gustamobilya.com Open in urlscan Pro
38.242.238.228 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gustamobilya.com/kjhg/apd.html
Submission: On February 07 via manual (February 7th 2024, 1:55:50 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 38.242.238.228, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is gustamobilya.com.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time gustamobilya.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online) Yahoo (Online) Generic (Online)

Domain & IP information

	IP Address		AS Autonomous System
17	38.242.238.228 38.242.238.228		51167 (CONTABO) (CONTABO)
17	2

17 38.242.238.228 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: mainhost.talxmedia.net

gustamobilya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gustamobilya.com gustamobilya.com	572 KB
17	1

	Domain	Requested by
17	gustamobilya.com	gustamobilya.com
17	1

This site contains no links.

Subject Issuer	Validity	Valid
gustamobilya.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gustamobilya.com/kjhg/apd.html
Frame ID: AD72D44636C983B341013C84C1E64B10
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Adobe PDF Download

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

572 kB
Transfer

1228 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request apd.html Show response gustamobilya.com/kjhg/	329 KB 145 KB	209ms 37ms	Document text/html	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Full URL https://gustamobilya.com/kjhg/apd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `0a3c353357d98b10ed49ee6dcbd79885ab818676eb2f63dcdee7436b39a154d9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 148345 content-type text/html date Wed, 07 Feb 2024 13:55:45 GMT last-modified Wed, 07 Feb 2024 12:04:32 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	jquery.min.js Show response gustamobilya.com/kjhg/apd_files/	84 KB 29 KB	109ms 107ms	Script application/javascript	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Full URL https://gustamobilya.com/kjhg/apd_files/jquery.min.js Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT content-encoding br last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 29167 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H2	200	jquery-3.1.1.min.js Show response gustamobilya.com/kjhg/apd_files/	85 KB 29 KB	107ms 107ms	Script application/javascript	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Full URL https://gustamobilya.com/kjhg/apd_files/jquery-3.1.1.min.js Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT content-encoding br last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 29460 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H2	200	jquery-3.3.1.js Show response gustamobilya.com/kjhg/apd_files/	265 KB 76 KB	107ms 107ms	Script application/javascript	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Full URL https://gustamobilya.com/kjhg/apd_files/jquery-3.3.1.js Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad` Request headers Referer https://gustamobilya.com/kjhg/apd.html Origin https://gustamobilya.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT content-encoding br last-modified Sun, 30 Oct 2022 14:10:58 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 77960 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H2	200	popper.min.js Show response gustamobilya.com/kjhg/apd_files/	19 KB 7 KB	107ms 107ms	Script application/javascript	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Full URL https://gustamobilya.com/kjhg/apd_files/popper.min.js Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66` Request headers Referer https://gustamobilya.com/kjhg/apd.html Origin https://gustamobilya.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT content-encoding br last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 6644 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image1.png gustamobilya.com/kjhg/apd_files/	12 KB 12 KB	38ms 37ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image1.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `3af27381cad7df3c8d11cbaf7f7915d2873bcc83fac94d5b21d13dbdb0bce7d7` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 12044 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image2.png gustamobilya.com/kjhg/apd_files/	5 KB 5 KB	38ms 38ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image2.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `849f4c4a8461f44e51f090a6054221ee42d859687a73d1a83ba8d72389783b62` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 5427 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image3.png gustamobilya.com/kjhg/apd_files/	29 KB 29 KB	39ms 39ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image3.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `4440fbe791684cc79b9816699de4f39e8ec4585b0cc4416d875d70090e03fcf5` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 29691 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image4.png gustamobilya.com/kjhg/apd_files/	21 KB 21 KB	42ms 42ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image4.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `cee734e36774b8dda6c8f2444597cc893e40d4dd0066029f2278d7cc55459d0e` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 21647 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image5.png gustamobilya.com/kjhg/apd_files/	17 KB 17 KB	37ms 36ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image5.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `5135a2b7205ec240f4ff1640dc8cdb315c93a892074e841716a0be9b42be2325` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 17174 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image6.png gustamobilya.com/kjhg/apd_files/	11 KB 11 KB	41ms 40ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image6.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `be18ede5612bf5df51f634821a735f3d78ba48d92d9a9bdd430e77782a7df6c6` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 11094 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image7.png gustamobilya.com/kjhg/apd_files/	37 KB 37 KB	59ms 58ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image7.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `b37ad2571439735ab2703350bb15b41c7778db79748d39a590b52b511af1755f` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 38336 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image8.png gustamobilya.com/kjhg/apd_files/	103 KB 103 KB	60ms 60ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image8.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `cf0ba954ef5eb3207711d3948345efe5c27f91b4a4fa0984418f795080bab2ce` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 105701 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image10.png gustamobilya.com/kjhg/apd_files/	1 KB 1 KB	61ms 60ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image10.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `ed5f725c41d3011b3dfa5b14f29be74e77e82d828044e47d301f1750e41f8ea8` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1162 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image11.jpg gustamobilya.com/kjhg/apd_files/	27 KB 27 KB	62ms 61ms	Image image/jpeg	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image11.jpg Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `df05141b80646eca1c1d55a349313554bbba5a7f344c683e57f78c0d96b49872` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 27181 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image15.png gustamobilya.com/kjhg/apd_files/	16 KB 16 KB	66ms 65ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image15.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `aefbe6d77166322772fee4ce2a8f4083f72c92594afeb3f66819af0c84cc3af5` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 16274 expires Wed, 14 Feb 2024 13:55:45 GMT
GET H3	200	image20.png gustamobilya.com/kjhg/apd_files/	7 KB 7 KB	67ms 66ms	Image image/png	38.242.238.228 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://gustamobilya.com/kjhg/apd_files/image20.png Requested by Host: gustamobilya.com URL: https://gustamobilya.com/kjhg/apd.html Protocol H3 Security QUIC, , AES_128_GCM Server 38.242.238.228 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mainhost.talxmedia.net Software LiteSpeed / Resource Hash `cba9e3d415d124bdd495a312f0144d88e26f45f1584105b785657701b1b7e3bc` Request headers accept-language de-DE,de;q=0.9 Referer https://gustamobilya.com/kjhg/apd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:55:45 GMT last-modified Sun, 30 Oct 2022 14:10:56 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 6734 expires Wed, 14 Feb 2024 13:55:45 GMT
GET DATA	200 OK	truncated /	157 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	603 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3b439667b653b07d8eec20a02b2c7cb25e4eb2a91acdbdb61f28f9163237067d` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	820 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `29421a07dc04996cc72f059d0c435f339bf5eb153d16d65ca15f78a5267ada08` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	332 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5221a0fea039c8ba40734e226b9da2e1d08519654be11730ee76ea795ce7eefa` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	480 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1cb16722a2d75f967564fee9f28656eb930d669917db5b07def87392e73c5963` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online) Yahoo (Online) Generic (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| minimize

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gustamobilya.com
38.242.238.228
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a3c353357d98b10ed49ee6dcbd79885ab818676eb2f63dcdee7436b39a154d9
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
1cb16722a2d75f967564fee9f28656eb930d669917db5b07def87392e73c5963
29421a07dc04996cc72f059d0c435f339bf5eb153d16d65ca15f78a5267ada08
3af27381cad7df3c8d11cbaf7f7915d2873bcc83fac94d5b21d13dbdb0bce7d7
3b439667b653b07d8eec20a02b2c7cb25e4eb2a91acdbdb61f28f9163237067d
4440fbe791684cc79b9816699de4f39e8ec4585b0cc4416d875d70090e03fcf5
5135a2b7205ec240f4ff1640dc8cdb315c93a892074e841716a0be9b42be2325
5221a0fea039c8ba40734e226b9da2e1d08519654be11730ee76ea795ce7eefa
7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30
849f4c4a8461f44e51f090a6054221ee42d859687a73d1a83ba8d72389783b62
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aefbe6d77166322772fee4ce2a8f4083f72c92594afeb3f66819af0c84cc3af5
b37ad2571439735ab2703350bb15b41c7778db79748d39a590b52b511af1755f
be18ede5612bf5df51f634821a735f3d78ba48d92d9a9bdd430e77782a7df6c6
cba9e3d415d124bdd495a312f0144d88e26f45f1584105b785657701b1b7e3bc
cee734e36774b8dda6c8f2444597cc893e40d4dd0066029f2278d7cc55459d0e
cf0ba954ef5eb3207711d3948345efe5c27f91b4a4fa0984418f795080bab2ce
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
df05141b80646eca1c1d55a349313554bbba5a7f344c683e57f78c0d96b49872
ed5f725c41d3011b3dfa5b14f29be74e77e82d828044e47d301f1750e41f8ea8

gustamobilya.com Open in urlscan Pro 38.242.238.228 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

572 kBTransfer

1228 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

gustamobilya.com Open in urlscan Pro
38.242.238.228 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

572 kB
Transfer

1228 kB
Size

0
Cookies

17 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!