urlscan.io logo urlscan.io
SecurityTrails logo

m.facebook.com Open in urlscan Pro
2a03:2880:f12d:83:face:b00c:0:25de  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sirius-it-mail-trace.qiye.163.com/api/pub/url/visit?sign=%2BpbSjKG4zAJ%2BFJIb1qWOo9AqCelhxcya3NvWnie1XJChl0Ahy70AsN8PLq9oQFSofQw%2...
Effective URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Submission: On January 13 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2a03:2880:f12d:83:face:b00c:0:25de, located in Frankfurt am Main, Germany and belongs to FACEBOOK, US. The main domain is m.facebook.com. The Cisco Umbrella rank of the primary domain is 1307.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on October 23rd 2022. Valid for: 3 months.
This is the only time m.facebook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 59.111.243.50 45062 (NETEASE-N...)
3 2a03:2880:f12... 32934 (FACEBOOK)
15 2a03:2880:f02... 32934 (FACEBOOK)
18 2
Apex Domain
Subdomains		 Transfer
15 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 811
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 466
215 KB
3 facebook.com
m.facebook.com — Cisco Umbrella Rank: 1307
facebook.com — Cisco Umbrella Rank: 28
19 KB
1 163.com
sirius-it-mail-trace.qiye.163.com — Cisco Umbrella Rank: 721371
486 B
18 3
Domain Requested by
14 static.xx.fbcdn.net m.facebook.com
static.xx.fbcdn.net
2 m.facebook.com static.xx.fbcdn.net
1 scontent.xx.fbcdn.net m.facebook.com
1 facebook.com m.facebook.com
1 sirius-it-mail-trace.qiye.163.com 1 redirects
18 5

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-23 -
2023-01-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Frame ID: 1661F9D0281C6E4840AD9C6D37AEB5B5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Contenuto non trovato

Page URL History Show full URLs

  1. https://sirius-it-mail-trace.qiye.163.com/api/pub/url/visit?sign=%2BpbSjKG4zAJ%2BFJIb1qWOo9AqCelhxcya3NvWnie1XJChl0Ahy... HTTP 302
    https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

5
Subdomains

2
IPs

2
Countries

234 kB
Transfer

748 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sirius-it-mail-trace.qiye.163.com/api/pub/url/visit?sign=%2BpbSjKG4zAJ%2BFJIb1qWOo9AqCelhxcya3NvWnie1XJChl0Ahy70AsN8PLq9oQFSofQw%2BZy7zN4x4%0AOSOA%2BSe%2Be9CIvcJPtiBw24IUErTbBX4308Cz6MqHWel5upAOnbrlKnkoAWJdU8IJCyigC26dGB2Q%0AnU7AeUokS%2BbO2u4OggDRuSvJD%2BUChfwCKAuNn9h%2BM6j5Tpf89CaVRn6jCpdwaMXeG2NXwHHC9fFM%0An14hMCpJ7eINFrq9m61us7uips7WWk3L9TejnaDqg3FDpIaENrqJa2i6qw%2F%2FzaHlbOe6xEqmvIdw%0AHS%2BiDBG7oY8z7cVS%2B8hvL5h5JD3xBz0%2FeHqZlwyp2hqb%2FMHgN%2B7d%2B3DkODVM%2FcWvPWon4jl2sGlS%0AK4MNEHAq2bqF4yZYtFP7VyQxVQ%3D%3D HTTP 302
    https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request profile.php
m.facebook.com/
Redirect Chain
  • https://sirius-it-mail-trace.qiye.163.com/api/pub/url/visit?sign=%2BpbSjKG4zAJ%2BFJIb1qWOo9AqCelhxcya3NvWnie1XJChl0Ahy70AsN8PLq9oQFSofQw%2BZy7zN4x4%0AOSOA%2BSe%2Be9CIvcJPtiBw24IUErTbBX4308Cz6MqHWel...
  • https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
34 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74962172b5e8eee57ee54383fe87d15c252f583fa0c8e52cc0a276afd8410384
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 13 Jan 2023 20:06:31 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
pcz13OgQxLLUvxJknCb9FPzXWJ9kPXN+o607PCa1hj9baNtHMGoD82/Ph57SrZnX0aYVleVw92vy6rHCSw9RHA==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 13 Jan 2023 20:06:30 GMT
expires
0
lingxi-traceid
e_1fcded7ba7e748d0a07b59^1665664531770^678173548
location
https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
pragma
no-cache
server
istio-envoy
x-content-type-options
nosniff
x-envoy-upstream-service-time
124
x-xss-protection
1; mode=block
0g7A-xAzQJE.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/0g7A-xAzQJE.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13042155bc7514123e8d055f1f291ad6328850ced589479ab54e4fc5f7593532
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yorLRojVSdJ/r6P4OCsBPw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8188
x-fb-rlafr
0
x-fb-debug
uNwiuep5XPluk+Qevpbm4ai743nUSmIJucnEZBZxtvlPsoXE9BFF4VJtBPrt5DIPOiWbMFb1MrE4yJKCLkm5hg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 12 Jan 2024 18:05:04 GMT
ym9W-5nxwKn.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ 		2 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ym9W-5nxwKn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d07d03cb52289e3d3e1d01803bcc7f001d6eda05182528800f76ffa4c2ce725
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sP3YmElUAO84HL3WmBM6ZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
812
x-fb-rlafr
0
x-fb-debug
BuLowLyRKlYUuQ8J50nA9VWx/g8RKsZDgNAhO3k72iCnCJcY+2V6J0xcYPLj6vp2H6VVLkvTNfTcW6MHnQ/SqQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Jan 2024 18:15:19 GMT
Qv5E7aCycBt.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/Qv5E7aCycBt.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6246a6a5a1283f9c160e7ee0bf00a1222ba26ffa9c9c74fc100a7359a1ddae0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
balgoPWbJHMdzeBjTcYZWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9060
x-fb-rlafr
0
x-fb-debug
aknQq0buq8Cde3sEMhjoqEDHBaUsHgcjbqglC/3wTIDU/Z+hGQ/9cxzD9hIUwf92RgeMwiQYYhYKIaMuQ1fwcw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 11 Jan 2024 18:27:39 GMT
Kazxrm3cMip.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ 		247 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Kazxrm3cMip.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44242153eaedf57d56187e96398976a76a64ccc8d982cad9e3040a7fad9223da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Jcj6sTxeOpshzg9Zl0eqkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66783
x-fb-rlafr
0
x-fb-debug
jtEnnSAmo8JGV1usd5syzb54S3DLKtb4k6flYkdkaLiANrGWfHl1sr58z6cY/suvFOu3FvAMmqNfvBpEwGJZuA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 13 Jan 2024 00:59:56 GMT
hsts-pixel.gif
facebook.com/security/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
date
Fri, 13 Jan 2023 20:06:31 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
hlltja8xQuNanwyFcc5IyX2ObZhKyeyGZlVK04s7G+flUGtME4GIDbp87qMmFqazTm16p84wr5Z9ukEqY2wElg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
SdtDSnQ5Pqo.js
static.xx.fbcdn.net/rsrc.php/v3iXa64/yV/l/it_IT/ 		183 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iXa64/yV/l/it_IT/SdtDSnQ5Pqo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9a073af3f271ef01637a489697a7c5d0906b50905e028e9525ab493d16e7b83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EVjDhT7wZHh9Mf09udRbhA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
51381
x-fb-rlafr
0
x-fb-debug
VWTRCvhmXsNyFVHUkPXHJRA5KbpGATb1KuPDLe/hiLt411zmBgmq5MJC9m992+EVbYyfoH1818P/pW9Af0cboQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:14:10 GMT
QBkA9ZfAK-V.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dxSBNxAoHpgvJ2qFBTqqRA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12436
x-fb-rlafr
0
x-fb-debug
83HqjESPeioSuINaybjx+hvc62rMMJeGlezexSHJisLkCuBbLWGRFnASEOrhZbRbZ3EJ3FGHl8HIl+pkD8kISQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 03 Jan 2024 16:41:43 GMT
XmO_5adUbuq.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
872c65d4a63e0013402f3036e831107948f529a0761bc829b97a598970f9a287
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RueYPi3QPvZc5hTL3SPnBQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10439
x-fb-rlafr
0
x-fb-debug
TT0stqnh8zvijnbJHL3G12iGvmK9+kpLNt5kl0a2jiZIHTyLOyxet7apql3txcrWZqRW0CnBFy7qvtMh68PEKg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 Jan 2024 17:44:44 GMT
ohs53z_4AL7.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
530c7275a06a44cf5547e721c8d0b227a78f3cb634e9529d16e0312fcf421d2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fAOoF9+0aoiGDVIthlREGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7358
x-fb-rlafr
0
x-fb-debug
JCFZv1AxIjIJVd4dQWtGccCt0OFJrnUuQm/f9d3ERwk/MnKFHxeKOpKsvJbQXovF/6Gzl5Sdeem49d014tq/iA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 Jan 2024 14:31:14 GMT
ENSponm7cFY.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/ENSponm7cFY.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/0g7A-xAzQJE.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dccdcf76b5b913f6bc771111aac36a38f2742badc410fe6fb3066f70b2b9ded
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/0g7A-xAzQJE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
x-content-type-options
nosniff
content-md5
gt45gtXMuK/vnCZXiXB6mQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14142
x-fb-rlafr
0
x-fb-debug
kzqbw6jDo6xHnd19HnN/sRy9SoQxv4Ld3tYch6Yv4/l0HR0ksjhqUz9hygbnKiYrokuZiHwLva2VxLJK1FXUhg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Jan 2024 18:04:26 GMT
5hx8IbI7sDB.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/5hx8IbI7sDB.png
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab76e1eb6edad1468e1e9acd446bff649d1105c133ef6f1bcb8bd30f9d06afd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
x-content-type-options
nosniff
content-md5
oGBQeM9S5GehItt/5ORx0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4339
x-fb-rlafr
0
x-fb-debug
coMqg2HiRvY6y+URNw/LRsF/GvItvJyLxsIk8/9P4vQQSMEUiXKv836IQFInHsF0KMUoeteYR4y7mMDH18MYVQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 09 Jan 2024 04:10:02 GMT
_IiO8YRpGmK.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/_IiO8YRpGmK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Kazxrm3cMip.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef495f4d3bfc55d776932cda45c20ed6daccbfcada2ef4f03b1b003e5878f6c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fZddDux9V0co0K/RzPo5gg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18193
x-fb-rlafr
0
x-fb-debug
UXUNxjK/wBTFvgbh/JHP/UlTqjaOhri9ccxsozfC+wzSBUUmVeBtaXvDtgtWuE6VZqs2AwnBv/+9iswTUlOeIw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 08 Jan 2024 15:43:41 GMT
0D75Vw0sOuD.js
static.xx.fbcdn.net/rsrc.php/v3iajD4/y9/l/it_IT/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iajD4/y9/l/it_IT/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Kazxrm3cMip.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dad6da2a2172cd32e73ca8367ff3755c0c6796ff4133cb43e379d2514f810b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ct6ug9i60OboNxfsJO/DTQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3277
x-fb-rlafr
0
x-fb-debug
eFXjy5/UpUWpHMnXlDbERcG73NEY6Mv/dyqo8IbBBjLA6KnI1u4JyGKQ+3pEx+4cddfre/KOe7ss1hpQE7lBHA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 Jan 2024 01:17:32 GMT
GaT0-DQJdWD.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ 		313 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Kazxrm3cMip.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dfdfbee24a09f48ebeaf6475da29c527799a0faeeb20c68a58a2dfdfb3040d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9B3SEdri44zAf7mGoDhtVA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
174
x-fb-rlafr
0
x-fb-debug
rUffQKCqtMOMAOGM7QHrUFdSwauKNMs0ljx4QQ0PAG7gVZDuxNBxvOdeQ6FZbTF1Go7UETMooU9ZtAg+/dMt3A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 Jan 2024 19:05:42 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Kazxrm3cMip.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facebook.com/
Origin
https://m.facebook.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
x-fb-rlafr
0
x-fb-debug
fsBpT5feyuVd9yt+xBsT2rxVlp+onEsAgnrvGbGY5s5lyfA5eiOncgtPK66NyU3Lar2LzPFvCnLgMLOf6KTsTA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 Jan 2024 14:26:14 GMT
1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ 		79 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by
Host: m.facebook.com
URL: https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:06:31 GMT
x-fb-trip-id
917726464
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79
expires
Fri, 13 Jan 2023 20:06:31 GMT
bz
m.facebook.com/a/ 		249 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.facebook.com/a/bz?fb_dtsg=NAcNlvYrrhkXg198YYhUf-zPRy_ZqwQTgMjQZReQHalqN4q7Uu9eNPA%3A0%3A0&jazoest=25132&lsd=AVr2z25IITk&__dyn=0wzpawlEaU4ifDg9ppk1swgE98nwgU2owpUuwcC4o1nEhwem0iy1gCwjE1xo33w2sbzo1MU88C0pS0ny0oi0zE1bE881so17U2ZwrU2pw8O&__csr=&__req=1&__a=AYlO_e4nqoVzyfwiyG6LxTOYPpzJTeCY4gNdQyIU6L-q-hmXjoMP8o20PxNexfWROKE_Jza5e97wBIohhmtwfsm7ehXb1_cNEff_IJ_8JOiWEg&__user=0
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iXa64/yV/l/it_IT/SdtDSnQ5Pqo.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85eb83d294a1d710961e0892233cd2b2924b9b7a11d16afcf150f5c6ed656819
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

X_FB_BACKGROUND_STATE
1
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-Response-Format
JSONStream
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarykF7A4J81vFGyDZ2b
X-FB-LSD
AVr2z25IITk
Referer
https://m.facebook.com/profile.php?eav=AfbXrqH1supn02c2Ry6ckCTUcKOHwF5ZjByreCtsPYDat1wNYrwPc9o8g8Mg97dsqFU&paipv=0
X-Requested-With
XMLHttpRequest

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload; includeSubDomains
date
Fri, 13 Jan 2023 20:06:32 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
D753ptAYhoBDZzRTVpY2+wAiXt6PJvdbX0z+ETsejw+Ve8wZSK23pK1lkKBRmTE4p5rWZ1uHj1whdQ/M1CtkVA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/m.facebook.com\/ajax\/mtouch_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://m.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
vary
Origin, Accept-Encoding
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| envFlush object| Env number| __DEV__ undefined| MAX_CALLS_TO_EXEC function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame

4 Cookies

Domain/Path Name / Value
.facebook.com/ Name: datr
Value: x7nBYxA4-jEwD2mPuntBi3Ck
.facebook.com/ Name: m_pixel_ratio
Value: 1
.facebook.com/ Name: wd
Value: 1600x1200
.facebook.com/ Name: fr
Value: 0KBdfRPYmhy8TZiDe..BjwbnI.YL.AAA.0.0.BjwbnI.AWVISK16mbw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
m.facebook.com
scontent.xx.fbcdn.net
sirius-it-mail-trace.qiye.163.com
static.xx.fbcdn.net
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
59.111.243.50
0dccdcf76b5b913f6bc771111aac36a38f2742badc410fe6fb3066f70b2b9ded
0dfdfbee24a09f48ebeaf6475da29c527799a0faeeb20c68a58a2dfdfb3040d3
13042155bc7514123e8d055f1f291ad6328850ced589479ab54e4fc5f7593532
44242153eaedf57d56187e96398976a76a64ccc8d982cad9e3040a7fad9223da
530c7275a06a44cf5547e721c8d0b227a78f3cb634e9529d16e0312fcf421d2b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
74962172b5e8eee57ee54383fe87d15c252f583fa0c8e52cc0a276afd8410384
85eb83d294a1d710961e0892233cd2b2924b9b7a11d16afcf150f5c6ed656819
872c65d4a63e0013402f3036e831107948f529a0761bc829b97a598970f9a287
8d07d03cb52289e3d3e1d01803bcc7f001d6eda05182528800f76ffa4c2ce725
a6246a6a5a1283f9c160e7ee0bf00a1222ba26ffa9c9c74fc100a7359a1ddae0
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
ab76e1eb6edad1468e1e9acd446bff649d1105c133ef6f1bcb8bd30f9d06afd8
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
d9a073af3f271ef01637a489697a7c5d0906b50905e028e9525ab493d16e7b83
dad6da2a2172cd32e73ca8367ff3755c0c6796ff4133cb43e379d2514f810b9e
ef495f4d3bfc55d776932cda45c20ed6daccbfcada2ef4f03b1b003e5878f6c3