www.facebook.xn--qev579g.xyz Open in urlscan Pro Puny
www.facebook.料金.xyz IDN
172.96.191.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.facebook.xn--qev579g.xyz/
Submission: On November 04 via automatic, source certstream-suspicious (November 4th 2023, 10:47:03 am UTC) — Scanned from SG

Summary HTTP 23 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 23 HTTP transactions. The main IP is 172.96.191.125, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is www.facebook.xn--qev579g.xyz.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time www.facebook.xn--qev579g.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
2	172.96.191.125 172.96.191.125	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
21	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
23	2

2 172.96.191.125 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.125-static.reverse.arandomserver.com

www.facebook.xn--qev579g.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
andikaputrahidayat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f00c:300:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 933	246 KB
1	andikaputrahidayat.com andikaputrahidayat.com
1	xn--qev579g.xyz www.facebook.xn--qev579g.xyz	10 KB
23	3

	Domain	Requested by
21	static.xx.fbcdn.net	www.facebook.xn--qev579g.xyz static.xx.fbcdn.net
1	andikaputrahidayat.com	www.facebook.xn--qev579g.xyz
1	www.facebook.xn--qev579g.xyz
23	3

This site contains links to these domains. Also see Links.

Domain
m.andikaputrahidayat.com
about.meta.com
messenger.com
pay.andikaputrahidayat.com
www.meta.com
lm.andikaputrahidayat.com
developers.andikaputrahidayat.com

Subject Issuer	Validity	Valid
facebook.xn--qev579g.xyz R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-13` - `2023-11-11`	3 months	crt.sh
andikaputrahidayat.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.facebook.xn--qev579g.xyz/
Frame ID: 056C4BB0F33D52FFBFF369EC1DA0DE2B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

andikaputrahidayat – log in or sign up

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

256 kB
Transfer

877 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://m.andikaputrahidayat.com/click.php?redir_url=market%3A%2F%2Fdetails%3Fid%3Dcom..katana%26referrer%3Dutm_reg%253DkQlGZaTjtyUd7M3HsjvyudiE%26referrer_params%255Blink_source%255D%3Dfb_app_banner&app_id=350685531728&cref=mb&no_fw=1&refid=8
Title: Get Facebook for Android and browse faster.

Search URL Search Domain Scan URL

URL: https://about.meta.com/
Title: About

Search URL Search Domain Scan URL

URL: https://messenger.com/
Title: Messenger

Search URL Search Domain Scan URL

URL: https://m.andikaputrahidayat.com/watch/?refid=8
Title: Video

Search URL Search Domain Scan URL

URL: https://pay.andikaputrahidayat.com/?refid=8
Title: Meta Pay

Search URL Search Domain Scan URL

URL: https://www.meta.com/
Title: Meta Store

Search URL Search Domain Scan URL

URL: https://www.meta.com/quest/
Title: Meta Quest

Search URL Search Domain Scan URL

URL: https://lm.andikaputrahidayat.com/l.php?u=https%3A%2F%2Fwww.instagram.com%2F&h=AT3JuclPVlSSxBbcEZMYaMvwzHPgosOR_MdFJOb5DIygWuz0NcB2YdltUs3kxzuShSgW1btzamzipQ4j0PCEIE9JipRO0ToKVneDdIFgScekhQcl22VNgkeUiqdftCrmV74K1eomP-3vuIJDUau9
Title: Instagram

Search URL Search Domain Scan URL

URL: https://lm.andikaputrahidayat.com/l.php?u=https%3A%2F%2Fwww.threads.net%2F&h=AT1sk48IGGI1zeGvWzYnZGHfkpc-Dkvos5O7V-3UolEznml1dTaNNwFlQiJfItALOUZww4Q0oHZApqmlAALt6r7Ymmj0Zha6y-DLPO4YtKFT2gIQkhkUvu226YUHP9QCqcF2pl92prOfwHoV2jML
Title: Threads

Search URL Search Domain Scan URL

URL: https://developers.andikaputrahidayat.com/?ref=pf&refid=8
Title: Developers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.facebook.xn--qev579g.xyz/ 40 KB
10 KB 157ms
6ms Document
text/html 172.96.191.125
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.xn--qev579g.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.125 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.125-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: f09be4b04b75866f62ceeeea6bc0333fcd04e747ba1db8d01cff392e860e127d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 9925
content-type: text/html; charset=UTF-8
date: Sat, 04 Nov 2023 10:46:57 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 Gcqc12s-MFx.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ 43 KB
11 KB 30ms
11ms Stylesheet
text/css 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Gcqc12s-MFx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31d628c909c2638358ecfdba3bcf0b71bf8c157ae909c67c7eef25f12947733c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CfZ/oDEq9rQ4w9ODZOxt3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11220
reporting-endpoints
x-fb-debug: l2T0DGj3Cjf3ZoWlbaKybaSMLItPv/SM+pJ2sQ7Ew4LFfyrPi0GOrQlIBscGasB3vBNN3tAzE3WSTtyfCzXeXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:30:58 GMT

GET
H2 200 K7o0pCoQ5Uo.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ 22 KB
6 KB 28ms
10ms Stylesheet
text/css 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/K7o0pCoQ5Uo.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c24573b9e434fa959fd2f7746e11e96fa9219a61c25c5f419ff5ffd36c09bc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bLX4O583vQeSN6ZJUSDq9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5098
reporting-endpoints
x-fb-debug: 72PsCyXb6eLVfS1A3Zc/rpbC8UCw+uqbiErB+7wndoZI2A5Os71u2hFLuC/sZONso1PlWZUBU0bQSxLqoMRqMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:30:58 GMT

GET
H2 200 y6XwryXmYgW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ 41 KB
12 KB 30ms
11ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/y6XwryXmYgW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54f09dd9e2e6c1f3c8d56c13736a6133ec78ee4aca2ec8dccdc9a21b6e06f4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /QnUt8QtPmEooh/b0slbdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12279
reporting-endpoints
x-fb-debug: LffruCVFaAiziD608/PQ0RcblMSDMxvIayrZMVLlj/VbtxDENEv+UgiCzodZrmmQzR/iyX/760IjSfOYu22TvA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:32:02 GMT

GET
H2 200 oteTkhi13Db.js Show response
static.xx.fbcdn.net/rsrc.php/v3inLb4/yI/l/en_GB/ 215 KB
55 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3inLb4/yI/l/en_GB/oteTkhi13Db.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4298ee395a40746deda47f6f1e7caa9485ab2e2d68a9539e62e381c238353b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /YQxdJrWI+ZAo72x2gsilQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56479
reporting-endpoints
x-fb-debug: yKh3NMM+lKlCQdm77rV+Z6cqHCQB7SJUp4GlLvli1glBXrvurZAQpQJk7tREYvdu9SFAzmIaN4FvV5uVh5nITA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 24 Oct 2024 15:51:23 GMT

GET
H2 200 CAs4HwpQN7Q.js Show response
static.xx.fbcdn.net/rsrc.php/v3iMb74/yy/l/en_GB/ 40 KB
12 KB 40ms
22ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iMb74/yy/l/en_GB/CAs4HwpQN7Q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf52e3bbdf992248619d2590cd5450ea88488d57e831b3f6e90a00ee9ded538d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AgumilbKKhJXrl/iX2yfPw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12106
reporting-endpoints
x-fb-debug: 3uCfX4KtLDN6+OTU6zHjM+ZtLe+XhXNAizKpNAcKLQLaVecvZSzNAAE756KTqL8Gw+p+VlpDgTtfNNkdv7vrYA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 01 Nov 2024 17:58:43 GMT

GET
H2 200 TeovwXu5GSv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 22 KB
7 KB 31ms
13ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/TeovwXu5GSv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26eea5fbe6bff7f368ec11e6179bdfca9ac79f1200198dfaa04a615cd2ac9bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vzRSqq3+7TKfkOUCBT1l/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7361
reporting-endpoints
x-fb-debug: N+2J/MululQTYbdZO+keKHlX2mxdLh7xs0cIf2I6f65rcQsZNC5kSQA74QSC0i/YnEMWFFQNzYQ3srYBsk67fw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 01 Nov 2024 17:57:34 GMT

GET
H2 200 hwPr0eM9RMB.js Show response
static.xx.fbcdn.net/rsrc.php/v3i3kA4/yV/l/en_GB/ 94 KB
24 KB 39ms
22ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i3kA4/yV/l/en_GB/hwPr0eM9RMB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af9b6490929e7e92facdf3523b7ac5bf5dc99bde28c5332545e49ff6a7e4569a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7i+R8t8Z/JaWnji05xR7hg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 24877
reporting-endpoints
x-fb-debug: CE52wZhy4WxOYSd2A9CIC+aH0+177Ege24RadWEk1r/UFLFGtrff8Tru8NBWDBXsS94AtR2ePPb2MGGBxyCV6A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 29 Oct 2024 19:29:36 GMT

GET
H2 200 wi_V2bfx_fB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ 64 KB
20 KB 42ms
25ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/wi_V2bfx_fB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

039d31710a3f4e644b2fd4f2d309eeb93ecadff713827c8220c1ed7e738a18d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7ctENN2S+c0dHISw+bbDRQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20206
reporting-endpoints
x-fb-debug: tdH1coo1p56CdSN5WMRNzQI+D88rqahxX8OwkwOfbrEpwSPFWOw/gVA8Rp/bZMp4jVRgb4xXftR2IPZESsTDNg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 01 Nov 2024 23:52:21 GMT

GET
H2 200 ui2DkP-wt_7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ 11 KB
4 KB 29ms
12ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5fb29c66a3eda461a11e8dae54fcff64e73c23d6b67a5232fc23f417719d8ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: k+R7eY3Xrv/nId1snIjgBw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3489
reporting-endpoints
x-fb-debug: asAuJlflLQkMElq28mjxsjK+eZlrQYH9AEH01DwHqaFzr2YEvTIijI9li1qaJ4VLNoTh3PQUC9ZIaW6PntpiDQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 22 Oct 2024 22:05:32 GMT

GET
H2 200 J-tgwrGO2Av.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ 5 KB
2 KB 29ms
12ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/J-tgwrGO2Av.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c0b087afdf0ee061696c9b40fbc8a6bacb61eee3606d6b0eeb6305dee755d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KkIHQQCyJ91VtaRV3wFuHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1764
reporting-endpoints
x-fb-debug: DUcsSYHXN2GW4er6wBxHJZm9J47xxPwQHKBGnrnw7WPK0OX2z6dl80RxiMQm4xxn713TtdXqqXi5eAHqQoLp3Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 29 Oct 2024 15:38:40 GMT

GET
H2 200 iAepi7eHn2-.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yv/l/en_GB/ 10 KB
4 KB 29ms
13ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yv/l/en_GB/iAepi7eHn2-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adccd0848354cb8b7fe20afa71af906b55f59d0353d91a1bd3b1ce8baa4b6e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EOJ5YoqAl/jFI1+KkfeISQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3900
reporting-endpoints
x-fb-debug: mZXyvPm+2X90MNo+5Gbb5jw6orbqSskU1eOrnBKWSqLC4DYWP+SgOxvZNiCMUL44kp3BKFAuJTaDWyf/P+z7Xg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 26 Oct 2024 09:19:09 GMT

GET
H2 200 buZhLrIBAaP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ 32 KB
10 KB 41ms
24ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/buZhLrIBAaP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8362d18dd557cc0049d5cfd3275e76693679c8e34e9db42fa6fa79a620cad06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7kjlDmGDkA9QbbnO4bKrtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10471
reporting-endpoints
x-fb-debug: EEGi4Xv8aiOf9qJo8VR74wiong0/nQWShg6RcciYrlYrCqEPw4ZUUpqnC1VuNWifXVyrXWHaBH1fjvfe0d2OXQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 27 Oct 2024 15:34:29 GMT

GET
H2 200 Z1cCLcKm3ho.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLQG4/y7/l/en_GB/ 43 KB
12 KB 40ms
24ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLQG4/y7/l/en_GB/Z1cCLcKm3ho.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de27f766e1056908af84984d57dc6f63897a0340b2a67f911839c73092982d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0MjZak0QagiLHRjeehd46A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11851
reporting-endpoints
x-fb-debug: Lf3DH8f0QxwW4QirbY/7aBVyhgLDhO6TFzO59dvTEjbxhxDYbRo57RtynIHE8Oq6um8RrNvP8oZmRgW+oRf8Qw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 24 Oct 2024 15:54:15 GMT

GET
H2 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ 25 KB
10 KB 40ms
23ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
reporting-endpoints
x-fb-debug: wBmSch/arqKmC+dc63g1nu7D2CRz6CsfUebQkfrTQyom6PmzFxbcYc8bCc2k1VyH8graCsOM/1mt5im402AMCQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 30 Oct 2024 02:51:00 GMT

GET
H2 200 N6rR53BkYq9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ 13 KB
4 KB 41ms
25ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/N6rR53BkYq9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ba6a1d3f18cceeee13698ddef3c39a17f60b0fbd7ef4e6db7eadcb4acc5d32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vtBZpig0i9oTPdm3+e6szw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4112
reporting-endpoints
x-fb-debug: tObKObccSjRisbQDI/jc5fQ8gbYpa4TpdLS/2inVZsm+poP2J4beKrwtO3aEMYKNvSJJvpqCIRPM2MeY4oY2PA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 31 Oct 2024 23:20:00 GMT

GET
H2 200 q3Wn5qYUZ1o.js Show response
static.xx.fbcdn.net/rsrc.php/v3iRWc4/yk/l/en_GB/ 74 KB
20 KB 39ms
23ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iRWc4/yk/l/en_GB/q3Wn5qYUZ1o.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa3754df053601710e9b4b7e17c848702d1cee27f0ef9c8730abb51faec6091b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hJyRGsu0uiz1eeLa9hwWOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19951
reporting-endpoints
x-fb-debug: 7hVwBaAfbLujx4itCTScqJ/Rry+Yowdr4oq5Bo262ADJK76aSmGYxY1pbdQoKz4vuxpDSIaeQatTOfuY8vShHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 31 Oct 2024 17:25:59 GMT

GET
H2 200 sKtrEJAtiUM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ 50 KB
9 KB 38ms
22ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/sKtrEJAtiUM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4de549ad703554664b92ad274104eb22a10d92094888e478be08f5353d1d0434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ykBL64qvZzhD2Soyh7PHeA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9401
reporting-endpoints
x-fb-debug: /9Lkr11T93HTepAojaWFYLrYv3SwI+A22+ytGUSqLL7PfCqoguXJ8jRRGqGVmhbQZYQ+CuMC8nSqVdyttpLtGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 30 Oct 2024 12:28:45 GMT

GET
H2 200 _tJ17sGyxOX.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 18 KB
8 KB 38ms
23ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.xn--qev579g.xyz/
Origin: https://www.facebook.xn--qev579g.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: W5jgcEXKioVMwlHFWJyajA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7497
reporting-endpoints
x-fb-debug: 8M1nT4oPAZ30vTJzeZe0c0cAQrgwOTElYom1Cu09gmc894GTpPERa29Gv54lqG6GnpMRhI8QgR2TyOidKu8t+A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 27 Oct 2024 16:44:00 GMT

GET
H3 200 4lCu2zih0ca.svg
static.xx.fbcdn.net/rsrc.php/y1/r/ 2 KB
1 KB 21ms
7ms Image
image/svg+xml 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/y1/r/4lCu2zih0ca.svg

Requested by

Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.xn--qev579g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mOuWB7wXlE6XUTOVRHYuCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 956
reporting-endpoints
x-fb-debug: j2o9u8M5/Cah5gKcdkCe8eQf/Zaxdv/O8/78gZek8jLYUtWo37fvHxMKcY3ukbYJpbGK6S4Z96r0BZGw8SBF0g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=2,i
expires: Tue, 22 Oct 2024 23:08:58 GMT

GET
H2 404 hsts-pixel.gif
andikaputrahidayat.com/security/ 0
0 25ms
2ms Image
text/html 172.96.191.125
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andikaputrahidayat.com/security/hsts-pixel.gif
Requested by: Host: www.facebook.xn--qev579g.xyz
URL: https://www.facebook.xn--qev579g.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.125 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.125-static.reverse.arandomserver.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.xn--qev579g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 cvj8rfO8RgU.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ 3 KB
3 KB 8ms
6ms Image
image/png 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/cvj8rfO8RgU.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Gcqc12s-MFx.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a58b811b01139f699ada37a6a9bcdb5d3767790d6acc66a709750891a20fc6ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Gcqc12s-MFx.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
x-content-type-options: nosniff
content-md5: Pb0/E/1+Z4AC+9LUZbnB1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3404
reporting-endpoints
x-fb-debug: fI5AP5KcwlIHNokBKFpQ7Aa/qYWf/t8dFaTFyiMN6N9KSjKOoOIfk8gIry21mB9PtdiDK2FEPjXG3xtrS48C/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 27 Oct 2024 12:46:18 GMT

GET
H3 200 K804LXnHlWj.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ 10 KB
10 KB 4ms
3ms Image
image/png 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/K804LXnHlWj.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Gcqc12s-MFx.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

232dcc98c74e41dd0d95aee456020689ab6de77aae93d5102f0b50d8d1ec84b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Gcqc12s-MFx.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:46:57 GMT
x-content-type-options: nosniff
content-md5: QD0pezcLyx0H5aVZ4sKkjg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10001
reporting-endpoints
x-fb-debug: BnveOdMdKDS4RrZAI+nkfxakjpCO2aMD29iGuFdIt3iL9qqT13Usqx40/Zlh8m+/YXvSiXF+2czAWhL1t75lqg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 27 Oct 2024 12:15:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://andikaputrahidayat.com/security/hsts-pixel.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3i3kA4/yV/l/en_GB/hwPr0eM9RMB.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3inLb4/yI/l/en_GB/oteTkhi13Db.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/J-tgwrGO2Av.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/y6XwryXmYgW.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3iMb74/yy/l/en_GB/CAs4HwpQN7Q.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/TeovwXu5GSv.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.facebook.xn--qev579g.xyz/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/wi_V2bfx_fB.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andikaputrahidayat.com
static.xx.fbcdn.net
www.facebook.xn--qev579g.xyz
172.96.191.125
2a03:2880:f00c:300:face:b00c:0:3
039d31710a3f4e644b2fd4f2d309eeb93ecadff713827c8220c1ed7e738a18d3
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
232dcc98c74e41dd0d95aee456020689ab6de77aae93d5102f0b50d8d1ec84b5
26eea5fbe6bff7f368ec11e6179bdfca9ac79f1200198dfaa04a615cd2ac9bf0
2c0b087afdf0ee061696c9b40fbc8a6bacb61eee3606d6b0eeb6305dee755d16
31d628c909c2638358ecfdba3bcf0b71bf8c157ae909c67c7eef25f12947733c
4298ee395a40746deda47f6f1e7caa9485ab2e2d68a9539e62e381c238353b10
4de549ad703554664b92ad274104eb22a10d92094888e478be08f5353d1d0434
54f09dd9e2e6c1f3c8d56c13736a6133ec78ee4aca2ec8dccdc9a21b6e06f4a2
5fb29c66a3eda461a11e8dae54fcff64e73c23d6b67a5232fc23f417719d8ebb
6ba6a1d3f18cceeee13698ddef3c39a17f60b0fbd7ef4e6db7eadcb4acc5d32a
8362d18dd557cc0049d5cfd3275e76693679c8e34e9db42fa6fa79a620cad06e
a58b811b01139f699ada37a6a9bcdb5d3767790d6acc66a709750891a20fc6ba
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aa3754df053601710e9b4b7e17c848702d1cee27f0ef9c8730abb51faec6091b
ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98
adccd0848354cb8b7fe20afa71af906b55f59d0353d91a1bd3b1ce8baa4b6e12
af9b6490929e7e92facdf3523b7ac5bf5dc99bde28c5332545e49ff6a7e4569a
c24573b9e434fa959fd2f7746e11e96fa9219a61c25c5f419ff5ffd36c09bc93
cf52e3bbdf992248619d2590cd5450ea88488d57e831b3f6e90a00ee9ded538d
de27f766e1056908af84984d57dc6f63897a0340b2a67f911839c73092982d0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f09be4b04b75866f62ceeeea6bc0333fcd04e747ba1db8d01cff392e860e127d

www.facebook.xn--qev579g.xyz Open in urlscan Pro Puny www.facebook.料金.xyz IDN 172.96.191.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

23 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

256 kBTransfer

877 kBSize

0 Cookies

10 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

9 Console Messages

Indicators

www.facebook.xn--qev579g.xyz Open in urlscan Pro Puny
www.facebook.料金.xyz IDN
172.96.191.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

256 kB
Transfer

877 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!