scontent.frba1-2.fna.fbcdn.net Open in urlscan Pro
2c0f:fb20:1:6:face:b00c:0:a7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scontent.frba1-2.fna.fbcdn.net/v/t39.30808-6/411488555_325029850452117_2968193124738542321_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=36...
Submission Tags: phishing malicious Search All
Submission: On December 19 via api (December 19th 2023, 2:35:11 pm UTC) from NL — Scanned from NL

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 2c0f:fb20:1:6:face:b00c:0:a7, located in Morocco and belongs to ASMedi, MA. The main domain is scontent.frba1-2.fna.fbcdn.net. The Cisco Umbrella rank of the primary domain is 979238.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 3rd 2023. Valid for: 3 months.

This is the only time scontent.frba1-2.fna.fbcdn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	2c0f:fb20:1:6... 2c0f:fb20:1:6:face:b00c:0:a7		36925 (ASMedi) (ASMedi)
1	1

1 2c0f:fb20:1:6:face:b00c:0:a7 (Morocco)

ASN36925 (ASMedi, MA)

scontent.frba1-2.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	fbcdn.net scontent.frba1-2.fna.fbcdn.net — Cisco Umbrella Rank: 979238	1 KB
1	1

	Domain	Requested by
1	scontent.frba1-2.fna.fbcdn.net
1	1

This site contains no links.

Subject Issuer	Validity	Valid
*.frba1-2.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-11-03` - `2024-02-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://scontent.frba1-2.fna.fbcdn.net/v/t39.30808-6/411488555_325029850452117_2968193124738542321_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=3635dc&_nc_eui2=AeEdz0embZGpJimsWuXEYmJRzNJzEjNWNg3M0nMSM1Y2DUW9xVmJO21JpYqej9_DYKNt1MDchJLpl0H7X599GiOm&_nc_ohc=VkGva7B7G
Frame ID: 469B43196FD4AF43CAD85A1A8F394EC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request 411488555_325029850452117_2968193124738542321_n.jpg Show response scontent.frba1-2.fna.fbcdn.net/v/t39.30808-6/	12 B 1 KB	766ms 363ms	Document text/plain	2c0f:fb20:1:6:face:b00c:0:a7 ASMedi
General Check archive.org Show headers Download Go to Full URL https://scontent.frba1-2.fna.fbcdn.net/v/t39.30808-6/411488555_325029850452117_2968193124738542321_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=3635dc&_nc_eui2=AeEdz0embZGpJimsWuXEYmJRzNJzEjNWNg3M0nMSM1Y2DUW9xVmJO21JpYqej9_DYKNt1MDchJLpl0H7X599GiOm&_nc_ohc=VkGva7B7G Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2c0f:fb20:1:6:face:b00c:0:a7 , Morocco, ASN36925 (ASMedi, MA), Reverse DNS Software proxygen-bolt / Resource Hash `621e08122615f6fd8f55d78505b430fd8bd081084cd8d4d6a15b574f03dce2df` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 12 content-type text/plain date Tue, 19 Dec 2023 14:35:05 GMT proxy-status http_request_error; e_clientaddr="AcIFiujDq_bXCra_WOmKsdzWY1bdZGqKzoQsWZZuK8mSSz8xlR8UL9nz6r3GThWtqRUW7dxE0iWop5ZHxDKI2uYLdcQXv_ViGVIe2WfI"; e_fb_vipport="AcKr2CDFkCMn7ZRNCy3mTUrAE8EmVM5Hl7tW2ZisveVPtnthwPurVt8AGNil"; e_fb_hostheader="AcJ3b1aLOiL1xkvLEKib58Dm48QVhGQ6KJVZN2fSCPdwgkQ01BIRFdhd01ZTSVaZ_CLJPiazBnDPKBZ8MINJFQQ_l6Ou8gw6"; e_fb_vipaddr="AcJrL7Ctl5fLrAgF3m_Lu0TPn7VrVGSjkogVMbm9sieeAcyxNCmlSrdOS6PRJsajEAjHIYL3rAICtLnhT-e0tPyHFyMfIQ"; e_fb_requesthandler="AcLPXDyeva1WoatglzgtIMh3j6K7k2NkwxxMy97h0otC_pnRCr_TcsWeOrn8SAq92-NtgQUN-3XLgwCW"; e_fb_builduser="AcIHq5GHTwXG88mWzP6lGVIDA5o6sXDZBR-hLSL-i8SFghGf3b_Zn5RVz0RI-7QdAOo"; e_fb_binaryversion="AcJuHhvm3aRhdan1537IA8fCdJa_VQbFUAJ-Ii3a8woUgMGcLwObKh8lODgc-eLVPIE3vRBWUpUrDzFccaK_Zb5aempeOTLViF0"; e_proxy="AcLaERGTXjk5SaJ_qTf3X3C1ZZl5ENxHJM2DPCtOcIfX082Uxa6myF6xIIws3IDmZo5fZHfSyvcm", http_request_error; e_clientaddr="AcLrYtUOj0z_p6OCAG3Gm6OIyV1Tos6qSoemJLaId1_ymgBiYVEGDGpHfa0tX_hGDX58pp3GDzZubfq0KFtGg5gfhw4scqtn0o4Hv7cA"; e_fb_vipport="AcKFqDLndqwwalbV_xn8zcih0M-UNvQDUrgRvO3cwo9ZMU4OF716u7JkIU8B"; e_fb_hostheader="AcIzq7G1JtMiWZgy-6wH8YyTSoFUDDwcBRwt0-MLe_gAZNglpK-VLfqn7EMgjv2nk5xxyyss5A-Kgk1zprvOHysAvpA4V_By"; e_fb_vipaddr="AcKLwQ-3lJFf4IEXXa5ObzTNNNB9WvLPxQW8ADbwIEezXJQsA7UgLeTBlk5f4-zly-Zhx0uulsd3NOdYasUw5oUK-d6S7w"; e_fb_requesthandler="AcIQ0lBARiP5hCFVGsBDXEZDDcfaBYLquFnatBisCWJb-vcD4uMd6lFH9G0UoIP05UhcNcwCw878XWND"; e_fb_builduser="AcJtT1f7ZokAQrb9esicvZavkXfUtQhvkabSetavUupm1LPPZ1S02EBR5uJcXuqav4w"; e_fb_binaryversion="AcLWBgXdoo3rasAK7tgQ3gYhfXGEnp0K2FMJeM9PuHCnY_Fw3y1nfJT4iBpescTfo6QTIa9nCP1joOQv-EwH4zL9WKEph7pvcIg"; e_proxy="AcIbyhOk2pMPCHjg3hnaJ7Zr_a5Y0-xr7SoA-9SMlDI4DVU6NvmjLBELXu3I3UpCxvp3b4ncHb0h" server proxygen-bolt

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scontent.frba1-2.fna.fbcdn.net/v/t39.30808-6/411488555_325029850452117_2968193124738542321_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=3635dc&_nc_eui2=AeEdz0embZGpJimsWuXEYmJRzNJzEjNWNg3M0nMSM1Y2DUW9xVmJO21JpYqej9_DYKNt1MDchJLpl0H7X599GiOm&_nc_ohc=VkGva7B7G Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

scontent.frba1-2.fna.fbcdn.net
2c0f:fb20:1:6:face:b00c:0:a7
621e08122615f6fd8f55d78505b430fd8bd081084cd8d4d6a15b574f03dce2df

scontent.frba1-2.fna.fbcdn.net Open in urlscan Pro 2c0f:fb20:1:6:face:b00c:0:a7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

1 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

scontent.frba1-2.fna.fbcdn.net Open in urlscan Pro
2c0f:fb20:1:6:face:b00c:0:a7 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions
0 data transactions