enjoy-z-rossmann.vastserve.com
Open in
urlscan Pro
185.27.134.103
Malicious Activity!
Public Scan
Effective URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Submission: On August 09 via automatic, source openphish — Scanned from GB
Summary
This is the only time enjoy-z-rossmann.vastserve.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 185.27.134.103 185.27.134.103 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
9 | 2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 157.240.0.6 157.240.0.6 | 32934 (FACEBOOK) (FACEBOOK) | |
16 | 5 |
ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
enjoy-z-rossmann.vastserve.com |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 594 |
156 KB |
3 |
vastserve.com
enjoy-z-rossmann.vastserve.com |
71 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 42 |
3 KB |
16 | 3 |
Domain | Requested by | |
---|---|---|
12 | static.xx.fbcdn.net |
enjoy-z-rossmann.vastserve.com
static.xx.fbcdn.net |
3 | enjoy-z-rossmann.vastserve.com |
enjoy-z-rossmann.vastserve.com
|
1 | facebook.com |
enjoy-z-rossmann.vastserve.com
|
16 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-18 - 2024-08-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://enjoy-z-rossmann.vastserve.com/?i=1
Frame ID: C7C96B656F7BD3ADC24235392A5DF933
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Zaloguj się do FacebookaPage URL History Show full URLs
-
http://enjoy-z-rossmann.vastserve.com/
HTTP 307
https://enjoy-z-rossmann.vastserve.com/ HTTP 307
http://enjoy-z-rossmann.vastserve.com/ Page URL
- http://enjoy-z-rossmann.vastserve.com/?i=1 Page URL
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
Title: Nie pamiętasz nazwy konta?
Search URL Search Domain Scan URL
Title: English (US)
Search URL Search Domain Scan URL
Title: ślōnskŏ gŏdka
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Українська
Search URL Search Domain Scan URL
Title: Español (España)
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Film
Search URL Search Domain Scan URL
Title: Meta Pay
Search URL Search Domain Scan URL
Title: Sklep Meta
Search URL Search Domain Scan URL
Title: Meta Quest
Search URL Search Domain Scan URL
Title: Meta AI
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Threads
Search URL Search Domain Scan URL
Title: Informacje
Search URL Search Domain Scan URL
Title: Twórcy aplikacji
Search URL Search Domain Scan URL
Title: Opcje wyświetlania reklam
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://enjoy-z-rossmann.vastserve.com/
HTTP 307
https://enjoy-z-rossmann.vastserve.com/ HTTP 307
http://enjoy-z-rossmann.vastserve.com/ Page URL
- http://enjoy-z-rossmann.vastserve.com/?i=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://enjoy-z-rossmann.vastserve.com/ HTTP 307
- https://enjoy-z-rossmann.vastserve.com/ HTTP 307
- http://enjoy-z-rossmann.vastserve.com/
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
enjoy-z-rossmann.vastserve.com/ Redirect Chain
|
841 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aes.js
enjoy-z-rossmann.vastserve.com/ |
13 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
enjoy-z-rossmann.vastserve.com/ |
56 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vhwzeX2G1jX.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8IeYyY3Kvrk.css
static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6FXFHF6WPNl.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ |
44 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18i05zYHhXt.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
349 KB 92 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4lCu2zih0ca.svg
static.xx.fbcdn.net/rsrc.php/y1/r/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HrjVc9-xUhR.js
static.xx.fbcdn.net/rsrc.php/v3iMvY4/yg/l/pl_PL/ |
71 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FKTLkAA3aEf.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ |
51 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GIlJjyzEguQ.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
1 KB 595 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Sh670w7j4VG.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
334 B 363 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
95 B 374 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dNgndSEntWr.png
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hLRJ1GG_y0J.ico
static.xx.fbcdn.net/rsrc.php/yb/r/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| envFlush object| Env function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireInterop function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter function| $ function| ge object| Parent object| TimeSlice object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| goURI object| Bootloader function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onafterunloadhooks function| AsyncRequest1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
enjoy-z-rossmann.vastserve.com/ | Name: __test Value: 3e17c0181d9d018c1be421df2e93c726 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
enjoy-z-rossmann.vastserve.com
facebook.com
static.xx.fbcdn.net
157.240.0.6
185.27.134.103
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1c08fe28a1270e0c0d5347dfa211dd11ea69679539aa41119d05ba2ce5246cb0
20c0533a2ebfa608467e5f92c978cae6d1a7406148ef1afbf4f6cb9a7ef00171
3447c254607e368882dca4c7153f9238cfeed0b82ee31f7c53603a11ca0c9881
3e48b1d444a200d13a045b9d2f1e47d48b012b173fd3031c1f97b41ece0e6975
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58537965c00f89780e09425be45ba226228103ccb6c155f6470a5dc867437030
6b2f51979607c7b12548636f4811d450339847c4a2c3aaa413e9f7c77c322bff
873edbb1e4fee287f44f1565d4c9df82b727d59a398092e3d278d14da203a372
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
d07b45fcb5931bcd460816f5bd3f3358f067d99fc34815de12ca1ca1b07ae82a
d630b05d08f2811e263e2ecf21137d1841805ab2db598e27e00240fbb05c27ed
e4464db6ab9e24b15178fb0cf82693de165bd4292b1d874b913b7dd7de9c015a
f9b90a218a7584fa2a776474024f8c1f1fd99b29b0155c406c60f9f0be987522