urlscan.io logo urlscan.io
SecurityTrails logo

www.truthmall.com Open in urlscan Pro
2606:4700:3031::6815:5ed8  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Submission: On March 23 via manual from CN — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3031::6815:5ed8, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.truthmall.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time www.truthmall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 2606:4700:303... 13335 (CLOUDFLAR...)
1 47.246.12.254 24429 (TAOBAO Zh...)
12 2a03:2880:f00... 32934 (FACEBOOK)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2a03:2880:f00... 32934 (FACEBOOK)
34 6
19    2606:4700:3031::6815:5ed8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.truthmall.com
1    47.246.12.254 (Kuala Lumpur, Malaysia)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
12    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent-sin6-4.xx.fbcdn.net
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a03:2880:f00c:19:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
scontent-sin6-1.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
19 truthmall.com
www.truthmall.com
112 KB
11 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 811
scontent-sin6-1.xx.fbcdn.net — Cisco Umbrella Rank: 25381
scontent-sin6-4.xx.fbcdn.net — Cisco Umbrella Rank: 27006
161 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
15 KB
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 12156
2 KB
0 yokacdn.com Failed
p6.yokacdn.com Failed
34 6
Domain Requested by
19 www.truthmall.com 1 redirects www.truthmall.com
9 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
2 connect.facebook.net www.truthmall.com
connect.facebook.net
1 scontent-sin6-4.xx.fbcdn.net www.facebook.com
1 scontent-sin6-1.xx.fbcdn.net www.facebook.com
1 www.facebook.com connect.facebook.net
1 at.alicdn.com www.truthmall.com
0 p6.yokacdn.com Failed www.truthmall.com
34 8

This site contains links to these domains. Also see Links.

Domain
yupoofake.ru
www.truthmall.com
www.discuz.net
www.comsenz.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-22 -
2023-08-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.truthmall.com/home.php?mod=space&uid=1193063
Frame ID: 38363A04A2C005B2691651BCEEE7BB33
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Frame ID: ACE5744B6800C26D88D1F4DE302F30E8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

horsepeanut20的空間 - TruthMall - Powered by Discuz!

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

80 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

379 kB
Transfer

1221 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.truthmall.com/uc_server/avatar.php?uid=1193063&size=middle HTTP 301
  • https://www.truthmall.com/uc_server/images/noavatar_middle.gif

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
www.truthmall.com/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2db936c03e5a022485e46ee9a7ef05c7583a33766369d229899c8c3be663a2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ac83739fc753e2b-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 16:57:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvFaXBB%2FFodaudluKR7UfDNdZxHFEw%2BVw2ttEEslb%2B0nj7%2BXGSYbaeHria5W6dYaxAJ9%2FgcxXDGTL8VG7CDMz1e9X43U2bUVhFEaAXztilnDnwAqaoIb7ukiVxfXwVct2qlr%2FLqapnQzij%2FS598iug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
public.css
www.truthmall.com/template/kuzhan_yoka/assets/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/css/public.css
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5a800c9b19397d79fd81515f6cfebfc30c332e224b039466a34763145db948

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2017 09:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3386
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXjvk9bUWfXCRcQ9qqOQ4W4wd%2B5Px9VKGPEtTTedsVQ9QYjF0dJpu02%2BI8EWjaHhyB7sHgwE2YbzyhBxQ6smaxKLo78I4KYrfY9KMkeNOvs%2FlAUYq86o161nko4SEIb1L81DNQW76ZvYFJF0nhHBLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ac8373c8f0d3e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
buttons.css
www.truthmall.com/template/kuzhan_yoka/assets/css/ 		80 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/css/buttons.css
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f531c572327f05e8b4ddd80fbd92f31004ad68764d127243921c8552cd45298

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 24 Aug 2017 09:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JGJprRMiuZIX7B25MhTK2aylITEWbt5Yu5UxAmwI13banyC%2BVNUZdB2iqkYHfRGEuyKTuGyjl3QAF9wVtcUGyduEhGTFsOJm5NdjNepmoFNhivUBbyeZgdBsw79ImndzYRBChNtrBRfYHETKvMo9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ac8373c8f0e3e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font_emfqpihao2z0vn29.css
at.alicdn.com/t/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_emfqpihao2z0vn29.css
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.12.254 Kuala Lumpur, Malaysia, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cd69690631482c71244b2eb15831ad155cd17555786179eddc6ce025f4cbd9ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 08:44:49 GMT
via
cache10.l2my1[0,0,200-0,H], cache24.l2my1[0,0], cache4.my2[0,0,200-0,H], cache7.my2[2,0]
content-encoding
gzip
x-oss-request-id
63774601E54CE13338953788
content-md5
aysJf7LmiaBP/+9jlQPXuQ==
age
10829581
x-swift-cachetime
60362260
x-cache
HIT TCP_HIT dirn:9:319353212
x-swift-savetime
Mon, 19 Dec 2022 17:27:09 GMT
x-oss-object-type
Normal
last-modified
Sat, 25 Dec 2021 05:49:46 GMT
server
Tengine
etag
W/"6B2B097FB2E689A04FFFEF639503D7B9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
ali-swift-global-savetime
1668761089
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
8108214387356712238
eagleid
2ff60c9b16795906709716986e
x-oss-server-time
64
style_4_common.css
www.truthmall.com/data/cache/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/data/cache/style_4_common.css?AVp
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq8tgpANb474mBdB4Yj60vDp7OGVN%2FB3WnxBW3BOFcKwvZYmEGr9Qv9DZ4WxStC7zm%2F1DL3eJitzmw5Fx4VYsASgo5CXcwO1pHkwCyKZRad6habE7COkACmdgFqX%2BDyPtyOGetxsA5JChhvKJbErwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7ac8373c8f103e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style_4_home_space.css
www.truthmall.com/data/cache/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/data/cache/style_4_home_space.css?AVp
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqH3tgTupyTpP%2BIIAj9fLJK%2FVhP519PRJPbFwlRR8Am5UBAeZz4DI5BOWDdjeiysipF7xAyFZ5ZgziDMJgf1jVl3ytmbQ1h5pvzB7eYHQ%2FnMnHjvNEru0QEQ7nXtJs5Wa5ob4OF0wdb5%2FKseRpPHvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7ac8373c8f113e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
common.js
www.truthmall.com/static/js/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/static/js/common.js?AVp
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1844aaf57fca7f81c1c9f7b42a12ce3a5a05041551a5b2998076bf689711efee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Mar 2023 06:06:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BhfWtNhQ1nAxwN%2FF0kBM7ptU3F5o7pevyVrh7HMnAVLxGlR3cehUkHOW9GOYF9wlsIIay%2F79vU%2FF8gHKgQKhgXXk9Fb8RvkNepgG6EshdopFDi7Vi1nSg9varQo3Hhdxzzd%2BdYPs1izpi0XyQPbHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ac8373c8f143e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
home.js
www.truthmall.com/static/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/static/js/home.js?AVp
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6f7cfd13e88f22990eedcc6d91941a30e82eb486c445dcf4bb693a76ae9dd2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 21 Mar 2023 06:06:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3%2Fv7u7jrefd8YF7KX1E7lRwl3dopiNzNy0swL%2Fudotb3GSqGrFz4GZ5DeMs1JXD5ao7bSW%2FxSsXpSfa53FeyRiaa0cS%2BBY%2Fg2zcthkrShbx1AI%2B1AZto0b11R8fbHEEPBQdOBL7ci40WpABGxWlBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ac8373c8f153e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style_4_css_space.css
www.truthmall.com/data/cache/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/data/cache/style_4_css_space.css?AVp
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFI01xP9Irk8MddrTn1XJ3wN%2FNXUZsWdtEYvvLOWYonocypl0Y2MMqFPorQ07T%2F8BGV4A4x%2FmHEI0Ry6f5EASZ9ZM07Bb2wr5yoIdkD1JrL4qT3szEtYzjq7oP4iXJB%2FeBUxfzwpE9un8CRQUANsyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7ac8373c8f123e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
www.truthmall.com/static/space/t1/ 		853 B
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/static/space/t1/style.css?AVp
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c635c912ba9733198469ad7605241fed85e5307fea5903125ee10cf3a332ac29

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 21 Mar 2023 06:24:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8lFlh%2FOUo9b0%2BgKndWuGfe%2BUDCUmmoI5ox67ju74shWi7I6bmpxIS6TbKNhxTT04RQoLSLEOhzkpCV6PTb0uh09UEJUBegQPtpPwc639WdLw38mfBIDim89EDXl6O2F7viEW3EmeAcnhtchXF8v8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ac8373c8f133e2b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
noavatar_middle.gif
www.truthmall.com/uc_server/images/
Redirect Chain
  • https://www.truthmall.com/uc_server/avatar.php?uid=1193063&size=middle
  • https://www.truthmall.com/uc_server/images/noavatar_middle.gif
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthmall.com/uc_server/images/noavatar_middle.gif
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H3
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6471b61cfcc06684ae3a73bc9ddcf8906543e449a51220de66aaa3dc316215b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:55 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Mar 2023 06:08:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEuED6Ep6REYM04dhDsH8OertX4TDZ4yP695VUVqipeu9zvSNWSMcGCmAMnY6MEN5FzVAkl8fpHNJqp1npn%2FMTWSxWMcbDXOsjwTzlePScuEyYBNi6mtadN0q%2Bo4YQ1Lcmt1k%2FyyqOJGUKMc7EsV8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac8374a6d093fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3972

Redirect headers

date
Thu, 23 Mar 2023 16:57:53 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 23 Mar 2023 16:57:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shBcLoPXj64D420m%2FUWKRdI7hWjZzIjbGMEq2T4gIpHvGiWqz0mZf5tSmLEJmqcapCKNBC9XjuU%2FCa7yODsDu3oCv0yh2%2BP6vB%2F1LyBVAy91E7FYu0zb62jLK31eKrvkRZom1g%2BZjtu%2FS40qx1TaZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.truthmall.com/uc_server/images/noavatar_middle.gif
cf-ray
7ac837420ce23fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 24 Mar 2023 16:57:52 +0000
footer_logo.png
www.truthmall.com/template/kuzhan_yoka/assets/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/images/footer_logo.png
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028df747056a47d9d9540419fa1dfcd4f8f1ab22d8c1ed8def5f7d7ab195f8bd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:53 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 09 Dec 2017 11:47:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bgnuc%2BkviGmG%2F9P50iCet0Bema2c6zi9atNhSIdj3ssJ8pqzz15fklSCqWD8mjF1NcIEGcetYB8Wpkq3UcUBnA5%2FjTbYC11S%2BkM6Lv5YhyGBNFwnxWJVc6D71MnB8H8EIzjgTsSRDxIDO5p4U9PDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac837420ce33fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16380
home.php
www.truthmall.com/ 		0
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/home.php?mod=misc&ac=sendmail&rand=1679590670
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDNrhRzGoWzIh%2F%2F9QOBNvNnC5H8rb1SwLiDA%2FR0GKlSkCvGF3bxo2HYDagBDLJ3da%2FLbmPiEkk17te1v9UPqFN8Q15aGC%2BscEHyP1j595T9%2BFgKcmehwxTe3xozhp4y8m8sLLoLGYVT00V%2B%2Behd1dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cf-ray
7ac8373fea8f3fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
jquery1.42.min.js
www.truthmall.com/template/kuzhan_yoka/assets/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/js/jquery1.42.min.js
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Aug 2017 09:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDNSljGrkh4%2FkXx20WOqWM0oF0aUynxKiDeYygAEZaSlcRusgMAmg%2BZqDbvc5xcsYEHaFK2m4WhGH5ROsst8eM5%2BOIrTrGHCwY7kLZdfXzVnm4mt%2BZCYs4vbtODgaV1ogI1cWgDx%2FmRj4yE5%2FzfZ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ac83741fcdd3fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.SuperSlide.2.1.1.js
www.truthmall.com/template/kuzhan_yoka/assets/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/js/jquery.SuperSlide.2.1.1.js
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496bdf2635c9f9494f51d0ba63c8a43e5b6dfb7c88b4426e6a56f577d945e3e9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/home.php?mod=space&uid=1193063
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 24 Aug 2017 09:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeJqiC%2BVihUauy2K4KaRv9hI%2Fj3%2BhG137t2kuKz1hCN%2BGLyfFBd7uolnsYcwHwtOack%2B7f2I93NvCMpCRrvqNnl8xTy3z6d0wwyvV3ejxf%2B5LYlFApXBIeAE8Ly7qhyVEme5D2hpgsWBK5qTwbhbrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ac837420ce03fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/all.js
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc5f9f640f0f54b1d843d73ec82fcde30505a26c11d0204df4f242636574c102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 16:57:51 GMT
content-md5
YnXrxqdlmH4stG/K45Q7ag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
swA8+0qCr8+vOTYuRgD6h2trx5peG+GmqhxQVE7vSv04TAcReojoxQx8hI12YXJoU4LXBpZv8pJCH6wnRcnJ0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
x-fb-content-md5
735f67b9191da91230bd97b518b898f7
cross-origin-opener-policy
same-origin-allow-popups
etag
"7e527a174d5672abb216b772609c8951"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 23 Mar 2023 17:09:04 GMT
header.jpg
www.truthmall.com/static/space/t1/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthmall.com/static/space/t1/images/header.jpg
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/static/space/t1/style.css?AVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78537082b3fd5a8f7c53629fe42eecce927fbae317f7d62c3078d1255edd5a1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/static/space/t1/style.css?AVp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:53 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Mar 2023 06:31:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWeRlsU%2BIUIHA8x4ife9tLnmg1HuFlnSZXFC0vX4jb%2B7EeNGS79W4G3qWhH%2FzLHRGJSbI%2FJv0Wfv1Pw2Tq%2B74rupuLR0loKr6kGBn%2FcR0EOU%2BSI42E4Is%2FUpNpecB8N573zcmrhrYNf6YkqJVXSXtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac837420ce73fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4857
title.png
www.truthmall.com/static/space/t1/images/ 		306 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthmall.com/static/space/t1/images/title.png
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/static/space/t1/style.css?AVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814fad1f2b53d22a3841b31f32f9907077c2a558116a965ae2e5dbb6e83d1b2a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/static/space/t1/style.css?AVp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:53 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Mar 2023 06:31:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7bcqbIcTTSt4XRSobtRy792x7eRqgpy9tL%2FHa6NCvjugGuFaae2lc68hJ9UNKkCTfeTQ0wcJo0wOuXqXPAe84jdnNf4dVB0AA4C2E%2FcDJljUjB5Nd79l%2Fw2AdDLiLTOjdkfMujYNQjlCcsqmP6jqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac837420ce93fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
306
ft_wx.png
www.truthmall.com/template/kuzhan_yoka/assets/css/template/kuzhan_yoka/assets/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/css/template/kuzhan_yoka/assets/images/ft_wx.png
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/template/kuzhan_yoka/assets/css/public.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/template/kuzhan_yoka/assets/css/public.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:52 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGBu2CEi8lfopxhzjFKiaCqucZE8%2BEYGWU9A5rsORwVtAwK43zqQ%2BFuYJzudOxNO8fyxW5SmV5KkKRG9f0H0oA1fHQ2OgMahCVXDfGR6aieWPxuRwMJbEuVL%2Bou%2Bone%2BJMWyZttELVmugeMX7ny3Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7ac837420ceb3fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ft_app.png
www.truthmall.com/template/kuzhan_yoka/assets/css/template/kuzhan_yoka/assets/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthmall.com/template/kuzhan_yoka/assets/css/template/kuzhan_yoka/assets/images/ft_app.png
Requested by
Host: www.truthmall.com
URL: https://www.truthmall.com/template/kuzhan_yoka/assets/css/public.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.truthmall.com/template/kuzhan_yoka/assets/css/public.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:52 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77NRCEzJVhy%2FA8OMqiR5t00ivXL2ik%2FSYgJHa5jWaWFxGsma1H5oZaEj3%2FDToZ3Dn11TQKBu09rWSoCCOBhqDgGu7iusHAZ4droryCSmF0BMI89M1egICfaJDIDBBdWxcNJh7WiWYtlB8wP1yQZEaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7ac837420cec3fd7-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
footer_b.jpg
p6.yokacdn.com/pic/div/2015/products/yoka/img/ 		0
0
all.js
connect.facebook.net/zh_HK/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/all.js?hash=427bda4ef8fbf24260077e98371a9e9d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
472420dbe959bf5ca8f69e8b47ff306462e43d14dc66d0bb006ac4c86df8842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.truthmall.com/
Origin
https://www.truthmall.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 16:57:51 GMT
content-md5
HxynO3Me+tGaeBsznsbGwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88622
x-fb-rlafr
0
x-fb-debug
n6gan/DMCvaI/eEyuIvZamK1DvAqDYRFGh1V2TTQtgvxXNSmM5YlyYkCJW3G4b6eqQDPHXgAjVRdm2I1qKetWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
26d6dc4e3fabc79b305812650515bf68
cross-origin-opener-policy
same-origin-allow-popups
etag
"c050b83ac37d2bdd07f78078a3a63fad"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Mar 2024 15:48:31 GMT
page.php
www.facebook.com/plugins/ Frame ACE5 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=427bda4ef8fbf24260077e98371a9e9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09ce53d44255508303e33d5dba725b7b098bdd5983dab9d1d60ba6dfd4122fe8
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.truthmall.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 16:57:54 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
gqJf324/xTC5NB+YpUGS8qwFYFbI7XdjMeNyHmsSix8zFUdL3v2d9w4BEYPpacUD/4+wdnH9g5DSVRnKzRWbww==
x-fb-rlafr
0
x-xss-protection
0
0Gf-kTFII7p.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/1,cross/ Frame ACE5 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/1,cross/0Gf-kTFII7p.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03ebc4fb00a535238bd10f66b50da1246c2c4d327007f16d33543bc74c8ef747
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
it5MRYaDZi5x/C9/EthCbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4995
x-fb-rlafr
0
x-fb-debug
hsWLsFvuyWnlt3z1Cw/GapgPVA7TOm9Q1e/iJXL6U96rHya/78gZ3RGdnmTn1rNGBjFbLPcJi+j38gVSYF5Dug==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Mar 2024 18:44:02 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/1,cross/ Frame ACE5 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/1,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a682973c518ee106d2625712efcf6942f5a5e1aa6c97bc94e7337d9c49fbbf5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5Emel4o78Uvw3N5xDL5zFA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
JW1FkcOP5gmULL5Oh6nRSJ+ubrDZkHvFuutakc5Au5+2zumtE45ygqD2xjcdptGde5ePJiT2wgKfIXjXcbnWYQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 14 Mar 2024 17:17:14 GMT
yevvHF9BwSs.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame ACE5 		298 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/yevvHF9BwSs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0920c17fb10d6d267d0ec72b269e4dbf607cde91926dede4930cca5c1e97ee9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
J/5Xipu0WVZ3bn5PmDqVZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80907
x-fb-rlafr
0
x-fb-debug
6aAGkk1LN01D9bjzYDFROi0P23g01bWjDgoRtLFaZoYK1M9KGra8aMHJQLDUkyLI5j5FItkLIMLhU+/FVVYDaA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 22 Mar 2024 02:25:44 GMT
lBHJxasLvo5.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame ACE5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/lBHJxasLvo5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a5cd95cf9280f8a1a5a9878ae997081f853e64d1a015a00ffca17811fb0d0da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
v+JfcHY6QjZLC8FqQwmxUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1702
x-fb-rlafr
0
x-fb-debug
JBOGNrb3672JmcZaNRYRqVlP2laJA4PR7YusHaAJIRkHYQ42p4xPqbbAjI6aACvLZ907jeuAvjCJl5gYlMzhKg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:57:12 GMT
OJCMaWZXA92.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame ACE5 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ffe3fa54fddff49868298c74d875f4c3332485cb17293999936834c8b7de8183
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
e11vF9amhxspsNCPa1pAaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12463
x-fb-rlafr
0
x-fb-debug
Wv1fIh2zSxVpG7e485p2cuUXUgW/m4NSJ3pSO0mpqS6TyCw9doz45ibPdv1YbnAA5FeqvUItI+bpoSK4v4NF2Q==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:57:12 GMT
Gy_e8cS9uuZ.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame ACE5 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d643d2559b7b1b11493bc0d8b0f2074f4afab1471d9685915e4bf73a97e93625
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZT5rsxEaG3d6pZJE2fIJeQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16399
x-fb-rlafr
0
x-fb-debug
YCFbltY3XTz+KFiIlrw71OtefBx2l2XruzLW5s6RKjzxLx8XTVFuiJtqlIZdyTtrgrcd/NPVz6Vn4drNcE60/Q==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 15 Mar 2024 20:52:16 GMT
RKHWAVnCZvs.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/y7/l/zh_HK/ Frame ACE5 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/y7/l/zh_HK/RKHWAVnCZvs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0669cc57ac7ddcb41555828b5ec4179b672be0ae59d5457171ff1571577b1970
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OqDfYcMzvdgVrRrkbyaTxw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20981
x-fb-rlafr
0
x-fb-debug
jTs9SqVh+UMcBfe+YoLveBUssEvXIJdgT8mboEF+7MivpT0wWd8VRoV0vMGVzPr9f9hDJ9DOnYFJ2w2PFi2XpA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 20 Mar 2024 23:19:51 GMT
326727207_730696548765982_2111261248093225023_n.jpg
scontent-sin6-1.xx.fbcdn.net/v/t39.30808-6/ Frame ACE5 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sin6-1.xx.fbcdn.net/v/t39.30808-6/326727207_730696548765982_2111261248093225023_n.jpg?stp=dst-jpg_s261x260&_nc_cat=107&ccb=1-7&_nc_sid=dd9801&_nc_ohc=iFSwvk8tmtgAX8Wq7ki&_nc_ht=scontent-sin6-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDLLiGDtOmwWdzFMA5i3m2HdoP_X8UmXZ4brMypNVSKig&oe=64207A23
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
434da4efc474ff9829655a6135f3c0371f04c2538a9d672b24bf4de61c413a0c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1615694470
date
Thu, 23 Mar 2023 16:57:54 GMT
x-fb-trip-id
548340344
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 25 Jan 2023 22:29:40 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3371017462
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2463549361
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
10646
326589640_860823948306285_1895164235659401904_n.png
scontent-sin6-4.xx.fbcdn.net/v/t39.30808-1/ Frame ACE5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sin6-4.xx.fbcdn.net/v/t39.30808-1/326589640_860823948306285_1895164235659401904_n.png?stp=cp0_dst-png_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=sfSUMVfxmxEAX81m8Tv&_nc_ht=scontent-sin6-4.xx&edm=ADwHzz8EAAAA&oh=00_AfCAU4VmFY1aEV0U-fjhgYklsEynInJ9BX0gvVkqxzoexg&oe=6421F84E
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa99c1bb40d82%26domain%3Dwww.truthmall.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.truthmall.com%252Ff2dd91ec29b54a8%26relation%3Dparent.parent&container_width=250&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftruthmall%2F&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fce5f97fd598af67ab4107b3d354475f08acbc2ce2f4e7b06f60b0f170a9d54b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1487023451
date
Thu, 23 Mar 2023 16:57:54 GMT
x-fb-trip-id
548340344
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 25 Jan 2023 22:29:40 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=4145205194
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3752246249
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4094
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame ACE5 		573 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/1,cross/0Gf-kTFII7p.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/1,cross/0Gf-kTFII7p.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
ZVrF1uG8Uqjo/bHRV2SRagobQm27WQ+gOuZPtaxaq2L5+QzYrdliTDdZ5BzbGuv2v+rQz6W/aENZhmxtBBFZUQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Fri, 08 Mar 2024 19:40:32 GMT
Wtl6tMxz2hH.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame ACE5 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/yevvHF9BwSs.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zreoT9hZjaMMYMRJ1AEzzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8978
x-fb-rlafr
0
x-fb-debug
uTjK56aSzG6njkmTDOW2G5r3Rz/jSj4ukR/XZn1PWLLymGtyPkyIv9XrUKASK+pD4hCKI44vJPCtFIpPyMFxOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 11 Mar 2024 14:43:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p6.yokacdn.com
URL
https://p6.yokacdn.com/pic/div/2015/products/yoka/img/footer_b.jpg

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| STYLEID string| STATICURL string| IMGDIR string| VERHASH string| charset string| discuz_uid string| cookiepre string| cookiedomain string| cookiepath string| showusercard string| attackevasive string| disallowfloat string| creditnotice string| defaultstyle string| REPORTURL string| SITEURL string| JSPATH string| CSSPATH string| DYNAMICURL function| $ function| $C function| _attachEvent function| _detachEvent function| browserVersion function| getEvent function| isUndefined function| in_array function| trim function| strlen function| mb_strlen function| mb_cutstr function| preg_replace function| htmlspecialchars function| display function| checkall function| setcookie function| getcookie function| Ajax function| getHost function| hostconvert function| newfunction function| evalscript function| safescript function| $F function| appendscript function| hash function| stringxor function| ajaxupdateevents function| ajaxupdateevent function| ajaxget function| ajaxpost function| ajaxmenu function| ajaxinnerhtml function| showPreview function| showloading function| doane function| loadcss function| showMenu object| delayShowST function| delayShow boolean| dragMenuDisabled function| dragMenu function| setMenuPosition function| hideMenu function| getCurrentStyle function| fetchOffset function| showTip function| showPrompt function| showCreditPrompt object| showDialogST function| showDialog function| showWindow function| showError function| hideWindow function| AC_FL_RunContent function| AC_GetArgs function| simulateSelect function| switchTab function| imageRotate function| thumbImg number| zoomstatus function| zoom function| showselect function| showColorBox function| ctrlEnter function| parseurl function| codetag function| saveUserdata function| loadUserdata function| initTab function| openDiy function| hasClass function| addClass function| removeClass function| toggleClass function| runslideshow function| toggle_collapse function| updatestring function| getClipboardData function| setCopy function| copycode function| showdistrict function| setDoodle function| initSearchmenu function| searchFocus function| extstyle function| widthauto object| secST function| updatesecqaa function| updateseccode function| checksec function| createPalette function| showForummenu function| showUserApp function| cardInit function| navShow function| strLenCalc function| pluginNotice function| ipNotice function| noticeTitle function| noticeTitleFlash function| relatedlinks function| con_handle_response function| showTopLink function| showCreditmenu function| showUpgradeinfo function| addFavorite function| setHomepage function| setShortcut function| smilies_show function| showfocus function| rateStarHover function| rateStarSet function| img_onmouseoverfunc function| toggleBlind function| checkBlind function| getElementOffset function| mobileplayer function| appendstyle function| detectHtml5Support function| detectPlayer function| tradionalPlayer function| html5Player function| html5APlayer function| html5DPlayer object| BROWSER string| USERAGENT object| CSSLOADED object| JSLOADED object| JSMENU object| CURRENTSTYPE object| EXTRAFUNC string| EXTRASTR object| DISCUZCODE boolean| USERABOUT_BOX object| USERCARDST string| CLIPBOARDSWFDATA object| NOTICETITLE string| NOTICECURTITLE object| safescripts object| evalscripts object| HTML5PLAYER object| HTMLNODE number| note_step string| note_oldtitle undefined| note_timer function| addSort function| addOption function| blogAddOption function| blogCancelAddOption function| checkAll function| cnCode function| getExt function| resizeImg function| zoomTextarea function| ischeck function| copyRow function| delRow function| insertWebImg function| checkFocus function| insertImage function| insertContent function| checkImage function| stopMusic function| showFlash function| startMarquee function| readfeed function| showreward function| msgwin function| showmsgwin function| displayOpacity function| urlto function| explode function| selector function| showBlock function| resizeTx function| showFace function| insertFace function| wall_add function| share_add function| comment_add function| comment_edit function| comment_delete function| share_delete function| friend_delete function| friend_changegroup function| friend_changegroupname function| post_add function| post_edit function| post_delete function| poke_send function| myfriend_post function| myfriend_ignore function| mtag_join function| resend_mail function| docomment_get function| docomment_colse function| docomment_form function| docomment_form_close function| feedcomment_get function| feedcomment_add function| feedcomment_close function| feed_post_result function| feed_more_show function| feed_more_close function| poll_post_result function| show_click function| feed_menu function| showbirthday function| magicColor function| passwordShow function| getgroup function| pmsendappend function| succeedhandle_pmsend function| getchatpmappendmember function| markreadpm function| setpmstatus function| changedeletedpm function| changeOrderRange function| addBlockLink function| checkSynSignature function| searchpostbyusername function| removeVisitor function| succeedhandle_followmod object| FB object| __buffer function| jQuery function| KUZHAN_JQ

6 Cookies

Domain/Path Name / Value
www.truthmall.com/ Name: K2OD_2132_saltkey
Value: oJnKpTGC
www.truthmall.com/ Name: K2OD_2132_lastvisit
Value: 1679587070
www.truthmall.com/ Name: K2OD_2132_home_diymode
Value: 1
www.truthmall.com/ Name: K2OD_2132_sid
Value: z770Gn
www.truthmall.com/ Name: K2OD_2132_lastact
Value: 1679590671%09home.php%09misc
www.truthmall.com/ Name: K2OD_2132_sendmail
Value: 1

7 Console Messages

Source Level URL
Text
network error URL: https://www.truthmall.com/data/cache/style_4_common.css?AVp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.truthmall.com/data/cache/style_4_css_space.css?AVp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.truthmall.com/data/cache/style_4_home_space.css?AVp
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://www.truthmall.com/home.php?mod=space&uid=1193063
Message:
Mixed Content: The page at 'https://www.truthmall.com/home.php?mod=space&uid=1193063' was loaded over HTTPS, but requested an insecure element 'http://p6.yokacdn.com/pic/div/2015/products/yoka/img/footer_b.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.truthmall.com/template/kuzhan_yoka/assets/css/template/kuzhan_yoka/assets/images/ft_wx.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.truthmall.com/template/kuzhan_yoka/assets/css/template/kuzhan_yoka/assets/images/ft_app.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://p6.yokacdn.com/pic/div/2015/products/yoka/img/footer_b.jpg
Message:
Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
connect.facebook.net
p6.yokacdn.com
scontent-sin6-1.xx.fbcdn.net
scontent-sin6-4.xx.fbcdn.net
static.xx.fbcdn.net
www.facebook.com
www.truthmall.com
p6.yokacdn.com
2606:4700:3031::6815:5ed8
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
47.246.12.254
028df747056a47d9d9540419fa1dfcd4f8f1ab22d8c1ed8def5f7d7ab195f8bd
03ebc4fb00a535238bd10f66b50da1246c2c4d327007f16d33543bc74c8ef747
0669cc57ac7ddcb41555828b5ec4179b672be0ae59d5457171ff1571577b1970
09ce53d44255508303e33d5dba725b7b098bdd5983dab9d1d60ba6dfd4122fe8
0d6f7cfd13e88f22990eedcc6d91941a30e82eb486c445dcf4bb693a76ae9dd2
1844aaf57fca7f81c1c9f7b42a12ce3a5a05041551a5b2998076bf689711efee
1a5cd95cf9280f8a1a5a9878ae997081f853e64d1a015a00ffca17811fb0d0da
434da4efc474ff9829655a6135f3c0371f04c2538a9d672b24bf4de61c413a0c
472420dbe959bf5ca8f69e8b47ff306462e43d14dc66d0bb006ac4c86df8842c
496bdf2635c9f9494f51d0ba63c8a43e5b6dfb7c88b4426e6a56f577d945e3e9
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2
814fad1f2b53d22a3841b31f32f9907077c2a558116a965ae2e5dbb6e83d1b2a
8a682973c518ee106d2625712efcf6942f5a5e1aa6c97bc94e7337d9c49fbbf5
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9f531c572327f05e8b4ddd80fbd92f31004ad68764d127243921c8552cd45298
b78537082b3fd5a8f7c53629fe42eecce927fbae317f7d62c3078d1255edd5a1
c0920c17fb10d6d267d0ec72b269e4dbf607cde91926dede4930cca5c1e97ee9
c635c912ba9733198469ad7605241fed85e5307fea5903125ee10cf3a332ac29
cc5f9f640f0f54b1d843d73ec82fcde30505a26c11d0204df4f242636574c102
cd69690631482c71244b2eb15831ad155cd17555786179eddc6ce025f4cbd9ae
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d643d2559b7b1b11493bc0d8b0f2074f4afab1471d9685915e4bf73a97e93625
de5a800c9b19397d79fd81515f6cfebfc30c332e224b039466a34763145db948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2db936c03e5a022485e46ee9a7ef05c7583a33766369d229899c8c3be663a2c
f6471b61cfcc06684ae3a73bc9ddcf8906543e449a51220de66aaa3dc316215b
fce5f97fd598af67ab4107b3d354475f08acbc2ce2f4e7b06f60b0f170a9d54b
ffe3fa54fddff49868298c74d875f4c3332485cb17293999936834c8b7de8183