fbweb.kifflire.com Open in urlscan Pro
23.48.96.225  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 19585410-fb_contact-fra208_2-0903-core1.html Show response fbweb.kifflire.com/	37 KB 10 KB	321ms 4ms	Document text/html	23.48.96.225 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.96.225 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-96-225.deploy.static.akamaitechnologies.com Software tencent-cos / Resource Hash 9828a447a7081be14c1557846fb8a046dc8b19ab2948344be23af7a03f452d9e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin * access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC access-control-max-age 86400 akamai-mon-iucid-del 1381882 cache-control max-age=300 content-encoding gzip content-length 9736 content-type text/html date Tue, 05 Nov 2024 11:06:17 GMT etag "456b653c99393d7ac292e64a531c6e1a" last-modified Tue, 03 Sep 2024 08:03:49 GMT server tencent-cos vary Accept-Encoding x-cos-hash-crc64ecma 12419804435282648576 x-cos-meta-origin fbweb-kifflire x-cos-request-id NjcyOWZjMjNfOGU2ZDQxMWVfMjRkYl8xMTQxN2E2
GET H2	200	f8f9aec1-8505-48fe-be07-aea31b329d6e.png cos.cdreader.com/AdsServer_ft/	241 KB 242 KB	327ms 5ms	Image image/png	23.48.96.248 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cos.cdreader.com/AdsServer_ft/f8f9aec1-8505-48fe-be07-aea31b329d6e.png?imageMogr2/thumbnail/400x/strip/size-limit/35k! Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.96.248 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-96-248.deploy.static.akamaitechnologies.com Software tencent-ci / Resource Hash 4a1c8cd6b9b8c6677d049b4dcd66bc4620791dc13220f128d807e92a9a7d89e8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers x-cos-process-src 1 access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC etag "5a50497ce330ef80db568dfdefa8e0be" x-cos-hash-crc64ecma 8685260572090245539 access-control-allow-methods GET,POST,OPTIONS date Tue, 05 Nov 2024 11:06:17 GMT content-type image/png last-modified Sun, 03 Nov 2024 11:05:04 GMT access-control-allow-headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session cache-control max-age=2591996 timing-allow-origin * x-cos-request-id NjcyOWZjMjVfY2VhNzM4MDlfMzRkMl8xNmQyOWY3 access-control-allow-credentials true x-delay 189373 us accept-ranges bytes access-control-allow-origin * content-length 246934 server tencent-ci akamai-mon-iucid-del 1370090
GET H2	200	clipboard.min.js Show response web.cdreader.com/static/fr/lp/clipboard2.0.6/	10 KB 4 KB	325ms 4ms	Script application/javascript	23.48.97.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://web.cdreader.com/static/fr/lp/clipboard2.0.6/clipboard.min.js Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.97.9 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-97-9.deploy.static.akamaitechnologies.com Software tencent-cos / Resource Hash c1d1ec459db4813829a4690926a9fd37a44076c780fb324b90c4cd02699399a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers x-cos-replication-status Replica access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC content-encoding gzip etag "53323cefc192f759d24a674a612a98d7" x-cos-hash-crc64ecma 10297600581236802185 access-control-allow-methods * date Tue, 05 Nov 2024 11:06:17 GMT content-type application/javascript last-modified Sat, 13 Jan 2024 05:19:08 GMT vary Accept-Encoding access-control-allow-headers * cache-control max-age=31536000 timing-allow-origin * x-cos-version-id MTg0NDUwMzg5NTA1NjEwNjc3MjY x-cos-request-id NjVkMWFlOWZfY2YwZjA4MDlfNDgxMl81NTc3NjMx x-cos-meta-md5 53323cefc192f759d24a674a612a98d7 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 3361 x-cos-meta-origin web-fr-cdreader server tencent-cos akamai-mon-iucid-del 1415995
GET H2	200	sensorsdata.v2.min.js Show response web.cdreader.com/static/fr/lp/	179 KB 52 KB	311ms 5ms	Script application/javascript	23.48.97.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://web.cdreader.com/static/fr/lp/sensorsdata.v2.min.js Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.97.9 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-97-9.deploy.static.akamaitechnologies.com Software tencent-cos / Resource Hash a0f19c1eec053f89a3e7891ba0edda540818eedd046503ec71f560ab21c1ce63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers x-cos-replication-status Replica access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC content-encoding gzip etag "ee94c31c0abf5eabc97fda9e2bb6e8e8" x-cos-hash-crc64ecma 1105370912232555686 access-control-allow-methods * date Tue, 05 Nov 2024 11:06:17 GMT content-type application/javascript last-modified Wed, 08 May 2024 08:49:41 GMT vary Accept-Encoding access-control-allow-headers * cache-control max-age=31536000 timing-allow-origin * x-cos-version-id MTg0NDUwMjg5MTU1Mjc5MDA1MDQ x-cos-request-id NjYzYzc2MmJfOTIyODY3MDlfNGU2MV9hYWNhMmY3 x-cos-meta-md5 ee94c31c0abf5eabc97fda9e2bb6e8e8 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 52352 x-cos-meta-origin web-fr-cdreader server tencent-cos akamai-mon-iucid-del 1415995
GET H2	200	fbweb.20240529.min.js Show response web.cdreader.com/static/fr/lp/script/	8 KB 3 KB	311ms 6ms	Script application/javascript	23.48.97.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://web.cdreader.com/static/fr/lp/script/fbweb.20240529.min.js Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.97.9 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-97-9.deploy.static.akamaitechnologies.com Software tencent-cos / Resource Hash 673a7b7fe248fe7db58ae6bd6800a9754fc7ca0c8adff5f3285c3afc63e0622b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers x-cos-replication-status Replica access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC content-encoding gzip etag "d67bc9279c90be459584c2da5349281e" x-cos-hash-crc64ecma 4957568026204029514 access-control-allow-methods * date Tue, 05 Nov 2024 11:06:17 GMT content-type application/javascript last-modified Thu, 30 May 2024 08:56:37 GMT vary Accept-Encoding access-control-allow-headers * cache-control max-age=31536000 timing-allow-origin * x-cos-version-id MTg0NDUwMjcwMTQzMTE4OTAzODI x-cos-request-id NjZmMzQxNDlfODQ0YzU5MGJfMTFiZjJfNjQ3NmJiMA== x-cos-meta-md5 d67bc9279c90be459584c2da5349281e access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 2834 x-cos-meta-origin web-fr-cdreader server tencent-cos akamai-mon-iucid-del 1415995
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	10ms 4ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sGsjr7WI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 05 Nov 2024 11:06:17 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sGsjr7WI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4424, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug RfJQUi/lh0Pt4yZC26/clrqfnd+LgTKFW2nKG4wqhGcXYgZsZEOPmuktLsYI3Ssjp/zKCCLpqeO5r46CAs/09g== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62086 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	7407433875948999 Show response connect.facebook.net/signals/config/	68 KB 13 KB	3ms 3ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/7407433875948999?v=2.9.176&r=stable&domain=fbweb.kifflire.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 181d50303ab87e2a204293f58172a68d6e07ba78b8bc52beb7716171dcb5370b Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-88D14233' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 05 Nov 2024 11:06:17 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-88D14233' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=77, mss=1232, tbw=70818, tp=67, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug IlC5q9ZFdRa6m44Tea1LQUlmYGk1RttjrkRsuBju+7sNmLm5wrmwPwzAya24kE/MUSH6bk5F0WVxTX8iUvHv5Q== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 13453 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ www.facebook.com/tr/	0 271 B	309ms 3ms	Image text/plain	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=7407433875948999&ev=PageView&dl=https%3A%2F%2Ffbweb.kifflire.com%2F19585410-fb_contact-fra208_2-0903-core1.html%3Fadid%3D%7B%7Bad.id%7D%7D%26char%3D060236%26accid%3D1192455448315527%26rawadid%3D120210024407990639&rl=&if=false&ts=1730804777560&sw=1600&sh=1200&ud[external_id]=0917d6d2ea37ab1c2cd8f8e43c1671ad2b104748d9b4ad8a16e9a08c829f0a35&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730804777559.393483504568294843&ler=empty&cdl=API_unavailable&it=1730804777539&coo=false&rqm=GET Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 05 Nov 2024 11:06:17 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 5 KB	641ms 335ms	Image image/png	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=7407433875948999&ev=PageView&dl=https%3A%2F%2Ffbweb.kifflire.com%2F19585410-fb_contact-fra208_2-0903-core1.html%3Fadid%3D%7B%7Bad.id%7D%7D%26char%3D060236%26accid%3D1192455448315527%26rawadid%3D120210024407990639&rl=&if=false&ts=1730804777560&sw=1600&sh=1200&ud[external_id]=0917d6d2ea37ab1c2cd8f8e43c1671ad2b104748d9b4ad8a16e9a08c829f0a35&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730804777559.393483504568294843&ler=empty&cdl=API_unavailable&it=1730804777539&coo=false&rqm=FGET Requested by Host: fbweb.kifflire.com URL: https://fbweb.kifflire.com/19585410-fb_contact-fra208_2-0903-core1.html?adid={{ad.id}}&char=060236&accid=1192455448315527&rawadid=120210024407990639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433749913268576114"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x14e20510529f1b6f","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["6299020180165779"]},"debug_reporting":true,"debug_key":"3212686433063548977"} date Tue, 05 Nov 2024 11:06:18 GMT content-type image/png vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433749913268576114", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-debug oaS7HWkjdwA5ohqc7kujQt93s8K4wg/jxOMNISOf6IDPVJoZLjU2AGqaAqyVqWewVFt/4aoOYQ/mR619TRUm7g== cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1317, tbw=3231, tp=-1, tpl=-1, uplat=331, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
POST H2	200	projectevent Show response log.51changdu.com/api/	43 B 128 B	415ms 137ms	XHR image/gif	154.206.64.126 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://log.51changdu.com/api/projectevent?project=event_log&remark=online Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/fr/lp/sensorsdata.v2.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 154.206.64.126 Hong Kong, Hong Kong, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://fbweb.kifflire.com/ Response headers access-control-allow-origin * content-length 43 date Tue, 05 Nov 2024 11:06:18 GMT content-type image/gif server nginx
GET H2	200	Fbs2sNotify.ashx Show response analysis.cdreader.com/	49 B 444 B	286ms 268ms	XHR application/x-javascript	23.40.52.150 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analysis.cdreader.com/Fbs2sNotify.ashx?jsver=0801&extid=edfcae33-15de-341c-bcbf-671a47c5d7ba&phone=&email=&exaction=viewcontent&pixelid=7407433875948999&bookid=19585410&appid=331001006&pageid=11800276&fbp=fb.1.1730804777559.393483504568294843&fbc=fb.1.1730804777559.&adid=%7B%7Bad.id%7D%7D&v=1&url=https%3A%2F%2Ffbweb.kifflire.com%2F19585410-fb_contact-fra208_2-0903-core1.html%3Fadid%3D%7B%7Bad.id%7D%7D%26char%3D060236%26accid%3D1192455448315527%26rawadid%3D120210024407990639&chapterindex=0 Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/fr/lp/script/fbweb.20240529.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.52.150 , United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-52-150.deploy.static.akamaitechnologies.com Software / Resource Hash f83978eadc4e9c7de0381613a27701565544f2cdf4afccfe795c9ad2494a1737 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://fbweb.kifflire.com/ Response headers cache-control max-age=0, no-cache, no-store x-aspnet-version 4.0.30319 pragma no-cache access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS expires Tue, 05 Nov 2024 11:06:18 GMT access-control-allow-origin * server-timing edge; dur=1, origin; dur=264, cdn-cache; desc=MISS, ak_p; desc="1730804777849_388460436_268384498_26431_588_6_16_219";dur=1 content-length 49 date Tue, 05 Nov 2024 11:06:18 GMT content-type application/x-javascript; charset=utf-8 access-control-allow-headers Content-Type
POST H2	200	projectevent Show response log.51changdu.com/api/	43 B 129 B	365ms 134ms	XHR image/gif	154.206.64.126 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://log.51changdu.com/api/projectevent?project=event_log&remark=online Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/fr/lp/sensorsdata.v2.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 154.206.64.126 Hong Kong, Hong Kong, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://fbweb.kifflire.com/ Response headers access-control-allow-origin * content-length 43 date Tue, 05 Nov 2024 11:06:18 GMT content-type image/gif server nginx

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setRem string| extid string| g string| appid string| pageid string| pixelId string| bookId string| ndaction string| iOSUrl string| androidUrl function| fbq function| _fbq function| ClipboardJS object| JSON3 object| sensorsDataAnalytic201505 function| getPlatformUrl function| getCookie function| getQueryVariable function| copyToClipboard function| copyNDAction function| parseParams function| setCookie object| sensors string| current_url function| imgLoad function| getChapter function| track function| getNDAction string| input function| Fbs2sNotifyMixAddress function| sensorsdata_app_call_js function| sensorsdata_app_js_bridge_call_js

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kifflire.com/	1970-01-21 02:56:20	Name: _fbp Value: fb.1.1730804777559.393483504568294843
			.kifflire.com/	1970-01-21 00:47:02	Name: sajssdk_2015_cross_new_user Value: 1
			.kifflire.com/	1970-01-21 10:22:44	Name: sensorsdata2015jssdkcross Value: %7B%22distinct_id%22%3A%22192fc01036c2c2-053476d5a63df2-17462c6e-1920000-192fc01036debd%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTkyZmMwMTAzNmMyYzItMDUzNDc2ZDVhNjNkZjItMTc0NjJjNmUtMTkyMDAwMC0xOTJmYzAxMDM2ZGViZCJ9%22%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%22192fc01036c2c2-053476d5a63df2-17462c6e-1920000-192fc01036debd%22%7D
			.kifflire.com/	1970-01-21 00:48:11	Name: adid Value: {{ad.id}}
			.kifflire.com/	1970-01-21 00:48:11	Name: traceid Value: 20241105190617-350d11ca92ed4c33b3b720a3c48a5fab
			.kifflire.com/	1970-01-21 00:48:11	Name: adtype Value: fbs2s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analysis.cdreader.com
connect.facebook.net
cos.cdreader.com
fbweb.kifflire.com
log.51changdu.com
web.cdreader.com
www.facebook.com
154.206.64.126
157.240.8.23
157.240.8.35
23.40.52.150
23.48.96.225
23.48.96.248
23.48.97.9
181d50303ab87e2a204293f58172a68d6e07ba78b8bc52beb7716171dcb5370b
4a1c8cd6b9b8c6677d049b4dcd66bc4620791dc13220f128d807e92a9a7d89e8
673a7b7fe248fe7db58ae6bd6800a9754fc7ca0c8adff5f3285c3afc63e0622b
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9828a447a7081be14c1557846fb8a046dc8b19ab2948344be23af7a03f452d9e
a0f19c1eec053f89a3e7891ba0edda540818eedd046503ec71f560ab21c1ce63
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c1d1ec459db4813829a4690926a9fd37a44076c780fb324b90c4cd02699399a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f83978eadc4e9c7de0381613a27701565544f2cdf4afccfe795c9ad2494a1737