visifair-bookings.messe-stuttgart.de
Open in
urlscan Pro
20.224.95.16
Public Scan
Effective URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 04 via api from IT — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 3rd 2024. Valid for: 3 months.
This is the only time visifair-bookings.messe-stuttgart.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 20.224.95.16 20.224.95.16 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 1 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
visifair-bookings.messe-stuttgart.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
messe-stuttgart.de
1 redirects
visifair-bookings.messe-stuttgart.de |
2 MB |
9 | 1 |
Domain | Requested by | |
---|---|---|
10 | visifair-bookings.messe-stuttgart.de |
1 redirects
visifair-bookings.messe-stuttgart.de
|
9 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.visifair.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
visifair-bookings.messe-stuttgart.de R3 |
2024-05-03 - 2024-08-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Frame ID: 394FAD00D5FE3406D06072381439EF51
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Einloggen ยท VisiFair BuchungsportalPage URL History Show full URLs
-
https://visifair-bookings.messe-stuttgart.de/de_DE/events/
HTTP 302
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://visifair-bookings.messe-stuttgart.de/de_DE/events/
HTTP 302
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
visifair-bookings.messe-stuttgart.de/Security/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/ |
373 KB 93 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Messe_Stuttgart_Logo-v2.png
visifair-bookings.messe-stuttgart.de/assets/Uploads/ |
90 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_vf.svg
visifair-bookings.messe-stuttgart.de/_resources/app/client/src/images/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.js
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/js/ |
352 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messe-stuttgart-v2.jpg
visifair-bookings.messe-stuttgart.de/assets/Uploads/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfa-solid-900.woff2
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/fonts/vendor/@fortawesome/fontawesome-pro/ |
313 KB 313 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avenir-next-lms-w01-regular.woff2
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/fonts/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
visifair-bookings.messe-stuttgart.de/ |
15 KB 5 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Pace object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| flatpickr object| theme1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
visifair-bookings.messe-stuttgart.de/ | Name: PHPSESSID Value: kdkb7itbc0kib16fg4bhbsumnt |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
visifair-bookings.messe-stuttgart.de
20.224.95.16
1f490e773e97b9e3b8e7d1beba668ef979c1dcca6740c59a1bd6c5a5f34e047b
2bcdd2e7105a38ef043a1d7b174e9875762e8f571cf655f5c2a397499916f20c
3ce9858e0350948d114834bfc9d5a2b5da2c943672450c7dba3dc4ddc35a2eaf
3f58a1c4119e3ac290890eb9526e543f305e033f2fccae985bb0e0486c8d0b44
4d799bd1c960aec3dfdefa3b45c5ea32839b982a3f8337a048e1e863cd23b37b
9ba675b26f4d2456f9ac28113b14538c9c7e1ad48bb4b28aa6389b1cd8ac544f
b3fb62e399df7b2c0683498e02da7b8b937b2178dcfa5f092392c5a5db109290
c9c683b7e51c9d70e6e2925b052330733a412aafac99d3153f3aba347b1991f4
e29b88d9b30c35a150e3955a0a94be9a8054bd541187d9ee007e9c4c9c35162e