fb-login.k8s.data.quandoo.com Open in urlscan Pro
35.246.138.137  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fb-login.k8s.data.quandoo.com/	2 KB 1 KB	150ms 50ms	Document text/html	35.246.138.137 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fb-login.k8s.data.quandoo.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.246.138.137 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS 137.138.246.35.bc.googleusercontent.com Software nginx/1.15.10 / Resource Hash 2228c71984cd42880a44ae5bae8eb60e165bfdafccc84a4ebdcdec4aa8aa0747 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :method GET :authority fb-login.k8s.data.quandoo.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx/1.15.10 date Thu, 18 Feb 2021 16:27:12 GMT content-type text/html; charset=utf-8 vary Accept-Encoding last-modified Thu, 18 Feb 2021 16:26:27 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: fb-login.k8s.data.quandoo.com URL: https://fb-login.k8s.data.quandoo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8d7b6f7373d865ac5ac8f9b4fe5b6d90f64ca2a9871720ca6e54c96bd0fef03d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://fb-login.k8s.data.quandoo.com Referer https://fb-login.k8s.data.quandoo.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 c4BGuljvAHNEgteiBK4y4A== content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/; cross-origin-resource-policy cross-origin expires Thu, 18 Feb 2021 16:35:22 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1781 x-fb-rlafr 0 x-fb-debug 327WrTGCVuQx7qSYgF29KPlFTv8wW4k8XXblKEgSiwWKlPzn1UJWNb4SNcEjpST8iHbXWMzC0I0VwyfOzdm8aw== x-fb-trip-id 686109401 x-fb-content-md5 bf543bb944da59cb5835568c2f7d7c28 date Thu, 18 Feb 2021 16:27:12 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "2ad380dd521384e30a4033bdabee22e6" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	198 KB 60 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=59c80e4bcb1a49a557a951e210503336&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 844f6f80a3a6ffa7720d6f708403ae669c40a98052ab8921297b778a004ccd58 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://fb-login.k8s.data.quandoo.com Referer https://fb-login.k8s.data.quandoo.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 FeAuuw60b2/o4/ifyW+qyA== cross-origin-resource-policy cross-origin expires Fri, 18 Feb 2022 14:46:27 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 60954 x-fb-rlafr 0 x-fb-debug lMSbsvHvVM5W+uGI20AIYOy7JT3VsuPGl5DcDFhhz1XB7kp9zNyj076xjiOXv0Qgp8lvHRJeWdDeHNbYMJ2DDg== x-fb-trip-id 686109401 x-fb-content-md5 9afccae246ef3d90dc5cc331101d442d cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 18 Feb 2021 16:27:12 GMT x-frame-options DENY report-to {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable origin-trial AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ== etag "ef0cf2b11cc7864bc1ad45d49707bdfe" timing-allow-origin * cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" access-control-expose-headers X-FB-Content-MD5
GET H2	200	status www.facebook.com/x/oauth/	0 0	50ms 37ms	Fetch text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=124620648244626&input_token&origin=1&redirect_uri=https%3A%2F%2Ffb-login.k8s.data.quandoo.com%2F&sdk=joey&wants_cookie_data=true Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=59c80e4bcb1a49a557a951e210503336&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Referer https://fb-login.k8s.data.quandoo.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload x-content-type-options nosniff alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 x-fb-rlafr 0 pragma no-cache x-fb-debug 7OM8Dnf7sVdL65eU3qUNe7pwt2gKWYS0dWEPdWDe4UgGU4sSYGlbebfoQQcatGRU3G8EO0sm1IRevuyM+fKzUg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" fb-s unknown date Thu, 18 Feb 2021 16:27:12 GMT report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://fb-login.k8s.data.quandoo.com access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	login_button.php Show response www.facebook.com/v9.0/plugins/ Frame 76F2	143 KB 31 KB	77ms 76ms	Document text/html	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=59c80e4bcb1a49a557a951e210503336&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 35f2839c1d260a3e8e0483b32d0d497c867a8c386c10e6b3096b8a4a28718a72 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fb-login.k8s.data.quandoo.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fb-login.k8s.data.quandoo.com/ Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-xss-protection 0 strict-transport-security max-age=15552000; preload content-encoding br facebook-api-version v9.0 x-content-type-options nosniff vary Accept-Encoding pragma no-cache x-fb-rlafr 0 content-type text/html; charset="utf-8" x-fb-debug uwG/WbfwU0wMKQwtwumetQXiKtaqemmb2FZrRinkvD/lcd4nWxTBpR19IoBjp5zQJ3fL2Jh7utymnSNvEgzW/A== date Thu, 18 Feb 2021 16:27:12 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
GET H2	200	qYG_pvNhLC1.png www.facebook.com/rsrc.php/v3/y8/r/ Frame 76F2	371 B 672 B	6ms 6ms	Image image/png	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/rsrc.php/v3/y8/r/qYG_pvNhLC1.png Requested by Host: www.facebook.com URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fb-debug XP6UXKD5IG5v4ym9e4PDfNrgyWKvLoK+iaChgrLTo4DIQPI0QcA9Sp6mTMwtjgup4YOKZeO9KrftDThssPiGZw== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 ApFuUU9EOpmqxGomIy3eug== date Tue, 09 Feb 2021 00:08:03 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin timing-allow-origin * content-length 371 x-fb-rlafr 0 expires Wed, 09 Feb 2022 00:08:03 GMT
GET H2	200	iqVGY7gYXlg.gif www.facebook.com/rsrc.php/v3/yx/r/ Frame 76F2	1 KB 1 KB	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif Requested by Host: www.facebook.com URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fb-debug PxqAcT0r6fjWe7g072wF0vv2jIi5DnwhHCB1Frl1K/nehcI0s0cOo6uGMFF9D+umcEiwKn57T6XS/2t/A/eAyg== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 xus77tDlZhUxDt48lJn72A== date Thu, 18 Feb 2021 00:52:34 GMT content-type image/gif access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1056 x-fb-rlafr 0 expires Fri, 18 Feb 2022 00:52:34 GMT
GET H2	200	cJW4dlUIuR3.js Show response www.facebook.com/rsrc.php/v3i7M54/ya/l/en_US/ Frame 76F2	459 KB 118 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/rsrc.php/v3i7M54/ya/l/en_US/cJW4dlUIuR3.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 925cd2f2734a45c88dca67f2c9a5910082c50395fe7836337275b5165d22c15e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fb-debug EpRmvyl+BM9WrJMTOBr8D2LaF1p7abxMQEuWkeNdv81WZkuQCLEDP13IDyQ3eUFuGzMMEcttyOAp6GqfTyTl0w== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 oHij4x8PVHEsfdt7YUd+lA== date Thu, 18 Feb 2021 12:23:20 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin timing-allow-origin * content-length 120244 x-fb-rlafr 0 expires Fri, 18 Feb 2022 12:23:20 GMT
GET H2	200	cavalry_endpoint.php www.facebook.com/common/ Frame 76F2	67 B 757 B	41ms 40ms	Image image/png	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1613665632291&t_start=1613665632291&t_domcontent=1613665632331&t_layout=1613665632383&t_onload=1613665632383&t_paint=1613665632383&t_creport=1613665632383&t_tti=1613665632331&lid=6930641117214840122-0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.facebook.com/v9.0/plugins/login_button.php?app_id=124620648244626&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df339dd81ebb3504%26domain%3Dfb-login.k8s.data.quandoo.com%26origin%3Dhttps%253A%252F%252Ffb-login.k8s.data.quandoo.com%252Ff33d67e0f742b44%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email&sdk=joey User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding br x-content-type-options nosniff x-xss-protection 0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-fb-rlafr 0 pragma no-cache x-fb-debug y02FLvhVhB3wNo3aEEoM/n7xJHjfXALxOQl0/5CLoqEAjXc8RU7yZM7yi4nRZAJ4kRPwcJ8ahsNgbYSr9H9wvg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-frame-options DENY date Thu, 18 Feb 2021 16:27:12 GMT strict-transport-security max-age=15552000; preload report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type image/png vary Accept-Encoding cache-control private, no-store, no-cache, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| statusChangeCallback function| checkLoginState function| testAPI function| fbAsyncInit object| FB

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://fb-login.k8s.data.quandoo.com/(Line 11) Message: statusChangeCallback
console-api	log	URL: https://fb-login.k8s.data.quandoo.com/(Line 12) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fb-login.k8s.data.quandoo.com
www.facebook.com
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.246.138.137
2228c71984cd42880a44ae5bae8eb60e165bfdafccc84a4ebdcdec4aa8aa0747
35f2839c1d260a3e8e0483b32d0d497c867a8c386c10e6b3096b8a4a28718a72
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
844f6f80a3a6ffa7720d6f708403ae669c40a98052ab8921297b778a004ccd58
8d7b6f7373d865ac5ac8f9b4fe5b6d90f64ca2a9871720ca6e54c96bd0fef03d
925cd2f2734a45c88dca67f2c9a5910082c50395fe7836337275b5165d22c15e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760