urlscan.io logo urlscan.io
SecurityTrails logo

xsrrq.i299sdgktl.com Open in urlscan Pro
108.138.106.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id...
Submission: On October 06 via manual from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 108.138.106.56, located in United States and belongs to AMAZON-02, US. The main domain is xsrrq.i299sdgktl.com. The Cisco Umbrella rank of the primary domain is 266961.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 22nd 2024. Valid for: a year.
This is the only time xsrrq.i299sdgktl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 108.138.106.56 16509 (AMAZON-02)
2 31.13.71.7 32934 (FACEBOOK)
2 52.85.61.31 16509 (AMAZON-02)
2 31.13.71.36 32934 (FACEBOOK)
2 3.33.158.65 16509 (AMAZON-02)
1 104.18.53.93 13335 (CLOUDFLAR...)
2 15.197.202.199 16509 (AMAZON-02)
16 7
5    108.138.106.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-56.jfk50.r.cloudfront.net
xsrrq.i299sdgktl.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
2    52.85.61.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-31.ewr53.r.cloudfront.net
cache-api.shorttv.live
2    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
2    3.33.158.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab08566e8e29be2a5.awsglobalaccelerator.com
api.shorttv.live
1    104.18.53.93 (None, )

ASN13335 (CLOUDFLARENET, US)
static.shorttv.live
2    15.197.202.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: af9e288cd61fe7c39.awsglobalaccelerator.com
api.deeplink.dev
Apex Domain
Subdomains		 Transfer
5 shorttv.live
cache-api.shorttv.live — Cisco Umbrella Rank: 133408
api.shorttv.live — Cisco Umbrella Rank: 37095
static.shorttv.live — Cisco Umbrella Rank: 58285
80 KB
5 i299sdgktl.com
xsrrq.i299sdgktl.com — Cisco Umbrella Rank: 266961
51 KB
2 deeplink.dev
api.deeplink.dev — Cisco Umbrella Rank: 128485
324 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
16 5
Domain Requested by
5 xsrrq.i299sdgktl.com xsrrq.i299sdgktl.com
2 api.deeplink.dev xsrrq.i299sdgktl.com
2 api.shorttv.live xsrrq.i299sdgktl.com
2 www.facebook.com xsrrq.i299sdgktl.com
2 cache-api.shorttv.live xsrrq.i299sdgktl.com
2 connect.facebook.net xsrrq.i299sdgktl.com
connect.facebook.net
1 static.shorttv.live xsrrq.i299sdgktl.com
16 7

This site contains no links.

Subject Issuer Validity Valid
xsrrq.i299sdgktl.com
Amazon RSA 2048 M03		 2024-02-22 -
2025-03-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.shorttv.live
Amazon RSA 2048 M03		 2024-08-23 -
2025-09-21		 a year crt.sh
*.deeplink.dev
Amazon RSA 2048 M03		 2024-07-18 -
2025-08-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Frame ID: D40B28617BE29B636AD503108B1750BF
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Divorced Billionaire Heiress

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

207 kB
Transfer

500 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fb02.html
xsrrq.i299sdgktl.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53fa0a016a362fba5ba73260105974366cf41d5f67efc4fbb281a71f6b8e77d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
16572
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Sun, 06 Oct 2024 06:14:46 GMT
etag
W/"e01706a01461b501b15055bd7724800a"
last-modified
Sat, 14 Sep 2024 08:09:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
x-amz-cf-id
sT9vM0NpR2XdRhLKr-3jnBhIl0OXg2qK3CE-9YKIjD9y4OAVJqpE3w==
x-amz-cf-pop
JFK50-P3
x-cache
Hit from cloudfront
fb02.css
xsrrq.i299sdgktl.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/fb02.css
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95822e553a70809976c42e4d1d1e4cff3a1b4f027e717b380099f7562d3ec9a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow

Response headers

content-encoding
gzip
etag
W/"293701ba2a87fccc3f0adf173138ed92"
age
16539
via
1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4daujUc9LvYIklOmVvn_F4k_7g4Jyzt3LwcJMN-K8bsLLJVdrv0iDA==
date
Sun, 06 Oct 2024 06:15:18 GMT
content-type
text/css
last-modified
Sat, 14 Sep 2024 08:09:06 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
hand.png
xsrrq.i299sdgktl.com/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsrrq.i299sdgktl.com/assets/img/hand.png
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c115d42dfb8e7bdac1bbaf1285358a653af8de1e2cb6115361e7cc49416c209e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow

Response headers

etag
"138315d3c05369b165b069e5ed79fbaa"
age
78728
via
1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
2475
x-amz-cf-id
3D43RJRV_9kRtfx24Rtb6xuJ9fMqyIrMY49r_n5wMAi8oDn0F_Bc6g==
date
Sat, 05 Oct 2024 12:58:50 GMT
content-type
image/png
last-modified
Sat, 14 Sep 2024 08:09:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
fb02.e9c205706ee38bb85e1c.js
xsrrq.i299sdgktl.com/ 		112 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/fb02.e9c205706ee38bb85e1c.js
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ace6e2470a7ec637aec9ee073ef9f1b6b27bd5c5dd2e8584ed36ba33d7860bb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow

Response headers

content-encoding
gzip
etag
W/"eec8fcde2a5f50e222c8ff95e33ad6d1"
age
75054
via
1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zoDF-MbP7LQmepQzWuIK0gbpuASRER7zZLnZvj79BM4nOvGlD5c6Ng==
date
Sat, 05 Oct 2024 14:00:04 GMT
content-type
text/javascript
last-modified
Sat, 14 Sep 2024 08:09:05 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sun, 06 Oct 2024 10:50:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
m9DCFuQ8CYS1xbyZeqAQ/Q2hvSa+eBA8kzsTYh8QNWwRDYSBqxFsRwvfmjj4fv/QS0I9Dw31PloUn2o1d0VikA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
getConfig
cache-api.shorttv.live/app/hiCampaignLink/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cache-api.shorttv.live/app/hiCampaignLink/getConfig?adId=30547&pageType=1&ver=001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-31.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,traceid
Access-Control-Request-Method
GET
Origin
https://xsrrq.i299sdgktl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
6480
age
2857
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 06 Oct 2024 10:03:21 GMT
vary
Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-amz-cf-id
J5ygmrd9XLPNs612a7gD2Oq6XUJij2Uacwfjdu0MhDybgx_aXQNZhg==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
getConfig
cache-api.shorttv.live/app/hiCampaignLink/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cache-api.shorttv.live/app/hiCampaignLink/getConfig?adId=30547&pageType=1&ver=001
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.e9c205706ee38bb85e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-31.ewr53.r.cloudfront.net
Software
/
Resource Hash
2799996ae6ece12699381df4b3904d78dac1a36d7a20224d7248f77895aa1d22

Request headers

Cache-Control
max-age=5400
Referer
https://xsrrq.i299sdgktl.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
TraceId
171e3376-f9c9-c42c-6b62-c050c6fa19e3
content-type
application/json

Response headers

age
3672
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
dnL6tv-5yByJWyodBY9JJp7x83mAtDcjl8-UO4B9QbIF9jnMJhWW1g==
date
Sun, 06 Oct 2024 09:49:46 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
access-control-allow-origin
*
1312696659413694
connect.facebook.net/signals/config/ 		70 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1312696659413694?v=2.9.170&r=stable&domain=xsrrq.i299sdgktl.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
d1518dca3e7ef67d46dc1250a02ea45bd65b64cbdabb615bc0f22698b3e3d85f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sun, 06 Oct 2024 10:50:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=74, mss=1232, tbw=67258, tp=62, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
BrHMJ8ZSKjUToHKNiwpUaUUPs1abaPJ0nSq9DFfhphaS3K5A0dhOI/UaHigfLRDgprcoHTRkRCv9HZr1brdo4w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
14793
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1312696659413694&ev=PageView&dl=https%3A%2F%2Fxsrrq.i299sdgktl.com%2Ffb02.html%3Fshorttv_adid%3D30547%26language%3Den%26timestamp%3D1721496000106%26utm_source%3Dfacebook%26campaign_id%3D120213494364700673%26campaign_name%3Dapp-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68%26adset_id%3D120213494364720673%26ad_id%3D120213494364610673%26ad_name%3D125463_en_FB_shc_0912_lw-9-16-02-qt-cc%26fbclid%3DPAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow&rl=&if=false&ts=1728211858089&cd[external_id]=visitor_1728211857888_2102d53d-c9ed-fc0d-5cff-51c6aa5bc626&sw=1600&sh=1200&ud[external_id]=889584a04ce21f55b9582f1ebd08abd2f83cb3f100e6017c7a911ba945164a74&v=2.9.170&r=stable&ec=0&o=4126&fbc=fb.1.1728211858078.PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow&fbp=fb.1.1728211858088.502621941639018394&ler=empty&cdl=API_unavailable&it=1728211858022&coo=false&exp=h2&rqm=GET
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=2914, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 06 Oct 2024 10:50:58 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1312696659413694&ev=PageView&dl=https%3A%2F%2Fxsrrq.i299sdgktl.com%2Ffb02.html%3Fshorttv_adid%3D30547%26language%3Den%26timestamp%3D1721496000106%26utm_source%3Dfacebook%26campaign_id%3D120213494364700673%26campaign_name%3Dapp-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68%26adset_id%3D120213494364720673%26ad_id%3D120213494364610673%26ad_name%3D125463_en_FB_shc_0912_lw-9-16-02-qt-cc%26fbclid%3DPAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow&rl=&if=false&ts=1728211858089&cd[external_id]=visitor_1728211857888_2102d53d-c9ed-fc0d-5cff-51c6aa5bc626&sw=1600&sh=1200&ud[external_id]=889584a04ce21f55b9582f1ebd08abd2f83cb3f100e6017c7a911ba945164a74&v=2.9.170&r=stable&ec=0&o=4126&fbc=fb.1.1728211858078.PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow&fbp=fb.1.1728211858088.502621941639018394&ler=empty&cdl=API_unavailable&it=1728211858022&coo=false&exp=h2&rqm=FGET
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7422613412307922430"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6372970c80d9c040","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["7719095321544318","7748417251872303"]},"debug_reporting":true,"debug_key":"2120335252775394797"}
date
Sun, 06 Oct 2024 10:50:58 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
A+s0RzoMJrqjGBefEcYn51n1r7GH8Ut6q5nH0QsJIELgWrt09N/80me0X9OYA6gRgKmw7gys0g1vfTtMz3wkrA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7422613412307922430", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=3232, tp=-1, tpl=-1, uplat=111, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
lpReport
api.shorttv.live/app/hiClickAd/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.shorttv.live/app/hiClickAd/lpReport
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab08566e8e29be2a5.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,pixel_code,pixel_version,timezone,traceid,traceversion,url_param
Access-Control-Request-Method
POST
Origin
https://xsrrq.i299sdgktl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type, pixel_code, pixel_version, timezone, traceid, traceversion, url_param
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
*
access-control-max-age
1800
content-length
0
date
Sun, 06 Oct 2024 10:50:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fac9b3faf840404c8f1c85c7bbbdbb88.jpeg
static.shorttv.live/images/cover/2024/07/06/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shorttv.live/images/cover/2024/07/06/fac9b3faf840404c8f1c85c7bbbdbb88.jpeg?auth_key=1728208186-0-0-e4beb99aa0ab25e67d7fda650419b007&x-oss-process=m_fit,h_480
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.53.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbff0aa793a08c19ec43d0a99941f1f760795813d7ed5a9f539193ee490ccc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/

Response headers

x-cache-status
miss
cf-cache-status
HIT
etag
"2bb4fd16d89501d21ff3d2e962850693"
x-cos-request-id
NjZlYjFjODRfMTFlZjVlMGJfNzA4OF8zMjFjZDc0
x-cos-hash-crc64ecma
18440854269657385035
via
1.1 google
cf-ray
8ce517f1b9e93a02-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
79512
date
Sun, 06 Oct 2024 10:50:58 GMT
content-type
image/jpeg
last-modified
Thu, 08 Aug 2024 20:10:11 GMT
vary
Accept-Encoding
server
cloudflare
/
api.deeplink.dev/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.deeplink.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.202.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af9e288cd61fe7c39.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xsrrq.i299sdgktl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-time-zone, x-sdk-version
access-control-allow-origin
https://xsrrq.i299sdgktl.com
allow
OPTIONS
content-length
0
date
Sun, 06 Oct 2024 10:50:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
lpReport
api.shorttv.live/app/hiClickAd/ 		86 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shorttv.live/app/hiClickAd/lpReport
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.e9c205706ee38bb85e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab08566e8e29be2a5.awsglobalaccelerator.com
Software
/
Resource Hash
e7316cac628aebe199eadcf032c6509d80a25c51dd91202f0609487cf3c9dd37

Request headers

url_param
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
pixel_version
26
Referer
https://xsrrq.i299sdgktl.com/
timezone
America/Vancouver
TraceVersion
6.0.0
pixel_code
1312696659413694
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
TraceId
b15ee912-548b-26a9-bb83-8b6d6f5f128c
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 06 Oct 2024 10:50:58 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
api.deeplink.dev/ 		99 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.deeplink.dev/
Requested by
Host: xsrrq.i299sdgktl.com
URL: https://xsrrq.i299sdgktl.com/fb02.e9c205706ee38bb85e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.202.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af9e288cd61fe7c39.awsglobalaccelerator.com
Software
/
Resource Hash
42faf911f63c714bf7b54bce0c5be45d21227e0cb4231009d2d9c440629d6d1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xsrrq.i299sdgktl.com/

Response headers

access-control-allow-headers
content-type, x-time-zone, x-sdk-version
allow
POST
access-control-allow-origin
https://xsrrq.i299sdgktl.com
content-length
99
date
Sun, 06 Oct 2024 10:50:58 GMT
content-type
application/json
x-trace-id
f0e8648cd7624dbe9ce06f63597a5747.153.17282118584103045
favicon.ico
xsrrq.i299sdgktl.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsrrq.i299sdgktl.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7847caca483ec51f627618590f410e88df9d907bc89a8df4aed66a3d40efdf56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xsrrq.i299sdgktl.com/fb02.html?shorttv_adid=30547&language=en&timestamp=1721496000106&utm_source=facebook&campaign_id=120213494364700673&campaign_name=app-shorttv_channel-fb_invest-w2a_system-all_optimist-lw_date-0721_shortid-125463_unlocktype-auto_paypoint-auto_epprice-auto_feesku-auto_adswitch-0_00919-Y-68&adset_id=120213494364720673&ad_id=120213494364610673&ad_name=125463_en_FB_shc_0912_lw-9-16-02-qt-cc&fbclid=PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow

Response headers

x-amz-cf-pop
JFK50-P3
etag
"bc7368d1d62cf53fc7503114f728817e"
age
15479
via
1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
4286
x-amz-cf-id
CtkYp-KP6gGWFY7QDgWuRykgRMalHQOIaWyQ6ZPSd58ERgYIRAd92w==
date
Sun, 06 Oct 2024 06:33:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
server
AmazonS3
last-modified
Sat, 14 Sep 2024 08:09:01 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| hostMapping string| pixel_code string| pixel_version function| guid1 string| visitorId function| fbq function| _fbq string| iplistIplist function| md5 function| getSign

3 Cookies

Domain/Path Name / Value
.i299sdgktl.com/ Name: _fbc
Value: fb.1.1728211858078.PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow
.i299sdgktl.com/ Name: _fbp
Value: fb.1.1728211858088.502621941639018394
xsrrq.i299sdgktl.com/ Name: _fbc
Value: fb.1.1728211858078.PAZXh0bgNhZW0BMAABpnb1Xjzr9AFauDxfAztL48w_vMNZu8mm_4h6tHmlqe0NchTLt0VqHiuDkw_aem_5UPbhTGVqNv1LxELs1IPow