eapi.wwa-ios.com Open in urlscan Pro
2606:4700:20::681a:409 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coinvulcanos.shop/?shiny
Effective URL:
https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu....
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On August 14 via api (August 14th 2025, 10:42:53 pm UTC) from JP — Scanned from JP

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 8 HTTP transactions. The main IP is 2606:4700:20::681a:409, located in and belongs to CLOUDFLARENET, US. The main domain is eapi.wwa-ios.com.
TLS certificate: Issued by WE1 on June 22nd 2025. Valid for: 3 months.

This is the only time eapi.wwa-ios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:4c73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:8ccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:20:... 2606:4700:20::681a:409	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f10... 2a03:2880:f10f:187:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	4

1 2606:4700:3035::6815:4c73 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coinvulcanos.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ccc (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

limbgtu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:409 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eapi.wwa-ios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10f:187:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 121	4 KB
3	wwa-ios.com 1 redirects eapi.wwa-ios.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 225	97 KB
1	limbgtu.xyz 1 redirects limbgtu.xyz	605 B
1	coinvulcanos.shop 1 redirects coinvulcanos.shop	1 KB
0	apple.com Failed apps.apple.com — Cisco Umbrella Rank: 415 Failed
8	6

	Domain	Requested by
3	www.facebook.com	connect.facebook.net eapi.wwa-ios.com
3	eapi.wwa-ios.com	1 redirects
2	connect.facebook.net	eapi.wwa-ios.com connect.facebook.net
1	limbgtu.xyz	1 redirects
1	coinvulcanos.shop	1 redirects
0	apps.apple.com Failed	eapi.wwa-ios.com
8	6

This site contains no links.

Subject Issuer	Validity	Valid
wwa-ios.com WE1	`2025-06-22` - `2025-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-05-24` - `2025-08-22`	3 months	crt.sh

This page contains 1 frames:

Frame: itms-appss://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mgateam_{{campaign.name}}_{{adset.name}}_{{ad.name}}_xxx_kypka
Frame ID: 2B9BCA8C57730197FB2C3324D52DC99B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wild Game

Page URL History Show full URLs

http://coinvulcanos.shop/?shiny HTTP 307
https://coinvulcanos.shop/?shiny HTTP 302
https://limbgtu.xyz/?pixel_id=710738254799319&sub1=NK&sub2={{campaign.name}}&sub3={{adset.name}}... HTTP 302
https://eapi.wwa-ios.com/configuration/redirect?click_source&fbclid=%7Bfbclid%7D&pixel_id=71073825479... HTTP 301
https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=7107382547... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

102 kB
Transfer

388 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coinvulcanos.shop/?shiny HTTP 307
https://coinvulcanos.shop/?shiny HTTP 302
https://limbgtu.xyz/?pixel_id=710738254799319&sub1=NK&sub2={{campaign.name}}&sub3={{adset.name}}&sub4={{ad.name}}&sub6=kypka&sub7=nikitakypa HTTP 302
https://eapi.wwa-ios.com/configuration/redirect?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa HTTP 301
https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mgateam_{{campaign.name}}_{{adset.name}}_{{ad.name}}_xxx_kypka HTTP 301
itms-appss://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mgateam_{{campaign.name}}_{{adset.name}}_{{ad.name}}_xxx_kypka

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
eapi.wwa-ios.com/configuration/redirect/
Redirect Chain

http://coinvulcanos.shop/?shiny
https://coinvulcanos.shop/?shiny
https://limbgtu.xyz/?pixel_id=710738254799319&sub1=NK&sub2={{campaign.name}}&sub3={{adset.name}}&sub4={{ad.name}}&sub6=kypka&sub7=nikitakypa
https://eapi.wwa-ios.com/configuration/redirect?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%...
https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=...

1 KB
1 KB

604ms
602ms

Document
text/html

2606:4700:20::681a:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:409 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b0ccfbb6844d088735ae9808ced8600a7ec9b1db5bd05d56e874b2e13a1341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

allow: GET, HEAD, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 96f3f7da8faed51b-NRT
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 14 Aug 2025 22:42:56 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy: same-origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=G9u4r5HVOZ9qoh%2BuhpucLPT35WjDEDlw05Vm7jIjxpr%2FCnLXOxRuMIbF3VSFemP4LFbTvN2%2F0LucMZQnqZjrhE%2BP7tDWVwJo%2FkGcqueXnQ%2BdOfXFuD4uwMw5Tg%3D%3D"}]}
server: cloudflare
vary: origin, Cookie
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 96f3f7d76cabd51b-NRT
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 14 Aug 2025 22:42:55 GMT
location: /configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy: same-origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FPZH81ezzfhhFtw9dNqAVSADg5CSjdyI9Cc0eu1%2BNOdqk5A%2BtjHX4JK5OVqgxHrZqKbfIPkzUO5%2BrsKatfvFZLndHrzUXFyVAl2NkMq3%2B29XV47SeA4LDSockA%3D%3D"}]}
server: cloudflare
vary: origin, Cookie
x-content-type-options: nosniff

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 303 KB
81 KB 13ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: eapi.wwa-ios.com
URL: https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37153f36bba69c0ab5b9f82b3a214dc7e72693dec131556dfc91df6e91c61dc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-ycl2ypbj' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Aug 2025 22:42:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-ycl2ypbj' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=14, mss=1297, tbw=4512, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: FNY9M/8A9Gtj81SJHHr2t1LUmsirUjAFkGy5fwAIVKrgjvNlr9tfoC5NfF2bRl8EywjvOyXMKsQYExI4Sj885Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
content-length: 79943
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 710738254799319 Show response
connect.facebook.net/signals/config/ 83 KB
16 KB 269ms
268ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/710738254799319?v=2.9.224&r=stable&domain=eapi.wwa-ios.com&hme=2e9ee56babe122798b967566f46100108daa710154b06378259c746cb66ac325&ex_m=83%2C143%2C124%2C18%2C117%2C58%2C40%2C118%2C64%2C57%2C131%2C72%2C13%2C82%2C26%2C112%2C103%2C62%2C65%2C111%2C128%2C91%2C133%2C7%2C3%2C4%2C6%2C5%2C2%2C73%2C81%2C134%2C208%2C155%2C52%2C213%2C210%2C211%2C45%2C170%2C25%2C61%2C217%2C216%2C158%2C28%2C51%2C8%2C54%2C77%2C78%2C79%2C84%2C107%2C27%2C24%2C110%2C106%2C105%2C125%2C63%2C127%2C126%2C41%2C108%2C50%2C100%2C12%2C130%2C37%2C199%2C201%2C165%2C21%2C22%2C23%2C15%2C16%2C36%2C33%2C34%2C68%2C74%2C76%2C89%2C116%2C119%2C38%2C90%2C19%2C17%2C94%2C59%2C31%2C121%2C120%2C122%2C113%2C20%2C30%2C49%2C88%2C129%2C29%2C180%2C151%2C257%2C197%2C141%2C183%2C176%2C86%2C109%2C67%2C98%2C44%2C39%2C96%2C97%2C102%2C48%2C14%2C104%2C95%2C55%2C43%2C46%2C0%2C80%2C132%2C1%2C101%2C11%2C99%2C9%2C47%2C75%2C53%2C123%2C56%2C93%2C71%2C70%2C42%2C114%2C69%2C66%2C60%2C92%2C85%2C35%2C115%2C32%2C87%2C10%2C135

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8b2f7247dc8e4c6e6f9591b1d4fb8fe7e4d627988ba2ec2a13fc141f60e0876

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-5LCf7RJ5' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Aug 2025 22:42:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-5LCf7RJ5' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=84, mss=1297, tbw=87627, tp=-1, tpl=-1, uplat=265, ullat=0
pragma: public
x-fb-debug: SM0619p3wqpt+j9vPIz9XmzlGVvLeGOrAQKb+IrZOoAYwA5JoFx5gx7ugzsIlGM/y0Uk7Vz3Jn09y3RTsLqeOw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 377ms
367ms Fetch
image/png 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=710738254799319

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/710738254799319?v=2.9.224&r=stable&domain=eapi.wwa-ios.com&hme=2e9ee56babe122798b967566f46100108daa710154b06378259c746cb66ac325&ex_m=83%2C143%2C124%2C18%2C117%2C58%2C40%2C118%2C64%2C57%2C131%2C72%2C13%2C82%2C26%2C112%2C103%2C62%2C65%2C111%2C128%2C91%2C133%2C7%2C3%2C4%2C6%2C5%2C2%2C73%2C81%2C134%2C208%2C155%2C52%2C213%2C210%2C211%2C45%2C170%2C25%2C61%2C217%2C216%2C158%2C28%2C51%2C8%2C54%2C77%2C78%2C79%2C84%2C107%2C27%2C24%2C110%2C106%2C105%2C125%2C63%2C127%2C126%2C41%2C108%2C50%2C100%2C12%2C130%2C37%2C199%2C201%2C165%2C21%2C22%2C23%2C15%2C16%2C36%2C33%2C34%2C68%2C74%2C76%2C89%2C116%2C119%2C38%2C90%2C19%2C17%2C94%2C59%2C31%2C121%2C120%2C122%2C113%2C20%2C30%2C49%2C88%2C129%2C29%2C180%2C151%2C257%2C197%2C141%2C183%2C176%2C86%2C109%2C67%2C98%2C44%2C39%2C96%2C97%2C102%2C48%2C14%2C104%2C95%2C55%2C43%2C46%2C0%2C80%2C132%2C1%2C101%2C11%2C99%2C9%2C47%2C75%2C53%2C123%2C56%2C93%2C71%2C70%2C42%2C114%2C69%2C66%2C60%2C92%2C85%2C35%2C115%2C32%2C87%2C10%2C135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-eoee0KQl' blob: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?brsid=7538575463582903078&cpp=C3&cv=1025915895&st=1755211377098"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Aug 2025 22:42:57 GMT
content-type: image/png
vary: Origin, Accept-Encoding
x-fb-debug: I+bNTgMHAOzLvNKzqKCtBtQcnQ9X9EcwOuA/QBPjEwNs58Ae4W89wdC8UxdgEfd2TrubVAFYmAYa+fmGPQphEQ==
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?brsid=7538575463582903078&cpp=C3&cv=1025915895&st=1755211377098", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-eoee0KQl' blob: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=4506, tp=-1, tpl=-1, uplat=362, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 13ms
4ms Image
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=710738254799319&ev=PageView&dl=https%3A%2F%2Feapi.wwa-ios.com%2Fconfiguration%2Fredirect%2F%3Fclick_source%26fbclid%3D%257Bfbclid%257D%26pixel_id%3D710738254799319%26refer%3Dlimbgtu.xyz%26sub1%3DNK%26sub2%3D%257B%257Bcampaign.name%257D%257D%26sub3%3D%257B%257Badset.name%257D%257D%26sub4%3D%257B%257Bad.name%257D%257D%26sub6%3Dkypka%26sub7%3Dnikitakypa&rl=&if=false&ts=1755211376798&sw=1600&sh=1200&v=2.9.224&r=stable&ec=0&o=4126&fbc=fb.1.1755211376783.%7Bfbclid%7D&fbcs=fb.1.1755211376783.%7Bfbclid%7D%2Cfb.1.1755211376781.%7Bfbclid%7D&fbp=fb.1.1755211376796.448925899470955920&ler=empty&cdl=API_unavailable&fev=1&bfs[d]=1&pmd[title]=Wild%20Game&plt=2532.5&it=1755211376488&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=4518, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 14 Aug 2025 22:42:56 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 411ms
402ms Image
image/png 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=710738254799319&ev=PageView&dl=https%3A%2F%2Feapi.wwa-ios.com%2Fconfiguration%2Fredirect%2F%3Fclick_source%26fbclid%3D%257Bfbclid%257D%26pixel_id%3D710738254799319%26refer%3Dlimbgtu.xyz%26sub1%3DNK%26sub2%3D%257B%257Bcampaign.name%257D%257D%26sub3%3D%257B%257Badset.name%257D%257D%26sub4%3D%257B%257Bad.name%257D%257D%26sub6%3Dkypka%26sub7%3Dnikitakypa&rl=&if=false&ts=1755211376798&sw=1600&sh=1200&v=2.9.224&r=stable&ec=0&o=4126&fbc=fb.1.1755211376783.%7Bfbclid%7D&fbcs=fb.1.1755211376783.%7Bfbclid%7D%2Cfb.1.1755211376781.%7Bfbclid%7D&fbp=fb.1.1755211376796.448925899470955920&ler=empty&cdl=API_unavailable&fev=1&bfs[d]=1&pmd[title]=Wild%20Game&plt=2532.5&it=1755211376488&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-1dJt7CxK' blob: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?brsid=7538575458181523239&cpp=C3&cv=1025910204&st=1755211376884"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Aug 2025 22:42:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: greMQ8WfvkqCNPPCp8nm2mfK91qNXKG6I7v4PE1pDIag24jX1fJ+HQ8FYL12q5MX2YipUivUv21A+3jRVhcjzA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?brsid=7538575458181523239&cpp=C3&cv=1025910204&st=1755211376884", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-1dJt7CxK' blob: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=4835, tp=-1, tpl=-1, uplat=396, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

GET

id6742196695
apps.apple.com/us/app/plunk-drift/
Redirect Chain

https://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mgateam...
itms-appss://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mg...

0
0

GET
H2 404 favicon.ico
eapi.wwa-ios.com/ 179 B
433 B 486ms
486ms Other
text/html 2606:4700:20::681a:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eapi.wwa-ios.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:409 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5547992afdadb59737c5c0feb1a35dff294cd27145bf290c031737ecf8a2577d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cross-origin-opener-policy: same-origin
cf-cache-status: EXPIRED
content-encoding: br
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hgoANGcqVQE8K3SMV8F2hKvBaajM0rxwdj07QPNNDD3G5AusypcEgzHvl%2BjKMEAFEuz6Ffpll3fHnIKd2cz46tnC2cZCOXV3jJ7nT5HIOWF5Ra015IvUQGqKXA%3D%3D"}]}
x-content-type-options: nosniff
referrer-policy: same-origin
cf-ray: 96f3f7e4ea59d51b-NRT
date: Thu, 14 Aug 2025 22:42:57 GMT
content-type: text/html; charset=utf-8
vary: origin, Cookie, accept-encoding
server: cloudflare
x-frame-options: DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apps.apple.com
URL: itms-appss://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mgateam_{{campaign.name}}_{{adset.name}}_{{ad.name}}_xxx_kypka

Verdicts & Comments Add Verdict or Comment

2 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.apple.com/us/app/plunk-drift	1969-12-31 23:59:59	Name: geo Value: JP
coinvulcanos.shop/	1970-01-21 16:19:07	Name: piuidicuams Value: 044a6de0-7960-11f0-aef2-4f7678c579e2
coinvulcanos.shop/	1970-01-21 16:19:07	Name: pcpn6ol10z Value: https%3A%2F%2Flimbgtu.xyz%2F%3Fpixel_id%3D710738254799319%26sub1%3DNK%26sub2%3D%7B%7Bcampaign.name%7D%7D%26sub3%3D%7B%7Badset.name%7D%7D%26sub4%3D%7B%7Bad.name%7D%7D%26sub6%3Dkypka%26sub7%3Dnikitakypa
coinvulcanos.shop/	1970-01-21 16:19:07	Name: pwaidfqpzn7 Value: EcAn
coinvulcanos.shop/	1970-01-21 16:19:07	Name: splitida998uj Value: uuxs
coinvulcanos.shop/	1970-01-21 16:19:07	Name: fpvdateiexk8k Value: 2025-08-14
coinvulcanos.shop/	1970-01-21 16:19:07	Name: sdata48besu Value: qtUl66zrv8QL7PdO8XK8LPEGQx1xmnB3nvxZzTmwsTU8JSBqzVzzOKJUFeh21P%2BUV5KFJLLvaYgT%2BNWUJ7%2FGcKC8%2BCW34Z8aKeDprwbAsnUVzZ6usfcanAFJmm057I7KDZIYKgq1NHlyCru4SPFXa7sMnRM9h5UjVbcwR%2FF6vnijNd1CcoOzuh2m3c6IBJYau%2BPN9HjGJ2sfTsgqXpKw5nVEfqLgo%2BHo
eapi.wwa-ios.com/	1970-01-21 07:33:34	Name: transition_app_id Value: 5293
eapi.wwa-ios.com/	1970-01-21 07:33:34	Name: transition_flow_id Value: 72854
eapi.wwa-ios.com/	1970-01-21 07:43:36	Name: unique Value: 1
.wwa-ios.com/	1970-01-21 09:43:07	Name: _fbc Value: fb.1.1755211376796.%7Bfbclid%7D
.wwa-ios.com/	1970-01-21 09:43:07	Name: _fbp Value: fb.1.1755211376796.448925899470955920

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://eapi.wwa-ios.com/configuration/redirect/?click_source&fbclid=%7Bfbclid%7D&pixel_id=710738254799319&refer=limbgtu.xyz&sub1=NK&sub2=%7B%7Bcampaign.name%7D%7D&sub3=%7B%7Badset.name%7D%7D&sub4=%7B%7Bad.name%7D%7D&sub6=kypka&sub7=nikitakypa Message: Not allowed to launch 'itms-appss://apps.apple.com/us/app/plunk-drift/id6742196695?af_xp=social&af_ad=4482b22c-b981-46f7-a8e2-4dd327ee61f2&pid=Javelink&adset=4482b22c-b981-46f7-a8e2-4dd327ee61f2&c=NK_j2mgateam_{{campaign.name}}_{{adset.name}}_{{ad.name}}_xxx_kypka' because a user gesture is required.
network	error	URL: https://eapi.wwa-ios.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.apple.com
coinvulcanos.shop
connect.facebook.net
eapi.wwa-ios.com
limbgtu.xyz
www.facebook.com
apps.apple.com
2606:4700:20::681a:409
2606:4700:3035::6815:4c73
2606:4700:3037::ac43:8ccc
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:187:face:b00c:0:25de
37153f36bba69c0ab5b9f82b3a214dc7e72693dec131556dfc91df6e91c61dc6
54b0ccfbb6844d088735ae9808ced8600a7ec9b1db5bd05d56e874b2e13a1341
5547992afdadb59737c5c0feb1a35dff294cd27145bf290c031737ecf8a2577d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c8b2f7247dc8e4c6e6f9591b1d4fb8fe7e4d627988ba2ec2a13fc141f60e0876
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

eapi.wwa-ios.com Open in urlscan Pro 2606:4700:20::681a:409 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

102 kBTransfer

388 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Window variables

12 Cookies

2 Console Messages

Security Headers

Indicators

eapi.wwa-ios.com Open in urlscan Pro
2606:4700:20::681a:409 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

102 kB
Transfer

388 kB
Size

12
Cookies

8 HTTP transactions
0 data transactions