fb-login.k8s.data.quandoo.com Open in urlscan Pro
35.246.138.137  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fb-login.k8s.data.quandoo.com/	2 KB 1 KB	533ms 28ms	Document text/html	35.246.138.137 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fb-login.k8s.data.quandoo.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.246.138.137 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS 137.138.246.35.bc.googleusercontent.com Software nginx/1.15.10 / Resource Hash 2228c71984cd42880a44ae5bae8eb60e165bfdafccc84a4ebdcdec4aa8aa0747 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :method GET :authority fb-login.k8s.data.quandoo.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx/1.15.10 date Tue, 17 Aug 2021 13:30:10 GMT content-type text/html; charset=utf-8 vary Accept-Encoding last-modified Thu, 05 Aug 2021 03:38:10 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	28ms 7ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: fb-login.k8s.data.quandoo.com URL: https://fb-login.k8s.data.quandoo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 278ee91a7d91597675d71d35a15ef6bcc93d5924e8ddf2554135681e2117b000 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://fb-login.k8s.data.quandoo.com Referer https://fb-login.k8s.data.quandoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 ktwkv8N1uBVsxlCMd9lK1w== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1685 x-fb-rlafr 0 x-fb-debug QchZ1sbAXCG+/yUSm3J3uom8wdTHclMjQ46frLBS1GGFFXGD0RMj6wXC8gu3fUa3LYLNBxIBnhCmWglx8qkotQ== x-fb-trip-id 917726464 x-fb-content-md5 5d236f4600067fc83472643f3a6c8b24 x-frame-options DENY date Tue, 17 Aug 2021 13:30:11 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "f6816e6aa61102e08ad3daf20245e7fe" timing-allow-origin * priority u=3,i expires Tue, 17 Aug 2021 13:32:08 GMT
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	235 KB 68 KB	168ms 105ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=d88984b89e80ded50e9dfde99199f2fe Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 18c952f11709ea7cb9d2ff108d72705c657cd15eadd0da3d2b5daafc153754d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://fb-login.k8s.data.quandoo.com Referer https://fb-login.k8s.data.quandoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 R6vbr9l+nfIY/RlRgW5Elw== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 69728 x-fb-rlafr 0 x-fb-debug xdMHmw+vXfC4IzKL0/IGUXiCeSCA6j65EWv/1M5ZjCAz0LpiVdKb7rE2CZxoJX3v4FMmPYvd/kHfT6UYVsuF+Q== x-fb-content-md5 4466596011184d8d428321da42f4a5b3 x-frame-options DENY date Tue, 17 Aug 2021 13:30:11 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "28c48dcdca34884ab3854ce49c149cbb" timing-allow-origin * priority u=3,i expires Wed, 17 Aug 2022 12:00:58 GMT
GET H2	200	status www.facebook.com/x/oauth/	0 0	207ms 34ms	Fetch text/plain	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=124620648244626&input_token&origin=1&redirect_uri=https%3A%2F%2Ffb-login.k8s.data.quandoo.com%2F&sdk=joey&wants_cookie_data=true Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=d88984b89e80ded50e9dfde99199f2fe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Referer https://fb-login.k8s.data.quandoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload x-content-type-options nosniff content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/; alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 x-fb-rlafr 0 pragma no-cache x-fb-debug g8vVjwAqb5JM398Fh1QK6tNMJb7JkMITcByDf6fSsW9WADG9zRfJwsUMjrsWN5zeFRxTZp1aGRWWaf1e6orXCA== cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" fb-s unknown cross-origin-opener-policy same-origin-allow-popups date Tue, 17 Aug 2021 13:30:12 GMT report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type text/plain; charset=UTF-8 access-control-allow-origin https://fb-login.k8s.data.quandoo.com access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	login_button.php Show response www.facebook.com/v9.0/plugins/ Frame 884E	164 KB 25 KB	146ms 70ms	Document text/html	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=d88984b89e80ded50e9dfde99199f2fe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 98b06d9ba7e098d281eb9074ca31f06596de641f1bb99866dbdf70d38eeb991b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fb-login.k8s.data.quandoo.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fb-login.k8s.data.quandoo.com/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/; content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; facebook-api-version v9.0 strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug 1+lCrQ7kUPch0oZ1wUSH2NbIg79zsfz8D2bOMq6Fz5nrmbrVl/opdd0CykI3G/NpqaMHNBgJ8ZgCBRFXDghk5A== date Tue, 17 Aug 2021 13:30:12 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
GET H3-29	200	qYG_pvNhLC1.png www.facebook.com/rsrc.php/v3/y8/r/ Frame 884E	371 B 422 B	65ms 32ms	Image image/png	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/rsrc.php/v3/y8/r/qYG_pvNhLC1.png Requested by Host: www.facebook.com URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-fb-debug 2jeZWpnKQPI/50dQLQKTkEBOoqkuH7y5dHwKuKvP6ruYybzBKDQRHU6JSFkJx3D3tvnkJk9uxmoTBrsj8lZXzQ== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 ApFuUU9EOpmqxGomIy3eug== date Fri, 13 Aug 2021 05:11:22 GMT content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;report-uri https://www.facebook.com/csp/reporting/; content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin priority u=3,i timing-allow-origin * content-length 371 x-fb-rlafr 0 expires Sat, 13 Aug 2022 05:11:22 GMT
GET H3-29	200	iqVGY7gYXlg.gif www.facebook.com/rsrc.php/v3/yx/r/ Frame 884E	1 KB 1 KB	65ms 32ms	Image image/gif	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif Requested by Host: www.facebook.com URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-fb-debug iaVxVrBQsbTQ0pf44WTCrdc7CuakDuvaDagIPFqeai7AjlXWHfRZiyp/79+ZEgZ0Qbfkqy2wrPUHgzOsmR5LyQ== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 xus77tDlZhUxDt48lJn72A== date Fri, 13 Aug 2021 00:08:16 GMT content-type image/gif access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin content-length 1056 timing-allow-origin * priority u=3,i x-fb-rlafr 0 expires Sat, 13 Aug 2022 00:08:16 GMT
GET H3-29	200	FsIzfSCP0M0.js Show response www.facebook.com/rsrc.php/v3i7M54/yK/l/en_US/ Frame 884E	507 KB 134 KB	66ms 33ms	Script application/x-javascript	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/rsrc.php/v3i7M54/yK/l/en_US/FsIzfSCP0M0.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 62e9b198d5b6966b3a232dbe49b061b19d895c59460f2fe2a93e561331351681 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 16 Aug 2021 21:23:27 GMT content-encoding br x-content-type-options nosniff content-md5 K11acJpNr56RgKpkAur3Bw== cross-origin-resource-policy cross-origin content-length 136897 x-fb-rlafr 0 x-fb-debug SkiphoSDWCPYM+WaNpFdRVI6pydTp9Z9NFX1wrOtqwSTkdofCHPj6foS7ybK5xITYElOyNETBovu3zHnKeVOeg== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Tue, 16 Aug 2022 21:23:27 GMT
GET H2	200	cavalry_endpoint.php www.facebook.com/platform/ Frame 884E	67 B 251 B	38ms 35ms	Image image/png	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/platform/cavalry_endpoint.php?t_cstart=1629207012195&t_start=1629207012195&t_domcontent=1629207012543&t_layout=1629207012754&t_onload=1629207012754&t_paint=1629207012754&t_creport=1629207012754&t_tti=1629207012543&lid=6997390837061359096-0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df353e66f2a284%26domain%3Dfb-login.k8s.data.quandoo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff27e617f26b7d1c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding br x-content-type-options nosniff content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/; alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma no-cache x-fb-debug Kojje6UK4FIYJ+PHxbPZQV6pKdMIBXybHO6DBckZ/KFJCFbRxhD4nMDys/+nxpSVFXrsoz/P/1oseLJQ4Fl4ZQ== cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 17 Aug 2021 13:30:12 GMT strict-transport-security max-age=15552000; preload report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type image/png vary Accept-Encoding cache-control private, no-store, no-cache, must-revalidate x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| statusChangeCallback function| checkLoginState function| testAPI function| fbAsyncInit object| FB

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://fb-login.k8s.data.quandoo.com/(Line 11) Message: statusChangeCallback
console-api	log	URL: https://fb-login.k8s.data.quandoo.com/(Line 12) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fb-login.k8s.data.quandoo.com
www.facebook.com
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
35.246.138.137
18c952f11709ea7cb9d2ff108d72705c657cd15eadd0da3d2b5daafc153754d8
2228c71984cd42880a44ae5bae8eb60e165bfdafccc84a4ebdcdec4aa8aa0747
278ee91a7d91597675d71d35a15ef6bcc93d5924e8ddf2554135681e2117b000
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
62e9b198d5b6966b3a232dbe49b061b19d895c59460f2fe2a93e561331351681
98b06d9ba7e098d281eb9074ca31f06596de641f1bb99866dbdf70d38eeb991b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760