grosshandel-mevida.de
Open in
urlscan Pro
193.46.215.132
Malicious Activity!
Public Scan
Submission: On February 02 via automatic, source openphish
Summary
This is the only time grosshandel-mevida.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 193.46.215.132 193.46.215.132 | 196763 (KEY-SYSTE...) (KEY-SYSTEMS-AS Im Oberen Werk 1) | |
21 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
24 | 3 |
ASN196763 (KEY-SYSTEMS-AS Im Oberen Werk 1, DE)
PTR: web-02.dd24.net
grosshandel-mevida.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
fbcdn.net
static.xx.fbcdn.net |
291 KB |
2 |
grosshandel-mevida.de
grosshandel-mevida.de |
37 KB |
1 |
facebook.com
facebook.com |
1 KB |
24 | 3 |
Domain | Requested by | |
---|---|---|
21 | static.xx.fbcdn.net |
grosshandel-mevida.de
static.xx.fbcdn.net |
2 | grosshandel-mevida.de |
static.xx.fbcdn.net
|
1 | facebook.com |
grosshandel-mevida.de
|
24 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.oculus.com |
portal.facebook.com |
pay.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://grosshandel-mevida.de/html2/index.html
Frame ID: 6B78366D4C2941CDEFDAD46D1AE5A669
Requests: 24 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
grosshandel-mevida.de/html2/ |
151 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OfUfeQVPy67.css
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HPft0FukSSP.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ |
64 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxI6JNlsBwR.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ |
119 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QMKkyuXszIl.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
55 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Y8cle5OjWZs.js
static.xx.fbcdn.net/rsrc.php/v3iK-b4/y_/l/en_US/ |
132 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ifrczuk_wGQ.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ |
35 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vmDEad9IOxg.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ |
51 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OesYIb3MeRK.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ |
36 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KTYHDxknZ7v.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P5XPqfL6RNt.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qkC71IpIOkw.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
221 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Wicyz0CP9aP.png
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MP5kZee0h8r.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cQJ6VEeRAYq.js
static.xx.fbcdn.net/rsrc.php/v3ih-D4/yY/l/en_US/ |
107 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DYx-vRtS57B.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
130 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MqAgoeN2Jrm.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
30 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKz2mypMzvh.js
static.xx.fbcdn.net/rsrc.php/v3iLQG4/yL/l/en_US/ |
26 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5wO12U3hKhw.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eAIG4AaBZaF.js
static.xx.fbcdn.net/rsrc.php/v3i8594/y5/l/en_US/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BwjU4B_qfpp.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
grosshandel-mevida.de/a/ |
270 B 434 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| envFlush object| Env number| __DEV__ function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
grosshandel-mevida.de
static.xx.fbcdn.net
193.46.215.132
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
009187e3606431131436ad9c7d69e92c02ea55baa66666a04c0677bcfbb759bf
0262e40317a04de5a81746c7b90f022c746595bf0bc32418916c3a42647fed72
0494c898d8c4bf9248bbde407b03027199baff89d92bcc43172ea4afd5b5121b
0bddc11099d383069f8c007477048cd1439a3de61f1e64668d483e1c693728aa
17a5f0166d4daacea1e94680580a78e51a0fe14919ca734b6ebdeb78e3782d86
506d7957e30d432810fad77cbaaea2cab5c114a99a9e733d3b1c11b2e2ec523c
5168c3f6612d069d7f983790f70e7f3fb5e303a70c77127a8f13db546c21b5d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f9ca5a2cd0ec8b24592f5d9450a927026fe55c85643071778f600617faf053c
60f53a0282ecef8a7e44e20ad19db958d86c3127a68f131bdb2eaa0d14351958
6a8eae554ed29912e6dc64772605a8438e450424a1a92877cd12fbbeb0eab029
78ea6995de9d0748ac261f4ad09baacf83a64a0c114480d3eafca3d1701f10a2
94bc6db882121de8dc318d6ccd40712f4c063832f011968199fef3d6d84dc10a
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
b2f5c9c4e73e7926f904123f8391196d91e746c9cf2d5a558a33f6c3ba5da2ec
b51fa101e97a56ce79c86f56fa502f1c40e83ef65875e46bd4839043cd93ae82
b9495900337b2a43bcec8fb19a95b45cd4866a74a69bbc3d49ad7a3dc09e19d0
cb8e88b504b53c03c6ef01bcce57a9b6a2a18ced77c6955f9052e20f9045f7a9
d1b5eb4102f7cc42e7da9770a714528d71c983bc633113b010aeae056ee1f67d
d236a8049e3a15f2ea3ff130786ab37b5ad0a4967893d567060bf5eaaece7c3d
d37c9395e6e688941e81ea8e8953ac984a46a7493bdcb76a87fe2fae0d184c94
e63f2e429cfe27bfaf27e89b36c90437062f01676a00b3a4efeb7b9226f6d316
eda340a2ecab68f11640bd6a50611d8fcee8dd07264df034c94e3807e5540da8
f9302de6d84f59bc4fd4913ea45ac8ffc5c430c510c762f5ec15d45bfb970e54