urlscan.io logo urlscan.io
SecurityTrails logo

visifair-bookings.messe-stuttgart.de Open in urlscan Pro
20.224.95.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://visifair-bookings.messe-stuttgart.de/de_DE/events/
Effective URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 04 via api from IT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 20.224.95.16, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is visifair-bookings.messe-stuttgart.de.
TLS certificate: Issued by R3 on May 3rd 2024. Valid for: 3 months.
This is the only time visifair-bookings.messe-stuttgart.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 20.224.95.16 8075 (MICROSOFT...)
9 1
Apex Domain
Subdomains		 Transfer
10 messe-stuttgart.de
visifair-bookings.messe-stuttgart.de
2 MB
9 1
Domain Requested by
10 visifair-bookings.messe-stuttgart.de 1 redirects visifair-bookings.messe-stuttgart.de
9 1

This site contains links to these domains. Also see Links.

Domain
www.visifair.com
Subject Issuer Validity Valid
visifair-bookings.messe-stuttgart.de
R3		 2024-05-03 -
2024-08-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Frame ID: 394FAD00D5FE3406D06072381439EF51
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Einloggen ยท VisiFair Buchungsportal

Page URL History Show full URLs

  1. https://visifair-bookings.messe-stuttgart.de/de_DE/events/ HTTP 302
    https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1964 kB
Transfer

2484 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://visifair-bookings.messe-stuttgart.de/de_DE/events/ HTTP 302
    https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
visifair-bookings.messe-stuttgart.de/Security/
Redirect Chain
  • https://visifair-bookings.messe-stuttgart.de/de_DE/events/
  • https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PHP/8.0.18
Resource Hash
9ba675b26f4d2456f9ac28113b14538c9c7e1ad48bb4b28aa6389b1cd8ac544f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 04 May 2024 14:16:52 GMT
server
nginx
vary
Accept-Encoding X-Forwarded-Protocol
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.0.18
x-robots-tag
noindex, nofollow

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 04 May 2024 14:16:52 GMT
location
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
server
nginx
vary
X-Forwarded-Protocol
x-powered-by
PHP/8.0.18
app.css
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/ 		373 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/app.css?m=1713241362
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
4d799bd1c960aec3dfdefa3b45c5ea32839b982a3f8337a048e1e863cd23b37b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 04:22:42 GMT
server
nginx
etag
W/"661dfd12-5d50b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000
expires
Thu, 31 Oct 2024 14:16:52 GMT
Messe_Stuttgart_Logo-v2.png
visifair-bookings.messe-stuttgart.de/assets/Uploads/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visifair-bookings.messe-stuttgart.de/assets/Uploads/Messe_Stuttgart_Logo-v2.png
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e29b88d9b30c35a150e3955a0a94be9a8054bd541187d9ee007e9c4c9c35162e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
last-modified
Fri, 11 Aug 2023 07:32:59 GMT
server
nginx
accept-ranges
bytes
etag
"64d5e42b-16885"
content-length
92293
content-type
image/png
logo_vf.svg
visifair-bookings.messe-stuttgart.de/_resources/app/client/src/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/src/images/logo_vf.svg?m=1713162947
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2bcdd2e7105a38ef043a1d7b174e9875762e8f571cf655f5c2a397499916f20c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
last-modified
Mon, 15 Apr 2024 06:35:47 GMT
server
nginx
etag
"661ccac3-1bcf"
content-type
image/svg+xml
cache-control
max-age=15552000
accept-ranges
bytes
content-length
7119
expires
Thu, 31 Oct 2024 14:16:52 GMT
theme.js
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/js/ 		352 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/js/theme.js?m=1713241362
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3ce9858e0350948d114834bfc9d5a2b5da2c943672450c7dba3dc4ddc35a2eaf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 04:22:42 GMT
server
nginx
etag
W/"661dfd12-58021"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=15552000
expires
Thu, 31 Oct 2024 14:16:52 GMT
messe-stuttgart-v2.jpg
visifair-bookings.messe-stuttgart.de/assets/Uploads/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visifair-bookings.messe-stuttgart.de/assets/Uploads/messe-stuttgart-v2.jpg
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b3fb62e399df7b2c0683498e02da7b8b937b2178dcfa5f092392c5a5db109290

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
last-modified
Fri, 11 Aug 2023 07:32:59 GMT
server
nginx
accept-ranges
bytes
etag
"64d5e42b-14599d"
content-length
1333661
content-type
image/jpeg
webfa-solid-900.woff2
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/fonts/vendor/@fortawesome/fontawesome-pro/ 		313 KB
313 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/fonts/vendor/@fortawesome/fontawesome-pro/webfa-solid-900.woff2?942a7be38dca65bca69bed6f0c65ca23
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/app.css?m=1713241362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
1f490e773e97b9e3b8e7d1beba668ef979c1dcca6740c59a1bd6c5a5f34e047b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/app.css?m=1713241362
Origin
https://visifair-bookings.messe-stuttgart.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
last-modified
Tue, 16 Apr 2024 04:22:42 GMT
server
nginx
etag
"661dfd12-4e414"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
320532
expires
Sun, 04 May 2025 14:16:52 GMT
avenir-next-lms-w01-regular.woff2
visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/fonts/avenir-next-lms-w01-regular.woff2?7586629d359552a66b1183708db0ac22
Requested by
Host: visifair-bookings.messe-stuttgart.de
URL: https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/app.css?m=1713241362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3f58a1c4119e3ac290890eb9526e543f305e033f2fccae985bb0e0486c8d0b44

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/_resources/app/client/dist/css/app.css?m=1713241362
Origin
https://visifair-bookings.messe-stuttgart.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:52 GMT
last-modified
Tue, 16 Apr 2024 04:22:42 GMT
server
nginx
etag
"661dfd12-4e10"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19984
expires
Sun, 04 May 2025 14:16:52 GMT
favicon.ico
visifair-bookings.messe-stuttgart.de/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://visifair-bookings.messe-stuttgart.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.224.95.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
c9c683b7e51c9d70e6e2925b052330733a412aafac99d3153f3aba347b1991f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://visifair-bookings.messe-stuttgart.de/Security/login?BackURL=de_DE%2Fevents
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:16:54 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 06:35:47 GMT
server
nginx
etag
W/"661ccac3-3aee"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=15552000
expires
Thu, 31 Oct 2024 14:16:54 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Pace object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| flatpickr object| theme

1 Cookies

Domain/Path Name / Value
visifair-bookings.messe-stuttgart.de/ Name: PHPSESSID
Value: kdkb7itbc0kib16fg4bhbsumnt

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN