urlscan.io logo urlscan.io
SecurityTrails logo

facebook.marketpplace.casa Open in urlscan Pro
198.54.125.171  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Submission: On January 30 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 198.54.125.171, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is facebook.marketpplace.casa.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 13th 2020. Valid for: a year.
This is the only time facebook.marketpplace.casa was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 198.54.125.171 22612 (NAMECHEAP...)
14 2a03:2880:f01... 32934 (FACEBOOK)
2 3 2a03:2880:f11... 32934 (FACEBOOK)
16 3
Apex Domain
Subdomains		 Transfer
15 fbcdn.net
static.xx.fbcdn.net
fbcdn.net
282 KB
1 fbsbx.com
fbsbx.com
755 B
1 facebook.com
facebook.com
350 B
1 marketpplace.casa
facebook.marketpplace.casa
31 KB
16 4
Domain Requested by
14 static.xx.fbcdn.net facebook.marketpplace.casa
1 fbsbx.com facebook.marketpplace.casa
1 fbcdn.net 1 redirects
1 facebook.com 1 redirects
1 facebook.marketpplace.casa
16 5

This site contains no links.

Subject Issuer Validity Valid
facebook.marketpplace.casa
Sectigo RSA Domain Validation Secure Server CA		 2020-01-13 -
2021-01-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2019-12-11 -
2020-03-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://facebook.marketpplace.casa/item/2243435399031390/
Frame ID: 1C2ACF4B2C0FA20712E9E9A3CCAC42D3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

313 kB
Transfer

1219 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
  • https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
  • https://fbsbx.com/security/hsts-pixel.gif

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
facebook.marketpplace.casa/item/2243435399031390/ 		234 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server261-3.web-hosting.com
Software
Apache / PHP/7.2.26
Resource Hash
3d1f02b7701efcab8e94579171f76550957277b1562477e8ad5ae6a9e8ac4979

Request headers

:method
GET
:authority
facebook.marketpplace.casa
:scheme
https
:path
/item/2243435399031390/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 30 Jan 2020 12:20:04 GMT
server
Apache
x-powered-by
PHP/7.2.26
vary
Accept-Encoding
content-encoding
gzip
content-length
31213
content-type
text/html; charset=UTF-8
bxrgh5LjyGF.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/bxrgh5LjyGF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91ab33f624fafcef6a5ca965ded3d6f5c011882cf1df85c91f55d5c203266600
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0PC72hnyYe41YNj5MgZzGA==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
10752
x-fb-debug
4VXz/biPeRw2DI3CuwkqpsaJiOI4xlNTFxFPW7pSWMLQkBApPXx0OYYbswmD88sIJ0GPUOP4W/0zQm3EmYTHLQ==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
8gq-vs7Rs9q.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ 		36 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/8gq-vs7Rs9q.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fddaa7045ecd7ddb8e19569a527a02e09cbe51af0cd8a667b811fe5550d71d9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LkKR15efW1/7cjKor0eNLg==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
9662
x-fb-debug
klrNnMBcC/CFZwGfU54gB1TnBDqT3qUXbo+4MQm0QDQ7INPrkMxsXXv8P19hMkF9/QPnSclmwOCjUxjmpDBvyw==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
sCxD2Ck1gBn.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 		196 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/sCxD2Ck1gBn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72279ecc26de98c44e8db257c5123e9f4c1124d9eec67ea3de7ad3fa16db136e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
voFbqb9KbNv+6GbNYzZOwQ==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
53335
x-fb-debug
skCbUvc7A5wp4ytL/oHbfRsIQqO7rfdFN+X3aM7Dx8d2e3aUHBhin005YWNovnyJx61t+ATihhQILnBbfD2lMg==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
pKMxOJfEUEz.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/pKMxOJfEUEz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ca2f2388be1baea43cdde5259748eb6786e7b09b5f94843c0e969c59851e970
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mZrADtzL8CMJLQpdct8jmA==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
13213
x-fb-debug
Z+LOstBBErxmsTaLMZCs7TeC+yjMkiZ7hifLdurRN0fby+suOkLXyMLvfM3oC36TlDSb3dpp3DfJG03x9laQ/w==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 19:02:45 GMT
lPjG7ToBEmE.js
static.xx.fbcdn.net/rsrc.php/v3ikP64/y2/l/en_US/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ikP64/y2/l/en_US/lPjG7ToBEmE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab899fd3dd92e6973e6f936daf1fff152472c5925fc9c83044a6a85b18d0531c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EABK6unAnd7UyR0KcaMx0g==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
15984
x-fb-debug
e50IM907Ge1Zq9qTyXZ9ODooFPnTpHzqqKpPiFnWQJ0mVwl3X+voS0xEVEZ3qdBOtaxggD9exxl3xWTHRHaIZQ==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
sbQu0TSx9tt.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/sbQu0TSx9tt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a61d88c269431fd18e4c36caafcf2ee7381d9a2bd5ea88389e9c7a611bb0f65c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vceLDiIr8IP4Y8LYAtshUg==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
21692
x-fb-debug
Sif/MwWkcawWqZJeBarDjJCCXROrUCtafyp/WYkT6N+6B75wLKeqVEqtG7gn/6GB6TBxCPCWe4JmPISaY/chgw==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
8kAspuyt0JA.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/8kAspuyt0JA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3103fda556b55b407b1c425bf0ce2762c379f2eef7f7f7a9cc2e067575c6a9df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vSRjtQEGUvhYC/v7ApMoAA==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
13703
x-fb-debug
Uh2gv8ABQlmmzWtHvPkkF6NSMAsMEA6hVUmrp910dT4k1H9hXcqh2mDwa3gFCZAxAS+RSVlWq+PtVBeg1qG8Fg==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
9BXC3AiqKRf.js
static.xx.fbcdn.net/rsrc.php/v3ih-D4/yG/l/en_US/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ih-D4/yG/l/en_US/9BXC3AiqKRf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4618b3e184a896a642ace84c6fdc9f97e8c6208f9686615de31ba881c8e30da0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lq+tnqiEhtdzCI3lppGl1w==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
8271
x-fb-debug
LVGGVdMoBYhyck8MY+LmgTLYzZd/eprnCghVuJHImsskWbfKsT8wUWILNA+ftVxyfturEszZgMBg+B+sVc+jPg==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
FrHUKzyMPvS.js
static.xx.fbcdn.net/rsrc.php/v3inQB4/yJ/l/en_US/ 		97 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3inQB4/yJ/l/en_US/FrHUKzyMPvS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ff6d229036ef1e9664afceb0006aeb3262d6381a7421e36dbb352a677a973b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sj+qeL3mtFT7ruhp+lJ3Qg==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
21393
x-fb-debug
mE9/4vjwOzCiGv4w8xtQwUaxr//NHPYj7R+p7XO5zAo9kZVgQkAKvUtGOcP+2HQPpudoRZZQS54YROCVkXSCBg==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
v4WgC_pJT9B.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/v4WgC_pJT9B.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
VuFE1IsI0rAEnxjj26K/Bw==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
2375
x-fb-debug
o2ZZuK7gl9QwPsHgGPT3l6G1CiaQorU2UPY6xMtTXXi85AgvduUkJYWEDnIB7O16oW2zk/wQSSg5uVOV9tssSw==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 29 Jan 2021 03:32:00 GMT
hsts-pixel.gif
fbsbx.com/security/
Redirect Chain
  • https://facebook.com/security/hsts-pixel.gif?c=3.2
  • https://fbcdn.net/security/hsts-pixel.gif?c=2
  • https://fbsbx.com/security/hsts-pixel.gif
43 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbsbx.com/security/hsts-pixel.gif
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://facebook.marketpplace.casa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
R+4qDHsnUXSZo3T3wzzInDhVgFxDZF1DTRPqLf3MALmSaLhOR+syLaBrEeEdrS7MOaZve8il/wk72aXtmfJcRQ==
date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

x-fb-debug
nmr7fSnfnrpsj4mfZSTq2pVH6Rl/Ku+cDeVoM80RAlD4Ae8MzE82AA09/D3u05Z+fo//Tc+JBG/YedApA08J/Q==
access-control-allow-origin
*
date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
location
https://fbsbx.com/security/hsts-pixel.gif
content-type
text/html; charset="utf-8"
status
302
strict-transport-security
max-age=31536000; preload; includeSubDomains
alt-svc
h3-24=":443"; ma=3600
content-length
0
Czni-o864my.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/Czni-o864my.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
144a22bcb723683b8bf636e24a178fd099f3ae755f75ce2dd4c3710a8b4652ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KyZOEunsCUy6YSYAUHZAsQ==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
19018
x-fb-debug
e0Mnck/wBNVjaJv+Z30Qh0MCiw/66WjKlhTbikwNrlXa93PKXmzormL4Mf/aKgb7wAtiY5eTyTbCnra7YRtHQg==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
Qpqeng-LP6d.js
static.xx.fbcdn.net/rsrc.php/v3iK-b4/yz/l/en_US/ 		164 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iK-b4/yz/l/en_US/Qpqeng-LP6d.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fb483c03879c6038d6df7d87cdbf4d2240e2db7a907eeafcd1b13704bbd18b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wdyVJgPhstugrZR5no2XUQ==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
46128
x-fb-debug
3W/MlpU/FQg3JlMqFu75shxrRE+kRbjpeeQzaq5+KmuKUrw64SxmJN06GYwcvj2a7mE6Q3KGW/jS7oi/v4UINg==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
ucw9XxSI9ql.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ucw9XxSI9ql.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d14f89c68eea02c8459d34f1648370702f6f86f0044f6e20bb22a393cf76ce1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://facebook.marketpplace.casa/
Origin
https://facebook.marketpplace.casa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kqSU30hcMmnXvZzPw9yQaQ==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
21664
x-fb-debug
s7GtOq1/uOX8jrHOsNUcdq9y83dfv/MS7XEcJ315MrOdGxu6DLJnRgtiwgVs4a2eMMw9yiFdPtL2pPUnRU1T3A==
x-fb-trip-id
1850256238
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Jan 2021 12:11:36 GMT
-2_e3ML2w0e.png
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/-2_e3ML2w0e.png
Requested by
Host: facebook.marketpplace.casa
URL: https://facebook.marketpplace.casa/item/2243435399031390/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04a118609d761c99a168dde028e7894f9b3682ce016f4c416933a9263b533c3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/bxrgh5LjyGF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-fb-debug
+DxGABvE/9SBrewI8u4KwZc95+FJZui/0ob382syWM8PVvJcac7UBt95BKxtghuQTlPqsEacyOvhVBTPqUe0tg==
x-fb-trip-id
1850256238
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
RVZ0rWiynqJoPkSV05dOqg==
access-control-allow-origin
*
date
Thu, 30 Jan 2020 12:20:04 GMT, Thu, 30 Jan 2020 12:20:04 GMT
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
28386
expires
Wed, 27 Jan 2021 16:28:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| envFlush object| Env number| __DEV__ function| readCookie string| go_to undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| CavalryLogger function| __updateOrientation function| ProfilingCounters object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame

1 Cookies

Domain/Path Name / Value
.facebook.marketpplace.casa/ Name: wd
Value: 1585x1200

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/sCxD2Ck1gBn.js?_nc_x=Ij3Wp8lg5Kz(Line 51)
Message:
ErrorUtils caught an error: "Could not find element "forgot-password-link" from module "__elem_8a020238_0_0"". Subsequent errors won't be logged; see https://fburl.com/debugjs.