csmoneseilskln.xyz
Open in
urlscan Pro
172.67.179.55
Malicious Activity!
Public Scan
Submission: On May 04 via manual from SI — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 4th 2023. Valid for: 3 months.
This is the only time csmoneseilskln.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 172.67.179.55 172.67.179.55 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 172.67.148.33 172.67.148.33 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
33 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
35kjsdgwt.top
35kjsdgwt.top |
621 KB |
1 |
csmoneseilskln.xyz
csmoneseilskln.xyz |
855 B |
33 | 2 |
Domain | Requested by | |
---|---|---|
32 | 35kjsdgwt.top |
csmoneseilskln.xyz
35kjsdgwt.top |
1 | csmoneseilskln.xyz | |
33 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
csmoneseilskln.xyz GTS CA 1P5 |
2023-05-04 - 2023-08-02 |
3 months | crt.sh |
35kjsdgwt.top GTS CA 1P5 |
2023-05-04 - 2023-08-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://csmoneseilskln.xyz/auth.php
Frame ID: CEEE5CCA80FC026A49114DE8CEC6F52F
Requests: 1 HTTP requests in this frame
Frame:
https://35kjsdgwt.top/11c1376a5
Frame ID: 4C679F24F5F8D36F1D6EA24766EE2AC0
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
Steam CommunityDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
auth.php
csmoneseilskln.xyz/ |
264 B 855 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11c1376a5
35kjsdgwt.top/ Frame 4C67 |
282 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
88 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
motiva_sans.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
2 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
32 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_global.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
77 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
44 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_responsive.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
17 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.css
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_combined.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
70 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tool.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
271 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-1.11.1.min.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
94 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tooltip.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
shared_global.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
80 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logins.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
46 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modalv2.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
shared_responsive_adapter.js
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_valve_footer.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header_menu_hamburger.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header_logo.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
globalheader_logo.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sits_landing.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_info.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blue_refresh_icon.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
500 B 952 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
throbber.gif
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footerLogo_valve.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btn_header_installsteam_download.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
291 B 737 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 4C67 |
61 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MotivaSans-Thin.ttf
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
116 KB 116 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MotivaSans-Regular.ttf
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
120 KB 120 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
emailauth_icons2.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
code_box.png
35kjsdgwt.top/8d36c1c8c/98a6d/ Frame 4C67 |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.csmoneseilskln.xyz/ | Name: __ddg1_ Value: OFj1xPeIFJSdHOgAyTNU |
|
csmoneseilskln.xyz/ | Name: PHPSESSID Value: f6b7ce77f292efd8deee17c91e4a62e0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
35kjsdgwt.top
csmoneseilskln.xyz
172.67.148.33
172.67.179.55
0ad9ddd2543a22ec2270326fb195c2bb6fb1b46186e89e885a83ae24386176f2
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d
1021d21a2f1ff237e852f718eaa144a4a47f21aeb12eecedfc9bfa9b32579aa1
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
2b1fee47d4ca17cfe2b2d2c74afedc7fe659b7722a7538a02acbf821a1b014c7
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
47a3d6182786a8eb03749bfcd9f0ca6f72017758643b9b9a1e5d1a650c571dfe
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c
4840bbc3612c4efb77e9353d3f67493c5ea49519d0d8eca8b630e758eaaf30c7
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699
555a1bb56792baf6f9b5be5f1483c9b07510d805fe533eeae8f12b26e26bfb87
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
76852e7496a0682a6366f48cb385a08298b5f557de37f2f901827aeef5231bc7
793c2fb2fb19d024f4300484c2540d3580c64bc6bfced3b0524b6bbdae8fe42d
886cf3523cea9de24f91bc8bbe89efff4a0dbc107759aa86bc6923e9c6b8be58
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
9152d0aecc3dfc17e3265cc54fc3b21dc6c5ea1b472aa90da440ae96552a2ac8
97b179c7e553d74ed86b7663fa0722b76854f0ef2398fe6fbadd98f2d0c1cdfa
a24e4e2eb63ba954b29ceef24b0275c146bb401038970b7ed1a84740347a2017
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
b55cd6f63141dddd3a145ec703028c532a4a16d604b74c50ecf876023a2b7ecc
c3689a0b227495976e8425402f6c73614827d437af56b065c6f8208e09080af3
d62a5e51ad1b8419e7891b3e6a43bddd98d1c14e31ef012652781e99abe6417c
dba501eaeed9ab3ee0f60d658834bce1e2f28e819de50c0bdcbae6d78ddeb3f1
e05acf32055c1a5fff640835a6fd67ff14a02d00e5b636672f3f49f98429f5cf
e1a5c4c834e53551df9f37d51ff1fa022b70f63f46fa538e6d992578f64dbaaf
f156d6970ba724a853d3f069246d8f621aab0ca66d24c092e8cba4b1affa1d9d
f891697b1b70ea37798b640358b24f6163c6d27e57eebec458aa40879b076d8f
fba143fd14db35bf588597f4059a8e15ad23ba0a502bfa6f88a2de749a619f1e
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa