urlscan.io logo urlscan.io
SecurityTrails logo

enjoy-z-rossmann.vastserve.com Open in urlscan Pro
185.27.134.103  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enjoy-z-rossmann.vastserve.com/
Effective URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Submission: On August 09 via automatic, source openphish — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 185.27.134.103, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is enjoy-z-rossmann.vastserve.com.
This is the only time enjoy-z-rossmann.vastserve.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
3 185.27.134.103 34119 (WILDCARD-...)
9 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 157.240.0.6 32934 (FACEBOOK)
16 5
Apex Domain
Subdomains		 Transfer
12 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 594
156 KB
3 vastserve.com
enjoy-z-rossmann.vastserve.com
71 KB
1 facebook.com
facebook.com — Cisco Umbrella Rank: 42
3 KB
16 3
Domain Requested by
12 static.xx.fbcdn.net enjoy-z-rossmann.vastserve.com
static.xx.fbcdn.net
3 enjoy-z-rossmann.vastserve.com enjoy-z-rossmann.vastserve.com
1 facebook.com enjoy-z-rossmann.vastserve.com
16 3
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-18 -
2024-08-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://enjoy-z-rossmann.vastserve.com/?i=1
Frame ID: C7C96B656F7BD3ADC24235392A5DF933
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zaloguj się do Facebooka

Page URL History Show full URLs

  1. http://enjoy-z-rossmann.vastserve.com/ HTTP 307
    https://enjoy-z-rossmann.vastserve.com/ HTTP 307
    http://enjoy-z-rossmann.vastserve.com/ Page URL
  2. http://enjoy-z-rossmann.vastserve.com/?i=1 Page URL

Page Statistics

16
Requests

81 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

229 kB
Transfer

611 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enjoy-z-rossmann.vastserve.com/ HTTP 307
    https://enjoy-z-rossmann.vastserve.com/ HTTP 307
    http://enjoy-z-rossmann.vastserve.com/ Page URL
  2. http://enjoy-z-rossmann.vastserve.com/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://enjoy-z-rossmann.vastserve.com/ HTTP 307
  • https://enjoy-z-rossmann.vastserve.com/ HTTP 307
  • http://enjoy-z-rossmann.vastserve.com/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
enjoy-z-rossmann.vastserve.com/
Redirect Chain
  • http://enjoy-z-rossmann.vastserve.com/
  • https://enjoy-z-rossmann.vastserve.com/
  • http://enjoy-z-rossmann.vastserve.com/
841 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enjoy-z-rossmann.vastserve.com/
Protocol
HTTP/1.1
Server
185.27.134.103 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d630b05d08f2811e263e2ecf21137d1841805ab2db598e27e00240fbb05c27ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
841
Content-Type
text/html
Date
Fri, 09 Aug 2024 14:02:28 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx

Redirect headers

Location
http://enjoy-z-rossmann.vastserve.com/
Non-Authoritative-Reason
HttpsUpgrades
aes.js
enjoy-z-rossmann.vastserve.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enjoy-z-rossmann.vastserve.com/aes.js
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/
Protocol
HTTP/1.1
Server
185.27.134.103 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 14:02:29 GMT
Last-Modified
Sun, 15 Oct 2023 17:48:36 GMT
Server
nginx
ETag
"652c25f4-35a5"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13733
Primary Request /
enjoy-z-rossmann.vastserve.com/ 		56 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enjoy-z-rossmann.vastserve.com/?i=1
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/
Protocol
HTTP/1.1
Server
185.27.134.103 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
58537965c00f89780e09425be45ba226228103ccb6c155f6470a5dc867437030

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Aug 2024 14:02:29 GMT
ETag
"dec2-617f7877cdca0"
Expires
Sun, 08 Sep 2024 14:02:29 GMT
Last-Modified
Wed, 08 May 2024 20:55:57 GMT
Server
nginx
Transfer-Encoding
chunked
vhwzeX2G1jX.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/vhwzeX2G1jX.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c08fe28a1270e0c0d5347dfa211dd11ea69679539aa41119d05ba2ce5246cb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
u899YAwHFbtQj/cuZnF5dQ==
document-policy
force-load-at-top
x-fb-server-load
51
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
802
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=18, mss=1297, tbw=2907, tp=-1, tpl=-1, uplat=143, ullat=0
x-fb-debug
LQbN00M3rRFbtH84DDp2T9tRVabVo4S0C+75ZmC7WSoGyO4bnl47yPmviLsnj0idGYZZ8ejZfAjEQXhIm7KERA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 09 Aug 2025 14:02:29 GMT
8IeYyY3Kvrk.css
static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/8IeYyY3Kvrk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e48b1d444a200d13a045b9d2f1e47d48b012b173fd3031c1f97b41ece0e6975
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
d10bkTkMf2QYP/MIfEOmJA==
document-policy
force-load-at-top
x-fb-server-load
54
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3862
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=20, mss=1297, tbw=25281, tp=-1, tpl=-1, uplat=213, ullat=0
x-fb-debug
N8derl+Jpb1YWOce1j6mkqIFBCgk0NUYZLc1+DXpy7Y9M4MSUXgoifvk0cScALiKormDUjAT7HAJQFIkDqJx5g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 09 Aug 2025 14:02:29 GMT
6FXFHF6WPNl.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/6FXFHF6WPNl.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3447c254607e368882dca4c7153f9238cfeed0b82ee31f7c53603a11ca0c9881
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
mkE+cv0uAZ4ON+pdmHXw4w==
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10505
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=72, mss=1297, tbw=135845, tp=-1, tpl=-1, uplat=339, ullat=0
x-fb-debug
8OA0G6uCwYkDNO1CHfbywxWoB7RbttIB3NCg6km6yoRZF++AUXNpwyKVmQxD63VSnfBK8p/+4RKtmXl3dnUymw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 09 Aug 2025 14:02:29 GMT
18i05zYHhXt.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ 		349 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/18i05zYHhXt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d07b45fcb5931bcd460816f5bd3f3358f067d99fc34815de12ca1ca1b07ae82a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
JcbUF86xccNKCBMgAq0pxA==
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
94133
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=35, mss=1297, tbw=45984, tp=-1, tpl=-1, uplat=285, ullat=0
x-fb-debug
NBzisrRcCChCzq04UUSStcluCJy2XtW5b916pz8LiQAjWBnFUzmYqiRYLeSrhXPgCsFJQKdk0+fFEnflHo6yFQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 09 Aug 2025 14:02:29 GMT
4lCu2zih0ca.svg
static.xx.fbcdn.net/rsrc.php/y1/r/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/y1/r/4lCu2zih0ca.svg
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
n3VoHwQDdPdD5BC1HAoIkw==
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
986
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
W45kq/xAcmfbrh0Keud0Jlp7OBtJAo5K8WUaU54Oo8tZukifcIp8OiJwNGg06wlW5fif1BdL4Ddfm69ouBkHGA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/svg+xml
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sun, 03 Aug 2025 02:25:44 GMT
hsts-pixel.gif
facebook.com/security/ 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
date
Fri, 09 Aug 2024 14:02:30 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=100, ullat=0
pragma
no-cache
x-fb-debug
Nm80chvRu5AXKrfjshNbdKrujP7c7V1Ga+FMx5PVAU+L/CnR7g6P4D0CUxiAmfVLmg1drZBs6LFjJeBAY9bFUQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/gif
x-frame-options
DENY
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
HrjVc9-xUhR.js
static.xx.fbcdn.net/rsrc.php/v3iMvY4/yg/l/pl_PL/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iMvY4/yg/l/pl_PL/HrjVc9-xUhR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4464db6ab9e24b15178fb0cf82693de165bd4292b1d874b913b7dd7de9c015a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
Ls0jCpnSFp496Q8AqZGFTw==
document-policy
force-load-at-top
x-fb-server-load
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19443
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=20, mss=1297, tbw=5208, tp=-1, tpl=-1, uplat=202, ullat=0
x-fb-debug
VUUjSZDLThKEHnfW5tq9CTJSvPIKgwrbJBWx0jYvCq6/LpIWHNpc0RHFYmoLKyg77YSTvR8FA/tbGzRx4ktc+Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 09 Aug 2025 14:02:29 GMT
FKTLkAA3aEf.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/FKTLkAA3aEf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9b90a218a7584fa2a776474024f8c1f1fd99b29b0155c406c60f9f0be987522
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
MFQOnN5GX4QKRgZzwtXfBA==
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15946
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=28, mss=1297, tbw=29482, tp=-1, tpl=-1, uplat=213, ullat=0
x-fb-debug
hT+Udk1MPAbevQA/swvc9JcMjN5MNCD03Hs8UP2tpNweEt7YxffjQ1jGUQZjVc1uNmiFRdbqaBtM/P2Aj3DQqA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 09 Aug 2025 14:02:29 GMT
GIlJjyzEguQ.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ 		1 KB
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GIlJjyzEguQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
873edbb1e4fee287f44f1565d4c9df82b727d59a398092e3d278d14da203a372
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
yLrAWXTawQMdq1bkUCu3LQ==
document-policy
force-load-at-top
x-fb-server-load
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
449
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4351, tp=9, tpl=0, uplat=3, ullat=-1
x-fb-debug
Ly/D6JuNjEergZutrKWK0WKOrhyWqO8TmkL/CBeXsBSBt5DUJaq4NQYjfnpaIS8xIXxEeLfozeAhOipQlNoyHA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=2
expires
Sun, 03 Aug 2025 23:30:58 GMT
Sh670w7j4VG.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ 		334 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/Sh670w7j4VG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: enjoy-z-rossmann.vastserve.com
URL: http://enjoy-z-rossmann.vastserve.com/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
20c0533a2ebfa608467e5f92c978cae6d1a7406148ef1afbf4f6cb9a7ef00171
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
Origin
http://enjoy-z-rossmann.vastserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-md5
6HKLtm0U8r3uIjbQXkZUeA==
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
222
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=25, mss=1232, tbw=6399, tp=13, tpl=0, uplat=3, ullat=-1
x-fb-debug
LwRt5++NKjyI/1BkhsvIYVtg6ewNvbpDFMVLMJhFcEUqatR0EvpNlyXnZoQhnVwr8ycoHeUtbhfHKBSBTmuVZA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=2
expires
Sat, 02 Aug 2025 00:00:47 GMT
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 		95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/O7nelmd9XSI.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/6FXFHF6WPNl.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/6FXFHF6WPNl.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
x-content-type-options
nosniff
content-md5
OcEdZWIg79UvSWVADRSQCg==
document-policy
force-load-at-top
x-fb-server-load
50
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=20, mss=1297, tbw=5345, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
WXp8gAiUP3NEVrAw6fjZzpenetRqjJ4vF5TU2OZeT/l3m2tNhA8P/jFQE/q4JWlNsyrThpLM83yDuFB5SGD3rA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 02 Aug 2025 01:59:45 GMT
dNgndSEntWr.png
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/dNgndSEntWr.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/6FXFHF6WPNl.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b2f51979607c7b12548636f4811d450339847c4a2c3aaa413e9f7c77c322bff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/6FXFHF6WPNl.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:29 GMT
x-content-type-options
nosniff
content-md5
ZtE5C/m/GXTDcKriw4XT2w==
document-policy
force-load-at-top
x-fb-server-load
50
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3717
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=20, mss=1297, tbw=5785, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
M+8UrLRBWnlT8IYSC/AG+Jxcbx/J8grpNcWtUl+SOodWvuJ1aj6LFK4oVHu8Yc1gJn2AfumYHNH44lHiysxOuA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 02 Aug 2025 14:15:45 GMT
truncated
/ 		78 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
hLRJ1GG_y0J.ico
static.xx.fbcdn.net/rsrc.php/yb/r/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://enjoy-z-rossmann.vastserve.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:02:30 GMT
x-content-type-options
nosniff
content-md5
jN3KQn2um5Jec0MvhzPgWg==
document-policy
force-load-at-top
x-fb-server-load
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4286
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4355, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
EbQjk2cKgngtrvDMdf1fagFDKAv7k26cbilmiPyWbJ/7ZrIXGl0gsIG2m5UetngL+Bgdfg22FWJFKE3Mt+4a0A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/x-icon
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=1,i
expires
Sun, 03 Aug 2025 02:04:50 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| envFlush object| Env function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireInterop function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter function| $ function| ge object| Parent object| TimeSlice object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| goURI object| Bootloader function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onafterunloadhooks function| AsyncRequest

1 Cookies

Domain/Path Name / Value
enjoy-z-rossmann.vastserve.com/ Name: __test
Value: 3e17c0181d9d018c1be421df2e93c726