fbweb.lera.mobi Open in urlscan Pro
2600:1415:3c00::1730:6140  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 78800322-fb_contact-enp186_2-250830-core1-v1.html Show response fbweb.lera.mobi/	26 KB 12 KB	370ms 95ms	Document text/html	2600:1415:3c00::1730:6140 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1415:3c00::1730:6140 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software tencent-cos / Resource Hash e3f4aca933d4508e06d219908c314464354dd1374f00cc6e5bdf6066e0130844 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 604800 cache-control max-age=300 content-disposition inline content-encoding gzip content-length 11404 content-type text/html date Sun, 31 Aug 2025 00:12:28 GMT etag "83a48ecba14ab73eb1958916973575a0" last-modified Sat, 30 Aug 2025 06:06:59 GMT server tencent-cos timing-allow-origin * vary Accept-Encoding x-cos-force-download true x-cos-hash-crc64ecma 541888791096407915 x-cos-meta-origin ads-jakarta x-cos-replication-status Replica x-cos-request-id NjhiMmMyNzhfMTVhZTdhMWVfMWMyYzdfNjQ2MmVjYw== x-cos-version-id MTg0NDQ5ODc1Mzk2ODk3OTE2MDI
GET H2	200	52968340-6167-4605-a020-ef3591a99043.jpg cos.cdreader.com/AdsServer_ft/	35 KB 35 KB	97ms 95ms	Image image/jpeg	2600:1415:3c00::1730:6140 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://cos.cdreader.com/AdsServer_ft/52968340-6167-4605-a020-ef3591a99043.jpg?imageMogr2/thumbnail/400x/strip/size-limit/35k! Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1415:3c00::1730:6140 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software tencent-ci / Resource Hash 49baed34f94458497dd49fb95c31e73a877415c18ff85bf847e03adb19c3d1ff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC size 35329 x-rtflag 1 access-control-allow-methods GET,POST,OPTIONS date Sun, 31 Aug 2025 00:12:29 GMT content-type image/jpeg last-modified Wed, 25 Jun 2025 22:22:13 GMT access-control-allow-headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session cache-control max-age=1842453 timing-allow-origin * x-cos-request-id Njg4NDc2OGFfY2E4ZTI3MDlfMmYwOV8zMjMyNzVj access-control-allow-credentials true x-delay 9883 us x-datasrc 1 x-ci-request-id VF82ODg0NzY4YV8xN18zN2U5YjBiXzE4NWY5 content-length 35329 access-control-allow-origin * x-info real data server tencent-ci
GET H2	200	clipboard.min.js Show response web.cdreader.com/static/pt/lp/clipboard2.0.6/	10 KB 4 KB	285ms 94ms	Script application/javascript	2600:1415:9c00:5::1728:3495 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://web.cdreader.com/static/pt/lp/clipboard2.0.6/clipboard.min.js Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1415:9c00:5::1728:3495 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software tencent-cos / Resource Hash c1d1ec459db4813829a4690926a9fd37a44076c780fb324b90c4cd02699399a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers x-cos-replication-status Replica access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC content-encoding gzip etag "53323cefc192f759d24a674a612a98d7" x-cos-hash-crc64ecma 10297600581236802185 access-control-allow-methods * date Sun, 31 Aug 2025 00:12:29 GMT content-type application/javascript last-modified Sat, 13 Jan 2024 05:19:08 GMT vary Accept-Encoding access-control-allow-headers * cache-control max-age=31536000 timing-allow-origin * x-cos-version-id MTg0NDUwMzg5NTA1NjEwNjc3MjY x-cos-request-id Njg0M2U4ZjdfOTJmMDVlMGJfMjg2YWZfZWI2Yjk3 x-cos-meta-md5 53323cefc192f759d24a674a612a98d7 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 3361 x-cos-meta-origin web-pt-cdreader server tencent-cos
GET H2	200	sensorsdata.v2.min.js Show response web.cdreader.com/static/pt/lp/	179 KB 52 KB	291ms 101ms	Script application/javascript	2600:1415:9c00:5::1728:3495 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://web.cdreader.com/static/pt/lp/sensorsdata.v2.min.js Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1415:9c00:5::1728:3495 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software tencent-cos / Resource Hash a0f19c1eec053f89a3e7891ba0edda540818eedd046503ec71f560ab21c1ce63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers x-cos-replication-status Replica access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC content-encoding gzip etag "ee94c31c0abf5eabc97fda9e2bb6e8e8" x-cos-hash-crc64ecma 1105370912232555686 access-control-allow-methods * date Sun, 31 Aug 2025 00:12:29 GMT content-type application/javascript last-modified Wed, 08 May 2024 08:49:41 GMT vary Accept-Encoding access-control-allow-headers * cache-control max-age=31536000 timing-allow-origin * x-cos-version-id MTg0NDUwMjg5MTU1Mjc5MDA1MDQ x-cos-request-id Njg0M2U4ZjlfMTFlZjVlMGJfMTNlMmVfZWMyNDY0 x-cos-meta-md5 ee94c31c0abf5eabc97fda9e2bb6e8e8 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * x-cos-meta-origin web-pt-cdreader server tencent-cos
GET H2	200	fbweb.20250528.min.js Show response web.cdreader.com/static/pt/lp/script/	10 KB 4 KB	288ms 98ms	Script application/javascript	2600:1415:9c00:5::1728:3495 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://web.cdreader.com/static/pt/lp/script/fbweb.20250528.min.js Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1415:9c00:5::1728:3495 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software tencent-cos / Resource Hash 3111fd3b0044a540821b7cabe1b902cbfb0545f3642f06d57242635d2191ac7f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers x-cos-replication-status Replica access-control-max-age 86400 access-control-expose-headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC content-encoding gzip etag "5b6ac1b4eb80fe0298383e93efbf444c" x-cos-hash-crc64ecma 6818787549153550473 access-control-allow-methods * date Sun, 31 Aug 2025 00:12:29 GMT content-type application/javascript last-modified Tue, 26 Aug 2025 09:38:48 GMT vary Accept-Encoding access-control-allow-headers * cache-control max-age=31536000 timing-allow-origin * x-cos-version-id MTg0NDQ5ODc4NzI1ODEwNjYzNDM x-cos-request-id NjhhZDhhMzBfNjhjNTAwYl8yM2U4Nl84ZWY1MzRi x-cos-meta-md5 5b6ac1b4eb80fe0298383e93efbf444c access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 3885 x-cos-meta-origin web-pt-cdreader server tencent-cos
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	312 KB 80 KB	194ms 95ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash a645ea65da053dda0b6bcd046ac379cbdcf1b755fdf0f6140bdc9232191b2144 Security Headers Name Value Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-AgtpamlF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 31 Aug 2025 00:12:29 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' blob: *;script-src 'nonce-AgtpamlF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=4960, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug d7cl4WCCQgqsJJnlyEzwSwK7rg+F6aiG9VuLJOklZ0+knY07R3pOklwWswcu02UXfksTn5lhwN3sOz7+BhYbnA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports content-length 81815 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	1072527050243485 Show response connect.facebook.net/signals/config/	82 KB 15 KB	96ms 96ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1072527050243485?v=2.9.227&r=stable&domain=fbweb.lera.mobi&hme=98a01a771f1571b63142a5ab6b1965d297e9ee4aa2fec3ece59f72d8c5b28e26&ex_m=86%2C148%2C128%2C19%2C121%2C60%2C41%2C122%2C67%2C59%2C135%2C75%2C13%2C85%2C27%2C116%2C107%2C65%2C68%2C115%2C132%2C94%2C137%2C7%2C3%2C4%2C6%2C5%2C2%2C76%2C84%2C138%2C212%2C160%2C54%2C217%2C214%2C215%2C47%2C175%2C26%2C64%2C221%2C220%2C163%2C29%2C53%2C8%2C56%2C80%2C81%2C82%2C87%2C111%2C28%2C25%2C114%2C110%2C109%2C129%2C66%2C131%2C130%2C43%2C112%2C52%2C104%2C12%2C134%2C38%2C203%2C205%2C170%2C22%2C23%2C24%2C16%2C17%2C37%2C34%2C35%2C71%2C77%2C79%2C92%2C120%2C123%2C39%2C93%2C20%2C18%2C98%2C61%2C32%2C125%2C124%2C126%2C117%2C21%2C31%2C51%2C91%2C133%2C62%2C15%2C30%2C185%2C156%2C262%2C201%2C146%2C188%2C181%2C89%2C113%2C70%2C102%2C46%2C40%2C100%2C101%2C106%2C50%2C14%2C108%2C99%2C57%2C42%2C95%2C45%2C48%2C0%2C83%2C136%2C1%2C105%2C11%2C103%2C9%2C49%2C78%2C55%2C127%2C58%2C97%2C74%2C73%2C44%2C118%2C72%2C69%2C63%2C96%2C88%2C36%2C119%2C33%2C90%2C10%2C139 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash b5523f4f833534c137ac8884f6d9f42fbd121cf703e59a132fbdb1c5cc201169 Security Headers Name Value Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-AcCtAufW' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 31 Aug 2025 00:12:29 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' blob: *;script-src 'nonce-AcCtAufW' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=92, rtx=0, c=94, mss=1232, tbw=91360, tp=83, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug BzS2zm8bEYwSVgko6oo8HXy/ERU1euW2hTc1fokP46QRRyqTIad1MbJs1Bfo89jmoTNnXwNw+khdyj0ujLo4NA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-fb-optimizer 0 document-policy force-load-at-top, include-js-call-stacks-in-crash-reports content-length 15260 x-xss-protection 0 origin-agent-cluster ?1
POST H2	200	projectevent Show response log2.51changdu.com/api/	43 B 137 B	330ms 140ms	XHR image/gif	43.159.94.117 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://log2.51changdu.com/api/projectevent?project=event_log&remark=online Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/pt/lp/sensorsdata.v2.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.159.94.117 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://fbweb.lera.mobi/ Response headers eo-cache-status MISS eo-log-uuid 2971729123810618770 access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 date Sun, 31 Aug 2025 00:12:29 GMT content-type image/gif server nginx
GET H2	200	/ www.facebook.com/privacy_sandbox/topics/registration/	67 B 0	982ms 341ms	Fetch image/png	2a03:2880:f10f:187:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/privacy_sandbox/topics/registration/?id=1072527050243485 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/signals/config/1072527050243485?v=2.9.227&r=stable&domain=fbweb.lera.mobi&hme=98a01a771f1571b63142a5ab6b1965d297e9ee4aa2fec3ece59f72d8c5b28e26&ex_m=86%2C148%2C128%2C19%2C121%2C60%2C41%2C122%2C67%2C59%2C135%2C75%2C13%2C85%2C27%2C116%2C107%2C65%2C68%2C115%2C132%2C94%2C137%2C7%2C3%2C4%2C6%2C5%2C2%2C76%2C84%2C138%2C212%2C160%2C54%2C217%2C214%2C215%2C47%2C175%2C26%2C64%2C221%2C220%2C163%2C29%2C53%2C8%2C56%2C80%2C81%2C82%2C87%2C111%2C28%2C25%2C114%2C110%2C109%2C129%2C66%2C131%2C130%2C43%2C112%2C52%2C104%2C12%2C134%2C38%2C203%2C205%2C170%2C22%2C23%2C24%2C16%2C17%2C37%2C34%2C35%2C71%2C77%2C79%2C92%2C120%2C123%2C39%2C93%2C20%2C18%2C98%2C61%2C32%2C125%2C124%2C126%2C117%2C21%2C31%2C51%2C91%2C133%2C62%2C15%2C30%2C185%2C156%2C262%2C201%2C146%2C188%2C181%2C89%2C113%2C70%2C102%2C46%2C40%2C100%2C101%2C106%2C50%2C14%2C108%2C99%2C57%2C42%2C95%2C45%2C48%2C0%2C83%2C136%2C1%2C105%2C11%2C103%2C9%2C49%2C78%2C55%2C127%2C58%2C97%2C74%2C73%2C44%2C118%2C72%2C69%2C63%2C96%2C88%2C36%2C119%2C33%2C90%2C10%2C139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-UEit3wfo' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers access-control-expose-headers X-FB-Debug, X-Loader-Length, X-Stack, Error-MID content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7544535902018001102&cpp=C3&cv=1026542888&st=1756599150320"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff observe-browsing-topics ?1 expires Sat, 01 Jan 2000 00:00:00 GMT access-control-allow-methods OPTIONS alt-svc h3=":443"; ma=86400 date Sun, 31 Aug 2025 00:12:30 GMT content-type image/png vary Origin, Accept-Encoding x-fb-debug Qe7x+cgz0ycVG1nXN0zs1gjkY0vTHIv/XQNZkBHYFkaWVlETEqP+lCnjURAbHyFmPTfObHAMIKUnIoSGMvrtuQ== strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7544535902018001102&cpp=C3&cv=1026542888&st=1756599150320", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-UEit3wfo' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality MODERATE; q=0.3, rtt=167, rtx=0, c=10, mss=1368, tbw=4512, tp=-1, tpl=-1, uplat=173, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy same-origin access-control-allow-credentials true permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports access-control-allow-origin * x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	192ms 95ms	Image text/plain	57.144.152.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1072527050243485&ev=PageView&dl=https%3A%2F%2Ffbweb.lera.mobi%2F78800322-fb_contact-enp186_2-250830-core1-v1.html%3Fadid%3D%7B%7Bad.id%7D%7D%26char%3D295122%26accid%3D796776393296576%26exdata%3D08AE9488897994BC7721910D89D2264B70442773E34F2909&rl=&if=false&ts=1756599149523&sw=1600&sh=1200&cud[external_id]=%23*%23*%23**%23-%23*%23%23-%23%23%23%23-*%23%23%23-%23***%23*%23*%23%23**&ncud[external_id]=%23*%23*%23**%23-%23*%23%23-%23%23%23%23-*%23%23%23-%23***%23*%23*%23%23**&ud[external_id]=b2a0fddcffe53b91c026361d480c1cf7fcc929db9fda4a59400ba9b9629e58ff&aud[external_id]=b2a0fddcffe53b91c026361d480c1cf7fcc929db9fda4a59400ba9b9629e58ff&v=2.9.227&r=stable&ec=0&o=4126&fbp=fb.1.1756599149522.129992618659276497&ler=empty&cdl=API_unavailable&pmd[title]=Unmasking%20My%20Shunned%20Wife%3A%20She%20Hid%20A%20Thousand%20Identities&plt=807.3000001907349&it=1756599149406&coo=false&expv2%5B%5D=pl0&expv2%5B%5D=el1&expv2%5B%5D=bc1&rqm=GET Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.152.1 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-sin2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=93, rtx=0, c=23, mss=1232, tbw=5006, tp=10, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sun, 31 Aug 2025 00:12:29 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 203 B	503ms 406ms	Image image/png	57.144.152.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1072527050243485&ev=PageView&dl=https%3A%2F%2Ffbweb.lera.mobi%2F78800322-fb_contact-enp186_2-250830-core1-v1.html%3Fadid%3D%7B%7Bad.id%7D%7D%26char%3D295122%26accid%3D796776393296576%26exdata%3D08AE9488897994BC7721910D89D2264B70442773E34F2909&rl=&if=false&ts=1756599149523&sw=1600&sh=1200&cud[external_id]=%23*%23*%23**%23-%23*%23%23-%23%23%23%23-*%23%23%23-%23***%23*%23*%23%23**&ncud[external_id]=%23*%23*%23**%23-%23*%23%23-%23%23%23%23-*%23%23%23-%23***%23*%23*%23%23**&ud[external_id]=b2a0fddcffe53b91c026361d480c1cf7fcc929db9fda4a59400ba9b9629e58ff&aud[external_id]=b2a0fddcffe53b91c026361d480c1cf7fcc929db9fda4a59400ba9b9629e58ff&v=2.9.227&r=stable&ec=0&o=4126&fbp=fb.1.1756599149522.129992618659276497&ler=empty&cdl=API_unavailable&pmd[title]=Unmasking%20My%20Shunned%20Wife%3A%20She%20Hid%20A%20Thousand%20Identities&plt=807.3000001907349&it=1756599149406&coo=false&expv2%5B%5D=pl0&expv2%5B%5D=el1&expv2%5B%5D=bc1&rqm=FGET Requested by Host: fbweb.lera.mobi URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.152.1 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-sin2.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-YWINf8MR' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7544535899035701286&cpp=C3&cv=1026542888&st=1756599149772"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[],"aggregatable_values":{},"aggregatable_source_registration_time":"exclude","filters":{"3":["8162230013848323"]},"debug_reporting":true,"debug_key":"2725989472028677485"} date Sun, 31 Aug 2025 00:12:29 GMT content-type image/png vary Accept-Encoding x-fb-debug jj2TFlSCyqOcbSuAV7W4ys/zbRJ/SnJcWhOn9MbSrf1XIf/HMKBh6ZLbr7DDu5Bd8f03H+wspbMBbQC3SheXUg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7544535899035701286&cpp=C3&cv=1026542888&st=1756599149772", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-YWINf8MR' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality GOOD; q=0.7, rtt=93, rtx=0, c=24, mss=1232, tbw=5374, tp=13, tpl=0, uplat=310, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports x-xss-protection 0 origin-agent-cluster ?1
POST H2	200	projectevent Show response log2.51changdu.com/api/	43 B 267 B	260ms 132ms	XHR image/gif	43.159.94.117 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://log2.51changdu.com/api/projectevent?project=event_log&remark=online Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/pt/lp/sensorsdata.v2.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.159.94.117 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://fbweb.lera.mobi/ Response headers eo-cache-status MISS eo-log-uuid 4727501072725514121 access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 date Sun, 31 Aug 2025 00:12:29 GMT content-type image/gif server nginx
GET H2	200	Fbs2sNotify.ashx Show response analysis.cdreader.com/	49 B 446 B	547ms 267ms	XHR application/x-javascript	2600:1415:9c00:14::172e:a04 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analysis.cdreader.com/Fbs2sNotify.ashx?jsver=0801&extid=5e4f3be2-4e84-7375-d186-2dbc9a6f70ec&exaction=viewcontent&pixelid=1072527050243485&bookid=78800322&appid=332001005&pageid=13210268&fbp=fb.1.1756599149522.129992618659276497&cdcid=7712f6a61a244a9fbee9acfda5c4d098&fbc=fb.1.1756599149522.&adid=%7B%7Bad.id%7D%7D&v=1&url=https%3A%2F%2Ffbweb.lera.mobi%2F78800322-fb_contact-enp186_2-250830-core1-v1.html%3Fadid%3D%7B%7Bad.id%7D%7D%26char%3D295122%26accid%3D796776393296576%26exdata%3D08AE9488897994BC7721910D89D2264B70442773E34F2909&chapterindex=0 Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/pt/lp/script/fbweb.20250528.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1415:9c00:14::172e:a04 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash b8b23fcb0de19858e3bbae4601e83ed69527478ce7c89fb2853d51ccc2e7ddbd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Referer https://fbweb.lera.mobi/ Response headers cache-control max-age=0, no-cache, no-store x-aspnet-version 4.0.30319 pragma no-cache access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS expires Sun, 31 Aug 2025 00:12:30 GMT access-control-allow-origin * server-timing cdn-cache; desc=MISS, edge; dur=128, origin; dur=43, ak_p; desc="1756599150174_389049288_84699559_17135_900_92_187_219";dur=1 content-length 49 date Sun, 31 Aug 2025 00:12:30 GMT content-type application/x-javascript; charset=utf-8 access-control-allow-headers Content-Type
POST H2	200	projectevent Show response log2.51changdu.com/api/	43 B 137 B	137ms 135ms	XHR image/gif	43.159.94.117 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://log2.51changdu.com/api/projectevent?project=event_log&remark=online Requested by Host: web.cdreader.com URL: https://web.cdreader.com/static/pt/lp/sensorsdata.v2.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.159.94.117 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://fbweb.lera.mobi/ Response headers eo-cache-status MISS eo-log-uuid 9085302034054097315 access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 date Sun, 31 Aug 2025 00:12:30 GMT content-type image/gif server nginx

17 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| setRem string| extid string| g string| appid string| pageid string| pixelId string| bookId string| ndaction string| iOSUrl string| androidUrl function| fbq function| _fbq function| ClipboardJS object| JSON3 object| sensorsDataAnalytic201505 function| sensorsdata_app_call_js function| sensorsdata_app_js_bridge_call_js

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lera.mobi/	1970-01-21 07:57:35	Name: sajssdk_2015_cross_new_user Value: 1
			.lera.mobi/	1970-01-21 17:32:39	Name: sensorsdata2015jssdkcross Value: %7B%22distinct_id%22%3A%22198fd77e387a5e-0abaae09b132c78-1e462c6e-1920000-198fd77e388645%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTk4ZmQ3N2UzODdhNWUtMGFiYWFlMDliMTMyYzc4LTFlNDYyYzZlLTE5MjAwMDAtMTk4ZmQ3N2UzODg2NDUifQ%3D%3D%22%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%22198fd77e387a5e-0abaae09b132c78-1e462c6e-1920000-198fd77e388645%22%7D
			.lera.mobi/	1970-01-21 10:06:15	Name: _fbp Value: fb.1.1756599149522.129992618659276497
			.lera.mobi/	1969-12-31 23:59:59	Name: device_cookie_id Value: 7712f6a61a244a9fbee9acfda5c4d098
			.lera.mobi/	1970-01-21 07:58:05	Name: adid Value: {{ad.id}}
			.lera.mobi/	1970-01-21 07:58:05	Name: traceid Value: 20250831081230-8af181d3bb6343019edd5a2450c37a8f
			.lera.mobi/	1970-01-21 07:58:05	Name: adtype Value: fbs2s

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://fbweb.lera.mobi/78800322-fb_contact-enp186_2-250830-core1-v1.html?adid={{ad.id}}&char=295122&accid=796776393296576&exdata=08AE9488897994BC7721910D89D2264B70442773E34F2909 Message: Attestation check for Attribution Reporting on https://www.facebook.com failed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analysis.cdreader.com
connect.facebook.net
cos.cdreader.com
fbweb.lera.mobi
log2.51changdu.com
web.cdreader.com
www.facebook.com
157.240.8.23
2600:1415:3c00::1730:6140
2600:1415:9c00:14::172e:a04
2600:1415:9c00:5::1728:3495
2a03:2880:f10f:187:face:b00c:0:25de
43.159.94.117
57.144.152.1
3111fd3b0044a540821b7cabe1b902cbfb0545f3642f06d57242635d2191ac7f
49baed34f94458497dd49fb95c31e73a877415c18ff85bf847e03adb19c3d1ff
a0f19c1eec053f89a3e7891ba0edda540818eedd046503ec71f560ab21c1ce63
a645ea65da053dda0b6bcd046ac379cbdcf1b755fdf0f6140bdc9232191b2144
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b5523f4f833534c137ac8884f6d9f42fbd121cf703e59a132fbdb1c5cc201169
b8b23fcb0de19858e3bbae4601e83ed69527478ce7c89fb2853d51ccc2e7ddbd
c1d1ec459db4813829a4690926a9fd37a44076c780fb324b90c4cd02699399a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f4aca933d4508e06d219908c314464354dd1374f00cc6e5bdf6066e0130844