5n-pn_EybUM97zQ-fSz3cBdCRoMWGRV_KUhfn9zskQT9g==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbb0cdc3d52be6b33ff6936e97983ad0fc26f533a139dd8670a120b9dc8b6c58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
favicon.ico
d2auuxx522rbw.cloudfront.net/ 		14 KB
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2auuxx522rbw.cloudfront.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26e8:2a00:0:5def:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3272e74fed38bdabd701d677869e483114ffea3515c8e8ed2db136fec59814b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://d2auuxx522rbw.cloudfront.net/?dc=LYF304

Response headers

etag
"677d31b4-371e"
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
14110
x-amz-cf-id
Ul-cl3n5zTmROaII68lXXuhOLLbUqRgwGA7uHTNJbLgLr2Zx_5UPeA==
date
Tue, 07 Jan 2025 18:12:25 GMT
content-type
image/x-icon
last-modified
Tue, 07 Jan 2025 13:52:52 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P10

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| webpackJsonp object| lib number| rem number| dpr function| Hammer object| regeneratorRuntime object| google_tag_data function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.d2auuxx522rbw.cloudfront.net/ Name: _fbp
Value: fb.2.1736273540913.92762509719512810
.d2auuxx522rbw.cloudfront.net/ Name: _ga
Value: GA1.3.1363188973.1736273544
.d2auuxx522rbw.cloudfront.net/ Name: _gid
Value: GA1.3.249923468.1736273544

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1f02e9hwxyr26.cloudfront.net
d2auuxx522rbw.cloudfront.net
l3wy4.com
www.facebook.com
www.google-analytics.com
103.42.28.11
2001:4860:4802:32::178
2600:9000:2646:3200:16:3453:9f80:21
2600:9000:26e8:2a00:0:5def:3700:21
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0ef448b3cd16be75dcaecdca7463754e37117b0dcee4165b28c8149c5661dfeb
235417a7e15785e4e68c76a98a026e91a921b9c09b60af66c1fcba2e278ba167
2c4f2b8e3edfbdaab2bae4f717f8c8a85e9d8aff84c6b11c09779afe953a6176
2ca39f8ed4ae5fa2bd9d0759c991db49f4602c0663ef780dbeaaf1ebd3add771
30288ca8d4e65d1ce5b276b26676efacd1573588789a3840619440e6e1fac6b1
3272e74fed38bdabd701d677869e483114ffea3515c8e8ed2db136fec59814b6
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
5b0266a796653ee9496c853a0aead3f757d41e255cbfb278253e4d5242b16e2d
8f1cbee56c8b3d5cb3687122a4c82811384d72fb3159913c41e82147486d399b
9025ac57ec64cbd741615cad9c77814b822f77a8ef0d4aef904c30db5ca082f9
a4c0957d3b5b9a7be679cb75d21ddbcaff0b5750f169b4ea2db7f348fa88d60e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b128f150048fd7a7084f87cdf872079ea5790ea29b66b1b66f073cb1ffe2e1d4
b7aba2837196cc609f5046fbec962891ee378a5ee658420d12fa9ff9c450e017
bbb0cdc3d52be6b33ff6936e97983ad0fc26f533a139dd8670a120b9dc8b6c58
bc41e9e2e757776e6c406a842e24c033a6d7d0221b079e0c06355c4a7e430bcb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e05c319cf207f4592fe6884c6ece0a12cd2b3008e284fa6efdc94275a421a1f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee20f8ecbe958cb99a90bf03c83fae64bedc8df610bceea685260a269be64407