4

I recently received a Facebook page link, with a weird querystring payload. The payload was in the form:

?\__xts__[0]=68.XXXXXXXXXXX....

where XXX were random characters (looks like base64, but couldn't decode it).

I googled for: "facebook __xts" and there are several results and pages containing similar querystrings. all start with \__xts__[0]=68.

Is it a Facebook SEO bug or malicious links?

schroeder
  • 129,372
  • 55
  • 299
  • 340
pkExec
  • 163
  • 5
  • 1
    As you can see from any more recent searches, this is now the new normal for Facebook. The change appears to have occurred 6 days before you posted. So, I'm closing as it was new and odd at the time of posting, but no longer a source of concern. – schroeder Aug 27 '19 at 15:59

1 Answers1

-1

According to github discussions 1 these urls (with the xts param, which is an abbrivation for eXtensible Time Series 2) are likely to track activity. The long string is a unique identifier of the post.

tungsten
  • 421
  • 1
  • 5
  • 19
  • 1
    I don't think xts stands for eXtensible Time Series. It sure doesn't look like it has the structure from the link you provided. – pkExec Aug 27 '19 at 05:10
  • @pkExec Structure like what? – tungsten Aug 27 '19 at 11:21
  • XTS is not "eXtensible Time Series" as your own link describes. The long string is not a "unique identifier of the post" as the RSS Bridge link you included describes and is easily tested ("changes on each request"). So, all you are left with is "likely to track activity", which has no support and is pure speculation. – schroeder Aug 27 '19 at 15:57