This is the work of Meta's notorious Pixel code. Notice it is being done on Google platforms.
"UPDATE: As of June 3rd 7:45 CEST, Meta/Facebook Pixel script is no longer sending any packets or requests to localhost. The code responsible for sending the _fbp cookie has been almost completely removed."
Local Mess: Disclosure: Covert Web-to-App Tracking via Localhost on Android https://localmess.github.io/ #Android
Ars Technica: Meta and Yandex are de-anonymizing Android users’ web browsing identifiers https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/ nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqsu4t3c2h2fl2ws6hfcnn5r7jdn87qvhvaafe5uv3hcwygxz3rjss4mvvfe (nprofile…vvfe) #privacy #Meta #Chrome #Google
AAKL /
npub1qz…xt5d9
2025-06-03 17:24:35
Author Public Key
npub1qz3786gqj0jxu7nnqev682ftzw45nrg7g7cwa7ajsjujhfsefdpslxt5d9Seen on
wss://relay.mostr.pubPublished at
2025-06-03 17:24:35Event JSON
{
"id": "3429d9c40250fdcb9a48d558d3c2711f2fd1e8c9ba7ab078567cd84810dc2301",
"pubkey": "00a3e3e90093e46e7a730659a3a92b13ab498d1e47b0eefbb284b92ba6194b43",
"created_at": 1748971475,
"kind": 1,
"tags": [
[
"p",
"872ab8e157527ea743574e273a0fd26ccfe032ecef539a7191be1c4418511ca1",
"wss://relay.mostr.pub"
],
[
"p",
"509c345f0518ca1421ba9f26a98ac6b0b6f884b1874ed9c20320fd41158313e4",
"wss://relay.mostr.pub"
],
[
"t",
"android"
],
[
"t",
"privacy"
],
[
"t",
"meta"
],
[
"t",
"chrome"
],
[
"t",
"google"
],
[
"proxy",
"https://infosec.exchange/users/AAKL/statuses/114620594614646291",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.mostr.pub"
]
],
"content": "This is the work of Meta's notorious Pixel code. Notice it is being done on Google platforms.\n\n\"UPDATE: As of June 3rd 7:45 CEST, Meta/Facebook Pixel script is no longer sending any packets or requests to localhost. The code responsible for sending the _fbp cookie has been almost completely removed.\"\n\nLocal Mess: Disclosure: Covert Web-to-App Tracking via Localhost on Android https://localmess.github.io/ #Android \n\nArs Technica: Meta and Yandex are de-anonymizing Android users’ web browsing identifiers https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/ nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqsu4t3c2h2fl2ws6hfcnn5r7jdn87qvhvaafe5uv3hcwygxz3rjss4mvvfe #privacy #Meta #Chrome #Google",
"sig": "039cb27c967965c4b5f8654307eaa95c8f71772e14517aad8a49cb19d3512156376511cf36695bb7957d93f1f6e6c3ba40a7fabb2593b155425aff6b46c93df1"
}