388218295.com
Open in
urlscan Pro
217.160.0.244
Malicious Activity!
Public Scan
Submission: On May 26 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on May 25th 2024. Valid for: a year.
This is the only time 388218295.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: mobile.de (Marketplace)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 217.160.0.244 217.160.0.244 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
388218295.com
388218295.com |
232 KB |
0 |
classistatic.de
Failed
static.classistatic.de Failed |
|
10 | 2 |
Domain | Requested by | |
---|---|---|
4 | 388218295.com |
388218295.com
|
0 | static.classistatic.de Failed |
388218295.com
|
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
388218295.com GeoTrust TLS RSA CA G1 |
2024-05-25 - 2025-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://388218295.com/
Frame ID: 703FD905720E2051E2DAD06BFC43CA5E
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
388218295.com/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.0e6071be.css
388218295.com/index_files/ |
153 KB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4aa13a690ca448eaa2c823f854705402.jpg
388218295.com/index_files/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-semibold-v4.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-medium-v4.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-regular-v4.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
388218295.com/index_files/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-semibold-v4.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-medium-v4.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-regular-v4.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-semibold-v4.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-medium-v4.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-regular-v4.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-semibold-v4.woff
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-medium-v4.woff
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-regular-v4.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: mobile.de (Marketplace)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
388218295.com
static.classistatic.de
static.classistatic.de
217.160.0.244
3e70d11c1c5068352f88e42f4434a510abd8a86726435678b14ac607949462d4
50a4b3803593ccfda460d0cfece740a358e48b211b33df5d8e5a1ec0cfef6b3e
e572aae1298f3288f49d9c7e876c357c50d21398a2964ebe55f829e62f938bb3
e58c5ecd2b514360ebc3c840a04b1f6dfbc4e6527695b93f0f2c15a52077e123