comstarinteractive.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://talpgh.com/?41hCpkgGcM
Effective URL:
https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5
Submission: On June 14 via api (June 14th 2022, 5:14:40 am UTC) from CH — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is comstarinteractive.com.
TLS certificate: Issued by E1 on June 13th 2022. Valid for: 3 months.

This is the only time comstarinteractive.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.106.191.193 193.106.191.193	59940 (KANZAS-AS) (KANZAS-AS)
1 1	193.106.191.154 193.106.191.154	59940 (KANZAS-AS) (KANZAS-AS)
1 11	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2

1 193.106.191.193 (Krasnoyarsk, Russian Federation) 1 redirects

ASN59940 (KANZAS-AS, RU)

talpgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.191.154 (Krasnoyarsk, Russian Federation) 1 redirects

ASN59940 (KANZAS-AS, RU)

geltc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

comstarinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	comstarinteractive.com 1 redirects comstarinteractive.com	247 KB
1	geltc.com 1 redirects geltc.com	249 B
1	talpgh.com 1 redirects talpgh.com	252 B
11	3

	Domain	Requested by
11	comstarinteractive.com	1 redirects comstarinteractive.com
1	geltc.com	1 redirects
1	talpgh.com	1 redirects
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.comstarinteractive.com E1	`2022-06-13` - `2022-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5
Frame ID: 9776386E3C01E3A082916204051438E9
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Legimitation

Page URL History Show full URLs

http://talpgh.com/?41hCpkgGcM HTTP 302
http://geltc.com/index/?fq9seIBUrF HTTP 302
https://comstarinteractive.com/ HTTP 302
https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Page URL

Page Statistics

11
Requests

91 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

246 kB
Transfer

578 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://talpgh.com/?41hCpkgGcM HTTP 302
http://geltc.com/index/?fq9seIBUrF HTTP 302
https://comstarinteractive.com/ HTTP 302
https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response comstarinteractive.com/ Redirect Chain http://talpgh.com/?41hCpkgGcM http://geltc.com/index/?fq9seIBUrF https://comstarinteractive.com/ https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5	10 KB 3 KB	2434ms 2434ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ad792d0c60acbe64666cf8c99c6b1d68bb01456a6b12a31db31040d7f8e0114a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 71b094c1b9e8929c-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 14 Jun 2022 05:14:14 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN8KazWtYYgThAvbTjbqYHxUWKN1Q6Mh2nh%2B%2FMLdw4jWNrTCQsAv0Db%2BRIEbqTK1AHgKlTtXbI6Trq1uyHR%2FjZ%2F1GLSAReWTdF8tjRyKmV%2BgpxGc6KUNgGHHvApK9eZtmVgw5uc%2FJucDLh2Gxll3OFF7lNsi"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 71b094b03fd0929c-FRA content-type text/html; charset=UTF-8 date Tue, 14 Jun 2022 05:14:12 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT location ?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq%2BbI0sA%2BLmd%2B0jgA87hmmWLCx7HSTraQ5ndQsWO2KmXrXtouzqJJ1Ex6hSEvDRpQKHK8Y8vZyiKAzfsi4HdU2xenpixAY2Na%2FAAPpZhSkY8LdCtMpLveYO%2FutsTSTmBtRScJXVuc7BbhnleXZDxOAdXwaeT"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	Keda5e9d8fd6435 comstarinteractive.com/	275 KB 44 KB	2598ms 2597ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/Keda5e9d8fd6435 Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `755184850dd2351c41d9efc5d8322f11df4df23d1b2fd3c3e9417684caec9795` Request headers accept-language de-DE,de;q=0.9 Referer https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Tue, 14 Jun 2022 05:14:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XGnXKne9KVP7Zik3mkILoc2741YV8p7B719R5KENS7gWDaJTSTn4%2FK%2FOQ9hJTwNHQwppBErQk7Y862Xph3L277%2B6gzu2iAGS45skQec7qR1Do53rW5gSlvB7rRnIcrzOFoCnKlh%2BMGCPGdJuVytsuvkTnBx"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 71b094d118c69be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	K4a55af2213523d Show response comstarinteractive.com/	94 KB 35 KB	2561ms 2560ms	Script text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/K4a55af2213523d Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682` Request headers accept-language de-DE,de;q=0.9 Referer https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iM5LBLkDFBuMWdt8pUAa2hJS4CZq0TkH7Qec%2BgJOwxIrlfxj2Tx27Q1otXPf0prY5ipIdIMZ8AdaL5DyO9dxpwPqLDX8yhLTUIX9WjGn3veRt1mCIYfbFImagu71siPordQBs3j4rOuEWEhz%2FcNEqO3t7xtz"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=60 cf-ray 71b094d118c79be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 09 Jun 2022 10:18:24 GMT
GET H3	200	K85df1995c9e7b2 comstarinteractive.com/	16 KB 6 KB	147ms 146ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://comstarinteractive.com/K85df1995c9e7b2 Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648` Request headers accept-language de-DE,de;q=0.9 Referer https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jUQgM%2BTCSwXf5qSC6W3CRP6wvl3pGUTaVy5ceq%2Fa4bQBoLwEfFXy1HhePVDL0ZUEoNVHsbpywNhZzFKctw0alf1HZGWbS7dqaCXErYwpWkYkSe21mfG2buSNjPg%2BZWUw2jCt8LDS9N3B6mB%2Bb6L6JJST7VA"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=60 cf-ray 71b094e1ed259be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 09 Jun 2022 10:18:24 GMT
GET H3	200	K68758bda97d0aa comstarinteractive.com/	7 KB 7 KB	18548ms 18548ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://comstarinteractive.com/K68758bda97d0aa Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469` Request headers accept-language de-DE,de;q=0.9 Referer https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsfygThdasafEqz7gGraj55OfhniNyRr8CNLvsOWRdVJbAMKbquE1zdGu1kz%2BBCPvU%2FO3Z3xRMMTFnr3Vg%2B%2BqPax%2BeGlHzOKfb5EYACrYV1bcQC4R%2B02jIHOltWDYow6R695d5G8dlN0fgxMDjsvXT8Cx80F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=60 cf-ray 71b094e20d479be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7022 expires Thu, 09 Jun 2022 10:18:42 GMT
GET		K797c1dd0bf76c4 comstarinteractive.com/	0 0

GET H3	200	Kd4b8920e0a847d comstarinteractive.com/	6 KB 6 KB	18150ms 18149ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://comstarinteractive.com/Kd4b8920e0a847d Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753` Request headers accept-language de-DE,de;q=0.9 Referer https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5bodlBvhNgifMAYdGPY5JM1AVeYTeb8jBiBCuClSQQ%2Fzn6tlEzJfnfKZVELAe7O7gZVqsKK%2BLyf2g98qmSYjnHednto%2FYPDXYslGJ%2FXHN1QqrMsD547wjueWJRFzHfpUP6e%2B%2FuIASPNeNWcHGbBwsXNNXCR"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=60 cf-ray 71b094e20d4e9be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5720 expires Thu, 09 Jun 2022 10:18:42 GMT
GET H3	200	K3861cb06f0863e Show response comstarinteractive.com/	46 KB 17 KB	148ms 147ms	Script text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/K3861cb06f0863e Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `591c48a161f91ce005b11fa41df8645cff1859ae842c615dbcf929cd8ee108f8` Request headers accept-language de-DE,de;q=0.9 Referer https://comstarinteractive.com/?ref=Aa0OWPYGdnBrTRL&id=20y9rn6PfpeRFzU&privatkunden=ADoX4xRN3gkmli5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnsdxfP907AYmpIwp%2FYd5VArudzO3A20i0ZorNbsP59QRoXOuAvstPiMGHxtD%2BH%2FjhcqlTM5XSpIzlU17YcL8kUFRR9W81PobDFJvpUAIIgY3c%2FmZswLRvWFlkbjFu9EQnMIggHoYsAzZPX1FHv24j2znnlo"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=60 cf-ray 71b094e1cce69be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 09 Jun 2022 10:18:24 GMT
GET H3	200	K7e53e96d17c1d6 comstarinteractive.com/	39 KB 39 KB	148ms 148ms	Font application/octet-stream	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/K7e53e96d17c1d6 Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/Keda5e9d8fd6435 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2` Request headers Referer https://comstarinteractive.com/Keda5e9d8fd6435 Origin https://comstarinteractive.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bos1qC7FVtcc2ucuze1Smps8vUW3QW8sJkQ%2BEgSgunIA5W93dqigidTR%2BMumuds7PQ1cZ%2FVrHO6pkMvtJwNPh7pj0ZI1LQCTDgYs4rU2XnG1cE1qLdUNnLirLeBoceZuAyBa4sSQqlNC5KxlL40uhzNjVxj4"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=60 cf-ray 71b094e32fad9be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 09 Jun 2022 10:18:24 GMT
GET H3	200	K8e5681666ec950 comstarinteractive.com/	48 KB 48 KB	150ms 150ms	Font application/octet-stream	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/K8e5681666ec950 Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/Keda5e9d8fd6435 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03` Request headers Referer https://comstarinteractive.com/Keda5e9d8fd6435 Origin https://comstarinteractive.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93WRCLqPx0o%2BOwDBeh5QbK8Lz33UB6ajrZDqPajd9WzVT38xd%2BRXF2Gp5UBkR%2BKaTDY%2FLpodAJUDGt5PlQ0ZNWDueLFpLdFC4Ysc9iRsAmlgU0720Gb0NM2bRnLL%2BO0Koi8WS2SQs%2BRWkI1ywIp4PJ1WoOMM"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=60 cf-ray 71b094e92d2b9be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 09 Jun 2022 10:18:25 GMT
GET H3	200	Kf535f86cca7d0d comstarinteractive.com/	39 KB 39 KB	154ms 154ms	Font application/octet-stream	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comstarinteractive.com/Kf535f86cca7d0d Requested by Host: comstarinteractive.com URL: https://comstarinteractive.com/Keda5e9d8fd6435 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638` Request headers Referer https://comstarinteractive.com/Keda5e9d8fd6435 Origin https://comstarinteractive.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma cache date Tue, 14 Jun 2022 05:14:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymWSMwPmVp8%2Fo8jxr%2FlW42i1aVlgkGr%2BTk6zSQI3JiGM5nJ1ooHOkIPN5D2HZMy%2Ftglz5fcppRJ5Kvy0sH4YGCcRL%2BGxjGFu0K21aWAMo76yHAyrelzVAJOYwnwmNhF%2FOBl%2B%2FU%2BqHwEaU6NFvhOr%2FZ84B1Un"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=60 cf-ray 71b094e92d2d9be0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 09 Jun 2022 10:18:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: comstarinteractive.com
URL: https://comstarinteractive.com/K797c1dd0bf76c4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			comstarinteractive.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 11afnvo9a38aqki6m6mri1c3i7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comstarinteractive.com
geltc.com
talpgh.com
comstarinteractive.com
193.106.191.154
193.106.191.193
2a06:98c1:3121::3
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753
56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03
591c48a161f91ce005b11fa41df8645cff1859ae842c615dbcf929cd8ee108f8
622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469
74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648
755184850dd2351c41d9efc5d8322f11df4df23d1b2fd3c3e9417684caec9795
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2
ad792d0c60acbe64666cf8c99c6b1d68bb01456a6b12a31db31040d7f8e0114a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638

comstarinteractive.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

246 kBTransfer

578 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

1 Cookies

Indicators

comstarinteractive.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

246 kB
Transfer

578 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!