urlscan.io logo urlscan.io
SecurityTrails logo

facebook.marketplace.shopping Open in urlscan Pro
212.44.102.97  Public Scan

Go To Rescan Add Verdict Report
URL: https://facebook.marketplace.shopping/
Submission Tags: @phishunt_io
Submission: On January 17 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 212.44.102.97, located in Slovenia and belongs to SEEWEB Web hosting, colocation and cloud services, IT. The main domain is facebook.marketplace.shopping.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 17th 2021. Valid for: 3 months.
This is the only time facebook.marketplace.shopping was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 212.44.102.97 12637 (SEEWEB We...)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a03:2880:f12... 32934 (FACEBOOK)
6 3
Domain Requested by
2 www.facebook.com facebook.marketplace.shopping
connect.facebook.net
2 connect.facebook.net facebook.marketplace.shopping
connect.facebook.net
2 facebook.marketplace.shopping facebook.marketplace.shopping
6 3

This site contains no links.

Subject Issuer Validity Valid
facebook.marketplace.shopping
cPanel, Inc. Certification Authority		 2021-01-17 -
2021-04-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://facebook.marketplace.shopping/
Frame ID: FE022E5E29D9AD65674BC6FF7D069E25
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v7.0/plugins/page.php?adapt_container_width=true&app_id=2151262104943316&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7da89c11e228%26domain%3Dfacebook.marketplace.shopping%26origin%3Dhttps%253A%252F%252Ffacebook.marketplace.shopping%252Ff204044fcac307c%26relation%3Dparent.parent&container_width=1600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwww.marketplace.shopping%2F&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline%2Cevents%2Cmessages&width=500
Frame ID: C95D63736507FB653A8C5CB690544D6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

64 kB
Transfer

204 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
facebook.marketplace.shopping/ 		1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://facebook.marketplace.shopping/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.97 , Slovenia, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
rcp-5.controlpanel.si
Software
Apache / PHP/5.4.45
Resource Hash
756fe60d2463731646c56ae010e792393f425d556001ea8b2d99537a43e1a777

Request headers

:method
GET
:authority
facebook.marketplace.shopping
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 18:17:36 GMT
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
632
content-type
text/html
set-cookie
PH_HPXY_CHECK=s1; path=/
cache-control
private
homepage_style.css
facebook.marketplace.shopping/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://facebook.marketplace.shopping/homepage_style.css
Requested by
Host: facebook.marketplace.shopping
URL: https://facebook.marketplace.shopping/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.97 , Slovenia, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
rcp-5.controlpanel.si
Software
Apache /
Resource Hash
83ccf907178f5b2fdfe6f4d2ee49bf6bafdd5dcd655d0aa7f423831268efd257

Request headers

Referer
https://facebook.marketplace.shopping/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 18:17:36 GMT
content-encoding
gzip
last-modified
Sun, 24 May 2020 18:36:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
1106
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: facebook.marketplace.shopping
URL: https://facebook.marketplace.shopping/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb6c96bbdc3d6513eff8ede3d8c083bdfc3e7f8d38c655bc6e3381a21289d104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://facebook.marketplace.shopping
Referer
https://facebook.marketplace.shopping/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
O5ZBRSDH0j0ySRS3V9va4w==
cross-origin-resource-policy
cross-origin
expires
Sun, 17 Jan 2021 18:23:53 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-ua-compatible
IE=edge
x-fb-debug
InbytNyBnNsjxEhXgV3VsTa/LT2nXPD7HFAXlbghNXlgpUMMqCjj7s3tsmIvUL8A3nuvaPy83Lxqy6Zo+EdZ6Q==
x-fb-trip-id
917726464
x-fb-content-md5
9cb7e03ca29323e4988c14a0788b41c0
date
Sun, 17 Jan 2021 18:17:36 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"26f129a9e9748b6756c0b007c4967b35"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/en_GB/ 		196 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=22f2df3d29f77e03215a09b3e4d75463&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
017d9efd7d666e6c68cc8602860fe3b10d884161f3113f44c2e998768af49144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://facebook.marketplace.shopping
Referer
https://facebook.marketplace.shopping/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
kEFnRKeY1+ev0ef59Cq5Dw==
cross-origin-resource-policy
cross-origin
expires
Mon, 17 Jan 2022 16:42:25 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60411
x-fb-rlafr
0
x-fb-debug
NoydMjTs+ZamGnElU2gHyx3yVdlWGQSiiYEahtQipkArB+IyRpqzPNcjwRDV71B1KaFn2EOIYPMyyTyyK4y5vA==
x-fb-trip-id
917726464
x-fb-content-md5
f588fb1a561bf6d4d68fb1ddc0e3179f
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 17 Jan 2021 18:17:36 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3f9e794f10c387d5c24dbb7583695e46"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2151262104943316&ev=fb_page_view&dl=https%3A%2F%2Ffacebook.marketplace.shopping%2F&rl=&if=false&ts=1610907456831&sw=1600&sh=1200&at=
Requested by
Host: facebook.marketplace.shopping
URL: https://facebook.marketplace.shopping/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://facebook.marketplace.shopping/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 18:17:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 17 Jan 2021 18:17:36 GMT
page.php
www.facebook.com/v7.0/plugins/ Frame C95D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v7.0/plugins/page.php?adapt_container_width=true&app_id=2151262104943316&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7da89c11e228%26domain%3Dfacebook.marketplace.shopping%26origin%3Dhttps%253A%252F%252Ffacebook.marketplace.shopping%252Ff204044fcac307c%26relation%3Dparent.parent&container_width=1600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwww.marketplace.shopping%2F&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline%2Cevents%2Cmessages&width=500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=22f2df3d29f77e03215a09b3e4d75463&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v7.0/plugins/page.php?adapt_container_width=true&app_id=2151262104943316&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7da89c11e228%26domain%3Dfacebook.marketplace.shopping%26origin%3Dhttps%253A%252F%252Ffacebook.marketplace.shopping%252Ff204044fcac307c%26relation%3Dparent.parent&container_width=1600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwww.marketplace.shopping%2F&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline%2Cevents%2Cmessages&width=500
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://facebook.marketplace.shopping/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0BilYjksbv98jxO4y..BgBH9A...1.0.BgBH9A.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://facebook.marketplace.shopping/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v7.0
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
7cmMNg96OgdizU9XJ6gvDVgHjopimMhX+lfwZOn+vui5pGkvZLzeJBmAkqy99jyjsltFFz2sCQJCk/O8wYCNjQ==
date
Sun, 17 Jan 2021 18:17:36 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| FB

1 Cookies

Domain/Path Name / Value
facebook.marketplace.shopping/ Name: PH_HPXY_CHECK
Value: s1