urlscan.io logo urlscan.io
SecurityTrails logo

scontent-cdt1-1.xx.fbcdn.net Open in urlscan Pro
2a03:2880:f030:13:face:b00c:0:3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe
Effective URL: https://scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/WhatsAppSetup.exe?_nc_cat=1&cc...
Submission: On February 22 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2a03:2880:f030:13:face:b00c:0:3, located in France and belongs to FACEBOOK, US. The main domain is scontent-cdt1-1.xx.fbcdn.net. The Cisco Umbrella rank of the primary domain is 20489.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on December 1st 2022. Valid for: 3 months.
This is the only time scontent-cdt1-1.xx.fbcdn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete WhatsAppSetup.exe 154 MB
Size: 154 MB (161239776 bytes, 0% done)
Downloaded from: https://scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/WhatsAppSetup.exe?_nc_cat=1&ccb=1-7&_nc_sid=3ded0d&_nc_ohc=TJ6_85CXaQsAX_49C8q&_nc_ht=scontent-cdt1-1.xx&oh=00_AfAQSnTEBLqRcuroIqc4GaeCo7tKYB0pKCVmWQ5T5CVPEw&oe=63FB92C3

Domain & IP information

IP Address AS Autonomous System
1 1 2a03:2880:f21... 32934 (FACEBOOK)
1 2a03:2880:f03... 32934 (FACEBOOK)
1 1
Apex Domain
Subdomains		 Transfer
1 fbcdn.net
scontent-cdt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 20489
1 whatsapp.com
web.whatsapp.com — Cisco Umbrella Rank: 2345
2 KB
1 2
Domain Requested by
1 scontent-cdt1-1.xx.fbcdn.net
1 web.whatsapp.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-12-01 -
2023-03-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/WhatsAppSetup.exe?_nc_cat=1&ccb=1-7&_nc_sid=3ded0d&_nc_ohc=TJ6_85CXaQsAX_49C8q&_nc_ht=scontent-cdt1-1.xx&oh=00_AfAQSnTEBLqRcuroIqc4GaeCo7tKYB0pKCVmWQ5T5CVPEw&oe=63FB92C3
Frame ID: 5FBEF6DC0CC00C07DD151A720FD111DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request WhatsAppSetup.exe
scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/
Redirect Chain
  • https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe
  • https://scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/WhatsAppSetup.exe?_nc_cat=1&ccb=1-7&_nc_sid=3ded0d&_nc_ohc=TJ6_85CXaQsAX_49C8q&_nc_ht=scontent...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/WhatsAppSetup.exe?_nc_cat=1&ccb=1-7&_nc_sid=3ded0d&_nc_ohc=TJ6_85CXaQsAX_49C8q&_nc_ht=scontent-cdt1-1.xx&oh=00_AfAQSnTEBLqRcuroIqc4GaeCo7tKYB0pKCVmWQ5T5CVPEw&oe=63FB92C3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600, no-transform
content-length
161239776
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 13:07:22 GMT
last-modified
Sun, 19 Feb 2023 00:19:20 GMT
timing-allow-origin
*
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:206:HS_ERANGE_SUCCESS

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=180
content-length
0
content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com https://api.search.live.net https://maps.googleapis.com https://www.youtube.com https://s.ytimg.com;style-src 'self' data: blob: 'unsafe-inline' https://fonts.googleapis.com;connect-src 'self' data: blob: https://*.whatsapp.net https://www.facebook.com https://*.giphy.com https://*.tenor.co https://crashlogs.whatsapp.net/wa_clb_data https://crashlogs.whatsapp.net/wa_fls_upload_check https://www.bingapis.com/api/v6/images/search https://*.google-analytics.com wss://*.web.whatsapp.com wss://web.whatsapp.com https://www.whatsapp.com https://dyn.web.whatsapp.com https://graph.whatsapp.com/graphql/;font-src data: 'self' https://fonts.googleapis.com https://fonts.gstatic.com;img-src 'self' data: blob: *;media-src 'self' data: blob: https://*.whatsapp.net https://*.giphy.com https://*.tenor.co https://*.cdninstagram.com https://*.streamable.com https://*.sharechat.com https://*.fbcdn.net mediastream:;child-src 'self' data: blob:;frame-src 'self' data: blob: https://www.youtube.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 22 Feb 2023 13:07:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://scontent-cdt1-1.xx.fbcdn.net/v/t39.16592-6/10000000_1108631330537188_6641553101190814364_n.exe/WhatsAppSetup.exe?_nc_cat=1&ccb=1-7&_nc_sid=3ded0d&_nc_ohc=TJ6_85CXaQsAX_49C8q&_nc_ht=scontent-cdt1-1.xx&oh=00_AfAQSnTEBLqRcuroIqc4GaeCo7tKYB0pKCVmWQ5T5CVPEw&oe=63FB92C3
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-type-options
nosniff
x-fb-debug
X15pEfKMjHzztamfJRmN2NvQ5Im3GmXQQTftZUh7uJTJGIhHqnX3dhvIR9N+CZWsehkX4Etb8TuIvzm/ywBnoA==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

scontent-cdt1-1.xx.fbcdn.net
web.whatsapp.com
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f21c:81c5:face:b00c:0:167