urlscan.io logo urlscan.io
SecurityTrails logo

xsrrq.i299sdgktl.com Open in urlscan Pro
2600:9000:2014:b200:5:ae37:1dc0:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id...
Submission: On September 11 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2600:9000:2014:b200:5:ae37:1dc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is xsrrq.i299sdgktl.com. The Cisco Umbrella rank of the primary domain is 172888.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 22nd 2024. Valid for: a year.
This is the only time xsrrq.i299sdgktl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2600:9000:2014:b200:5:ae37:1dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
xsrrq.i299sdgktl.com
2    13.35.18.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-18-107.sin5.r.cloudfront.net
xsrrq.i299sdgktl.com
2    157.240.7.26 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin6.fbcdn.net
connect.facebook.net
2    2600:9000:2755:d800:7:d5b2:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cache-api.shorttv.live
2    2a03:2880:f10c:381:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:9000:a519:7230:7278:1be7:1caa:c38e (United States)

ASN16509 (AMAZON-02, US)
api.shorttv.live
2    2600:9000:a512:1a9b:2767:f351:5c70:f50 (United States)

ASN16509 (AMAZON-02, US)
api.deeplink.dev
1    2606:4700:3110::6812:32d6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.shorttv.live
Apex Domain
Subdomains		 Transfer
5 shorttv.live
cache-api.shorttv.live — Cisco Umbrella Rank: 95543
api.shorttv.live — Cisco Umbrella Rank: 33976
static.shorttv.live — Cisco Umbrella Rank: 44902
77 KB
5 i299sdgktl.com
xsrrq.i299sdgktl.com — Cisco Umbrella Rank: 172888
50 KB
2 deeplink.dev
api.deeplink.dev
305 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
16 5
Domain Requested by
5 xsrrq.i299sdgktl.com xsrrq.i299sdgktl.com
2 api.deeplink.dev xsrrq.i299sdgktl.com
2 api.shorttv.live xsrrq.i299sdgktl.com
2 www.facebook.com xsrrq.i299sdgktl.com
2 cache-api.shorttv.live xsrrq.i299sdgktl.com
2 connect.facebook.net xsrrq.i299sdgktl.com
connect.facebook.net
1 static.shorttv.live xsrrq.i299sdgktl.com
16 7

This site contains no links.

Subject Issuer Validity Valid
xsrrq.i299sdgktl.com
Amazon RSA 2048 M03		 2024-02-22 -
2025-03-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-20 -
2024-09-18		 3 months crt.sh
*.shorttv.live
Amazon RSA 2048 M03		 2024-08-23 -
2025-09-21		 a year crt.sh
*.deeplink.dev
Amazon RSA 2048 M03		 2024-07-18 -
2025-08-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Frame ID: 6D2B17DAFB29142558E81487B2E9A91F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Divorced Billionaire Heiress

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

202 kB
Transfer

491 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fb02.html
xsrrq.i299sdgktl.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2014:b200:5:ae37:1dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44fc8c45ad3de48c42e44f0e9aabcf7c6d9bca16f3f0fdff266fcd44360a567e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
69009
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Tue, 10 Sep 2024 18:22:40 GMT
etag
W/"796624371ef938c398f40b35ea507b06"
last-modified
Fri, 16 Aug 2024 02:19:37 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f41268584275573cf0f9ec6d6dae8b7a.cloudfront.net (CloudFront)
x-amz-cf-id
xtIz_Hl3samM81w7K-QkcP7bUtorSB_73j7dmyL7ws43Tvs5k5-fEg==
x-amz-cf-pop
HKG1-P1
x-cache
Hit from cloudfront
fb02.css
xsrrq.i299sdgktl.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/fb02.css
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2014:b200:5:ae37:1dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95822e553a70809976c42e4d1d1e4cff3a1b4f027e717b380099f7562d3ec9a4

Request headers

Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 18:32:42 GMT
content-encoding
gzip
via
1.1 f41268584275573cf0f9ec6d6dae8b7a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 02:19:37 GMT
server
AmazonS3
x-amz-cf-pop
HKG1-P1
age
68411
etag
W/"293701ba2a87fccc3f0adf173138ed92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
X8oSmZNXTXjkGHP-hU3pFlM0s1EMJVaIQUzCJlPzxICG9u1Td6RbvA==
hand.png
xsrrq.i299sdgktl.com/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsrrq.i299sdgktl.com/assets/img/hand.png
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2014:b200:5:ae37:1dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c115d42dfb8e7bdac1bbaf1285358a653af8de1e2cb6115361e7cc49416c209e

Request headers

Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 09:26:14 GMT
via
1.1 f41268584275573cf0f9ec6d6dae8b7a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 02:19:38 GMT
server
AmazonS3
x-amz-cf-pop
HKG1-P1
age
14795
etag
"138315d3c05369b165b069e5ed79fbaa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
alt-svc
h3=":443"; ma=86400
content-length
2475
x-amz-cf-id
z5t4VxpDJIe1-GsMVlzoD4kA5G7jbKLj6M7iMG0oZmfA6pqllTf-AQ==
fb02.f3873096877169ae56df.js
xsrrq.i299sdgktl.com/ 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/fb02.f3873096877169ae56df.js
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.18.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-107.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12b6e488fdcf3f79f395191514a4826643033956f3d9212ad58366674dd9dabe

Request headers

Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 21:38:38 GMT
content-encoding
gzip
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 02:19:37 GMT
server
AmazonS3
age
57251
x-amz-cf-pop
SIN5-C1
etag
W/"eedc6b9888fbef154fa7a6a42059bd43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
e9bxiLM6habfvkKY1HzuTgdOxDflvVkre5z4rmqUin_guw7GqOrZ7w==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 11 Sep 2024 13:32:48 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4295, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
4T4Yc/mcvwSTQiw6mGmNhTc6fL/Z5MNuB3r8HfVadXsej60SC9ygpEVeW09TCqmrdJQ5yV01nmCgVioLC9ozZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
getConfig
cache-api.shorttv.live/app/hiCampaignLink/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cache-api.shorttv.live/app/hiCampaignLink/getConfig?adId=31257&pageType=1&ver=001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2755:d800:7:d5b2:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,traceid
Access-Control-Request-Method
GET
Origin
https://xsrrq.i299sdgktl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
6480
age
4067
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Sep 2024 12:25:01 GMT
vary
Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 503185d30898f0ec9039d4166605804a.cloudfront.net (CloudFront)
x-amz-cf-id
87QkRceUClKJPq92G8BdIPtLuMfEANj6CkUvxNa-Vm6QLA2UzMXqWw==
x-amz-cf-pop
SIN2-P4
x-cache
Hit from cloudfront
getConfig
cache-api.shorttv.live/app/hiCampaignLink/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cache-api.shorttv.live/app/hiCampaignLink/getConfig?adId=31257&pageType=1&ver=001
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.f3873096877169ae56df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2755:d800:7:d5b2:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f182d0a4af00a6a0ed036127f5381a6100e535a0579b6dfc7bfc5d244fcd79bd

Request headers

TraceId
101b46c5-aed0-0b27-22e6-fe5d41bd4021
Cache-Control
max-age=5400
Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 11 Sep 2024 12:26:43 GMT
via
1.1 503185d30898f0ec9039d4166605804a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P4
age
3965
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
DIHyXTWFBUHc0mtEvfu98lxRfsYLnPulPEzkBJtF5O9x3SQnrRfBjw==
1312696659413694
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1312696659413694?v=2.9.167&r=stable&domain=xsrrq.i299sdgktl.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
52fde64ae9963761881b607d1c5689e379e268a2af5e433663a6c91e547a01fa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 11 Sep 2024 13:32:48 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13639
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=68, mss=1232, tbw=66935, tp=62, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
Y3lYzofwqey/cPVwNbbmCYVW4EBAmazMHe9spKLziEpJiLvlvTjQNas+3jIX8lEbx1j6pRMuGGE77HfMLH9oqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1312696659413694&ev=PageView&dl=https%3A%2F%2Fxsrrq.i299sdgktl.com%2Ffb02.html%3Fshorttv_adid%3D31257%26language%3Den%26timestamp%3D1722329938985%26utm_source%3Dfacebook%26campaign_id%3D%257B%257Bcampaign.id%257D%257D%26campaign_name%3D%257B%257Bcampaign.name%257D%257D%26adset_id%3D%257B%257Badset.id%257D%257D%26ad_id%3D%257B%257Bad.id%257D%257D%26ad_name%3D%257B%257Bad.name%257D%257D%26fbclid%3DIwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw&rl=&if=false&ts=1726061568567&cd[external_id]=visitor_1726061568453_fa5ee3ad-6c35-a8dd-2f3c-3f029d3679c4&sw=1600&sh=1200&ud[external_id]=eca769475c4861bc60e24284db2df3617fd6cf211c5ea0e6a6dfa2cb48d861fc&v=2.9.167&r=stable&ec=0&o=4126&fbc=fb.1.1726061568555.IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw&fbp=fb.1.1726061568565.403424301378083878&ler=empty&cdl=API_unavailable&it=1726061568530&coo=false&rqm=GET
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2828, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 11 Sep 2024 13:32:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1312696659413694&ev=PageView&dl=https%3A%2F%2Fxsrrq.i299sdgktl.com%2Ffb02.html%3Fshorttv_adid%3D31257%26language%3Den%26timestamp%3D1722329938985%26utm_source%3Dfacebook%26campaign_id%3D%257B%257Bcampaign.id%257D%257D%26campaign_name%3D%257B%257Bcampaign.name%257D%257D%26adset_id%3D%257B%257Badset.id%257D%257D%26ad_id%3D%257B%257Bad.id%257D%257D%26ad_name%3D%257B%257Bad.name%257D%257D%26fbclid%3DIwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw&rl=&if=false&ts=1726061568567&cd[external_id]=visitor_1726061568453_fa5ee3ad-6c35-a8dd-2f3c-3f029d3679c4&sw=1600&sh=1200&ud[external_id]=eca769475c4861bc60e24284db2df3617fd6cf211c5ea0e6a6dfa2cb48d861fc&v=2.9.167&r=stable&ec=0&o=4126&fbc=fb.1.1726061568555.IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw&fbp=fb.1.1726061568565.403424301378083878&ler=empty&cdl=API_unavailable&it=1726061568530&coo=false&rqm=FGET
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6372970c80d9c040","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:7719095321544318","24:7748417251872303","7830:7719095321544318","7830:7748417251872303","10853:7719095321544318","10853:7748417251872303","41:7719095321544318","41:7748417251872303","8046:7719095321544318","8046:7748417251872303"]},"debug_reporting":true,"debug_key":"3365663769345870841"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 11 Sep 2024 13:32:48 GMT
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7413377986343993370", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=3145, tp=-1, tpl=-1, uplat=196, ullat=0
pragma
no-cache
x-fb-debug
aNdD2G8TsjP6AOuzTZAH/+gyAN94fQ577ceEgX0L8cD3hdqYQDvtBpSRpz3I59B8FhbvLYVS+M0anlEVohrVJw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7413377986343993370"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
lpReport
api.shorttv.live/app/hiClickAd/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.shorttv.live/app/hiClickAd/lpReport
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:a519:7230:7278:1be7:1caa:c38e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,pixel_code,pixel_version,timezone,traceid,traceversion,url_param
Access-Control-Request-Method
POST
Origin
https://xsrrq.i299sdgktl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type, pixel_code, pixel_version, timezone, traceid, traceversion, url_param
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
*
access-control-max-age
1800
content-length
0
date
Wed, 11 Sep 2024 13:32:49 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
api.deeplink.dev/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.deeplink.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:a512:1a9b:2767:f351:5c70:f50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xsrrq.i299sdgktl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://xsrrq.i299sdgktl.com
allow
OPTIONS
content-length
0
date
Wed, 11 Sep 2024 13:32:49 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
42bd1134e89c41ecb05b43f1e137e385.jpg
static.shorttv.live/images/cover/2024/07/22/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shorttv.live/images/cover/2024/07/22/42bd1134e89c41ecb05b43f1e137e385.jpg?auth_key=1726057603-0-0-cb798a596a9ee39e5df37c9956a1d2a6&x-oss-process=m_fit,h_480
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:32d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997b0074b5da27719f2e8af0833cccf4e68dc234bd55ce8c76c54375022f12d6

Request headers

Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 13:32:49 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 15 Aug 2024 09:40:18 GMT
server
cloudflare
x-cos-hash-crc64ecma
7995480277470028793
etag
"d52a86c13cca954791b45b7d634885f6"
x-cache-status
miss
vary
Accept-Encoding
content-type
image/jpeg
x-cos-request-id
NjZkMGQ1MTZfOGI5MTUwMGJfMzQzZmRfNTNlMmZlNw==
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
8c1806a3dab78319-SIN
content-length
76838
lpReport
api.shorttv.live/app/hiClickAd/ 		56 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shorttv.live/app/hiClickAd/lpReport
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.f3873096877169ae56df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:a519:7230:7278:1be7:1caa:c38e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
acec8d072b6318e80018e8007bf28c5528d9368fb764da134d44f5e3d6c8d44c

Request headers

TraceVersion
6.0.0
pixel_version
26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
TraceId
e1b4ba77-0cd2-a8a9-ad04-5e249ee146f0
pixel_code
1312696659413694
Referer
https://xsrrq.i299sdgktl.com/
url_param
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
timezone
Asia/Singapore

Response headers

access-control-allow-origin
*
date
Wed, 11 Sep 2024 13:32:49 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
/
api.deeplink.dev/ 		100 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.deeplink.dev/
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.f3873096877169ae56df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:a512:1a9b:2767:f351:5c70:f50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d8249472ecc0f1c024de768a82ec46cac8d7ad0202c8e158131847f3c65b8bfc

Request headers

Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-trace-id
17d3637ae75f4924862ff3c0a1613296.175.17260615692605053
access-control-allow-origin
https://xsrrq.i299sdgktl.com
date
Wed, 11 Sep 2024 13:32:49 GMT
access-control-allow-headers
content-type
content-length
100
allow
POST
content-type
application/json
favicon.ico
xsrrq.i299sdgktl.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.18.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-107.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7847caca483ec51f627618590f410e88df9d907bc89a8df4aed66a3d40efdf56

Request headers

Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=31257&language=en&timestamp=1722329938985&utm_source=facebook&campaign_id=%7B%7Bcampaign.id%7D%7D&campaign_name=%7B%7Bcampaign.name%7D%7D&adset_id=%7B%7Badset.id%7D%7D&ad_id=%7B%7Bad.id%7D%7D&ad_name=%7B%7Bad.name%7D%7D&fbclid=IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:07:32 GMT
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 02:19:37 GMT
server
AmazonS3
age
80717
x-amz-cf-pop
SIN5-C1
etag
"bc7368d1d62cf53fc7503114f728817e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
alt-svc
h3=":443"; ma=86400
content-length
4286
x-amz-cf-id
3QhPmEs2s5AET-sBsP9J6uOoYZJ6xOZG8I811cjH3BCyQoCSc4BdyA==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| hostMapping string| pixel_code string| pixel_version function| guid1 string| visitorId function| fbq function| _fbq function| md5 function| getSign

2 Cookies

Domain/Path Name / Value
.i299sdgktl.com/ Name: _fbc
Value: fb.1.1726061568555.IwY2xjawFOez5leHRuA2FlbQIxMAABHXZrInhRgchOhrr4EfUv2b-k26yFdCJNioShTLYS4SZaRQlUAP_Svs3MLg_aem_PvOL9ygbslbTHdHzX9YcDw
.i299sdgktl.com/ Name: _fbp
Value: fb.1.1726061568565.403424301378083878