steamkeys.pages.dev Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response steamkeys.pages.dev/	41 KB 10 KB	108ms 50ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f995b71b9d53ba816215d97e239ba013d135eef01b2acfa34cabbf19931bb602 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 7ed623622f03bb53-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 27 Jul 2023 16:07:56 GMT etag W/"92be4c1fc552847d8d12ed5bbe702e7c" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BHAYyszyKNAndj7HKfV7Fb4I2XeR%2F%2FnWGNdRxPY%2Fz61x8jw1hMB4I0tt%2Bxfc6TppKylMbpqEwcERvuqYzg3grs%2FmXXWo6TH0mkMoLboh3hSm1GM1TlydUMfLM0qiKFFJ%2BJiExj62c0z618b%2F0eTO63W"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	classic-themes.min.css steamkeys.pages.dev/wp-includes/css/	291 B 499 B	99ms 97ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-includes/css/classic-themes.min.css?ver=6.2.2 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a9599e5949c606a58e812b97752ac113" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHcclL1tQiJN1ORwzKhFJF1Bdh3ECfGgvCSi367DmRMSEiNxh18mT4Plc1AeE7lmQ%2FisLiCECP8ZUq%2FvhJsECHoahLBHp6gQgwjmzEL2zrmgQopUtl3Bm7NwdkMwX3oV2bDDIxSQ8X4wDeW4i3%2B8hntB"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f4cbb53-FRA alt-svc h3=":443"; ma=86400
GET H2	200	flatsome.css steamkeys.pages.dev/wp-content/themes/flatsome/assets/css/	143 KB 31 KB	97ms 96ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.17.3 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e9d597955003834b09a0ed0546bf9bddd72f773512ffd61fe7e8937175076bc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0f83c0a2f15eec88b1a2461d2616744b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK9YpxkiI2wcSudR0CZiMAlyhvxC1tImYeA0fcOZcq0TIkJFHkG6OLUUUSCqgxa%2BhCA8bOdhujgJitt0LALaSBejASX9vkmINL9It6wEBU3DR1rAqqJGksa3tH38RdFzGHZAK9XLM69KUmrGOmafvzM8"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f51bb53-FRA alt-svc h3=":443"; ma=86400
GET H2	200	style.css steamkeys.pages.dev/wp-content/themes/keygenesis/	299 B 503 B	114ms 113ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/keygenesis/style.css?ver=3.0 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3be79631f256a26c5b4bf7ace54c850adffcd018b1d2f26c3af9dd41dacdfe7d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7a5119b87d760522736b32d5c05ae800" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bEL5B4l8b1%2B1etXcjGglC2VqX0nOBeb%2BPHSnhzchUkAZavYTdAjo7sO4uIRxHSai8CZmFWHXSi79DdJVAjhbp0FhkZoBzaJnLn3KkMELNYOD6jsWfottpDp0tLQwpUar6wrsm%2B2TNSKv%2BoGwIlEmyxn"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f53bb53-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response steamkeys.pages.dev/wp-includes/js/jquery/	88 KB 32 KB	99ms 98ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.6.4 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"82fe18abe5fdeb548b5ba1eae9dd0902" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eg4Xjq8vapeLAqGcwAbnyF%2BrRPPYUzUgxxPA9A1lpzCf33b2Mc6TGiYxAB2MTwQb12ZLjoC0ZClROAn089%2FfGaPhAjrnufqfGYvCpY5UfgvZt6qiUD9y3bO7HWVKu2rRq91i%2Fxak4U04PP8WEBMNekJh"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f55bb53-FRA alt-svc h3=":443"; ma=86400
GET H2	200	blur-text.js Show response steamkeys.pages.dev/wp-content/plugins/blur-text/	3 KB 1 KB	114ms 113ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/plugins/blur-text/blur-text.js?ver=1.0.0 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59b64bb0ba614c4f05dcad3ba8adfa23e82ce71c8c08785888a1dde3de081478 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"ac52b79971c55d9dfc2b940e6fff1545" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guWz2Z%2FEkf4TDaO%2B5gQYllhXNJZFLxi7Eta3J2a%2BNYwTI0lNxGFd9m%2Biva7E4tj%2FrRhx%2FwAR91ILR0KJQOE%2FsmaLKYv89%2BEmndDi8ajBlDxYa%2Buf6rreVtl6pSYwdfkZwDSValbvIPMch4H8a5JKW53H"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f57bb53-FRA alt-svc h3=":443"; ma=86400
GET H2	200	2455024.js Show response d115fsoldgezur.cloudfront.net/	24 KB 7 KB	262ms 208ms	Script application/javascript	2600:9000:223e:9c00:15:b258:40c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d115fsoldgezur.cloudfront.net/2455024.js Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:9c00:15:b258:40c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:02:15 GMT content-encoding br via 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront) last-modified Tue, 27 Jun 2023 13:23:05 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 353 etag W/"07ace30cbd77eb9d6e74843abfd10980" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id rqdfKvTafFjtcgnsdreIcqyO2H5kx_yyD8jGbZ83JGlRgThSQk_jPA==
GET H2	200	hoverIntent.min.js Show response steamkeys.pages.dev/wp-includes/js/	1 KB 1 KB	83ms 82ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-includes/js/hoverIntent.min.js?ver=1.10.2 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"db172a8212eb8b56d1f592a2003105ec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw3A%2Fjo1wu1OEsDG4UuwpLfgggj9q5XXFWFoe%2Fi%2FADSK8vxHOGT62U0P6gprtStyw21T9HZ%2B7Gh08C8ZS7Umnlf0%2FCSR1jss7nxXF%2Bifc%2FDFd795z07435rHBO36JgsbHxim1T7efAkLLAssbq9F7YcD"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f59bb53-FRA alt-svc h3=":443"; ma=86400
GET H2	200	flatsome.js Show response steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/	52 KB 17 KB	91ms 90ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/flatsome.js?ver=f55219565baa8ae8edba Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1ee16413c4f011c970bb2f1881fd2e409eb5374770a4c88711575cd5012ff8b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d56ac8adf4429020ca5e1181d32c667a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtQfQW97BpNNpZCsu%2BNnnohNXn3bzWtW88HUUaenQAgL28fHGzKq2asAWnLa5L1GFjpg08m7cs6y8vWvXYiouFU3qJF71v%2FBD1SggZBkAwS%2FtJzQTcV5SfhqJTSvfaA%2FYyojMgL20RhvqBfCSNmebrqM"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623627f5abb53-FRA alt-svc h3=":443"; ma=86400
GET H3	200	flatsome.js steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/	0 17 KB	860ms 860ms	Other application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/flatsome.js?ver=f55219565baa8ae8edba Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d56ac8adf4429020ca5e1181d32c667a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcQUO%2FbrMLdRR%2FahgixrfB4yEm9EAfve3k9kH%2FIXlcExIxaabsNPNP%2BROwHlmVoazwX4gdNzAArCE3M%2B7vfDtiErkc7tHILOyZDpqTunNxT15IKVcN8iKOq5itSXIR7MZ%2B9W3tG4%2B58KVnvQEFL6VsrG"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623639f910476-FRA alt-svc h3=":443"; ma=86400
GET H3	200	chunk.slider.js steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/	0 14 KB	673ms 673ms	Other application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.17.3 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"fdf81ef6be207cf72e63d8feb8dced04" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyx924BYurdhZVRxDn2iH8M19SO7hh%2BEeqnE68Jcq8%2BenINuiB94BWEGrTDT4xHxv702nTrsItx%2BxyD9ZGKT5vffiHFG6iyFEgNNTZen39sQoACYViyohKT8rXkfKYXjBPPu0PKscoz10y4gpPkCi7uV"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed62364283b0476-FRA alt-svc h3=":443"; ma=86400
GET H3	200	chunk.popups.js steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/	0 8 KB	289ms 289ms	Other application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.17.3 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f8cd732e75570ef5845ba26582a85f62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utqz9PGRGWL4Vf1k4HkmwtURBVKbw1prgENSgWa24zMoA5BXopZ584Qi8jLi8IUYhNnbTCLCR6Dp%2FizLz7HKIpHYzWSBESmZKMBRMS6D%2BRjxlecWwEwZnZpje2loKvZl%2B%2ByD0lmPtGm4jLIvmgiCHUks"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed6236428470476-FRA alt-svc h3=":443"; ma=86400
GET H3	200	chunk.tooltips.js steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/	0 11 KB	405ms 404ms	Other application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.17.3 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"fd23bda15eb3a9c238d55ca15d001515" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os6YGLEZ%2BvNG0adHnhmD%2F7Eonr%2FzIbNTuBxssA7APWh1HvXqLfdnC0qsqU2Uj9OmI2NGAsJAThEc8E3SsX7gzKXNE98LBKuTwNecQWO3VxvgRg2b%2BDAcIpWmC4Fu4dpjxi7hVid0tAZ94UjcNxOl%2BG1i"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed6236428490476-FRA alt-svc h3=":443"; ma=86400
GET H3	200	wp-emoji-release.min.js Show response steamkeys.pages.dev/wp-includes/js/	41 KB 10 KB	56ms 55ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2 Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f995b71b9d53ba816215d97e239ba013d135eef01b2acfa34cabbf19931bb602 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"92be4c1fc552847d8d12ed5bbe702e7c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9DUpFVhgCOx6BnptSQLassZJ9OhvZVdptA6NVCxYvtpKAYMww088BwkTqQr1gfO2BskEwDYxbm2PALVNk4q%2BNpOZBhVTLgPSOinJ3ANYUdcXFE3phRjKf8J0ruQiQhdBLnsAzsri5yftdOabKQddJHh"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed623633f230476-FRA alt-svc h3=":443"; ma=86400
GET H2	200	html.4083058.1ef01.0.js Show response d2u5m3g6vn5zro.cloudfront.net/public/external/v2/	10 KB 10 KB	379ms 328ms	Script application/javascript	2600:9000:206f:7a00:1f:53d:d500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2u5m3g6vn5zro.cloudfront.net/public/external/v2/html.4083058.1ef01.0.js Requested by Host: d115fsoldgezur.cloudfront.net URL: https://d115fsoldgezur.cloudfront.net/2455024.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7a00:1f:53d:d500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash bd7fe5e4ad5ee3b917ef0dc87b871a078cc78fc0eb1521cd30c167549e520913 Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT via 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id kjcmmvwheFQxf8iVB2mNz8brLsqKawc2iOdOX8Wvczvy7xoyir12Tw==
GET H2	200	css_front.css d2u5m3g6vn5zro.cloudfront.net/public/external/	6 KB 7 KB	226ms 174ms	Stylesheet text/css	2600:9000:206f:7a00:1f:53d:d500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2u5m3g6vn5zro.cloudfront.net/public/external/css_front.css Requested by Host: d115fsoldgezur.cloudfront.net URL: https://d115fsoldgezur.cloudfront.net/2455024.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7a00:1f:53d:d500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:56 GMT via 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-C1 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id yIglgn6fEmh-iLlT66fvr-3SlF9LGs-eOmpto3dp39tXGYpfr8KNoQ==
GET H3	200	pxiByp8kv8JHgFVrLDD4Z1xlE92JQEk.woff steamkeys.pages.dev/wp-content/fonts/poppins/	10 KB 11 KB	250ms 250ms	Font font/woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLDD4Z1xlE92JQEk.woff Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 993bd79059195b2f746858d3c3c981780ea7debf81554801a077ea7d67bd9f2e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://steamkeys.pages.dev/ Origin https://steamkeys.pages.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "de7ee0a3cdefca88af6d21a522aaf31f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17IvtlRYSQBtssqkuPxukz%2B3ARdoG5f9LYGmkDRX2JkVCmWvBi5HlCpc89HhpdDtq85tOIHKECVm9zTADZTLKD4eX2P9JFdbcmPbi3%2BO29KXl765OvQGF%2BViT61IR11CAatRcHISynRUEBQprpggYSC0"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed6236438540476-FRA alt-svc h3=":443"; ma=86400 content-length 10432
GET H3	200	pxiByp8kv8JHgFVrLEj6Z1xlE92JQEk.woff steamkeys.pages.dev/wp-content/fonts/poppins/	10 KB 11 KB	252ms 251ms	Font font/woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://steamkeys.pages.dev/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlE92JQEk.woff Requested by Host: steamkeys.pages.dev URL: https://steamkeys.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90ae1c77d18f1076414c514523e8b18db3df30fce734f00268c6c976a15b0e81 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://steamkeys.pages.dev/ Origin https://steamkeys.pages.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f643c84e0c1a68a0c96adb1156eed027" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8R3dv2GkHtjPjHwTJ%2F3XjYR%2BjOumTkdF7UKAVNB9oLGs%2FbvZhyzL9NWbu7XogR94Fevk6yRf9iMEx0GhoEdsOMXqG5kOFj6H8VuGjQkkqpnlbMwo%2BntVGWLBNLigW3B%2Ffo5wCt0M%2FG1S31YVp6l%2FPb%2F"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 7ed6236438560476-FRA alt-svc h3=":443"; ma=86400 content-length 10604
GET H2	200	css.css d2u5m3g6vn5zro.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	171ms 170ms	Stylesheet text/css	2600:9000:206f:7a00:1f:53d:d500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2u5m3g6vn5zro.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: d115fsoldgezur.cloudfront.net URL: https://d115fsoldgezur.cloudfront.net/2455024.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7a00:1f:53d:d500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:57 GMT via 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-C1 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id ZM44OgZc_AmkTusVDi830z2t0597FHq2ZT-ZYt-RxUYLjk3L9yUz6A==
GET H2	200	guid Show response d2u5m3g6vn5zro.cloudfront.net/public/	0 277 B	323ms 322ms	Script text/html	2600:9000:206f:7a00:1f:53d:d500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2u5m3g6vn5zro.cloudfront.net/public/guid?cpguid=ngdgk1koa&e=ll&t=1690474077817 Requested by Host: d115fsoldgezur.cloudfront.net URL: https://d115fsoldgezur.cloudfront.net/2455024.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7a00:1f:53d:d500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:58 GMT via 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id jF2U_5wfp_ZKQE4hLOk98bgJFij-Xmhl1kcicL7IOFpfCL1w3c6CGQ==
GET H2	200	check.php Show response d2u5m3g6vn5zro.cloudfront.net/public/external/	78 B 373 B	340ms 333ms	Script application/javascript	2600:9000:206f:7a00:1f:53d:d500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2u5m3g6vn5zro.cloudfront.net/public/external/check.php?it=4083058&time=1690474079202 Requested by Host: d115fsoldgezur.cloudfront.net URL: https://d115fsoldgezur.cloudfront.net/2455024.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7a00:1f:53d:d500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language nl-NL,nl;q=0.9 Referer https://steamkeys.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 16:07:59 GMT via 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id dqV1_6kDMNu_bfFYYjgFKhnjQUwOqVXrIEtIFqri_iSmKgGRsPQ6XQ==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings undefined| $ function| jQuery object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| flatsomeVars object| flatsomeChunks object| Flatsome function| cookie

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			steamkeys.pages.dev/	1970-01-20 13:48:58	Name: _cpguid Value: ngdgk1koa

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://steamkeys.pages.dev/ Message: Refused to execute script from 'https://steamkeys.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	warning	URL: https://steamkeys.pages.dev/(Line 291) Message: Mixed Content: The page at 'https://steamkeys.pages.dev/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://steamsource-keyslocker.local/'. This endpoint should be made available over a secure connection.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d115fsoldgezur.cloudfront.net
d2u5m3g6vn5zro.cloudfront.net
steamkeys.pages.dev
2600:9000:206f:7a00:1f:53d:d500:21
2600:9000:223e:9c00:15:b258:40c0:21
2a06:98c1:3121::3
1e9d597955003834b09a0ed0546bf9bddd72f773512ffd61fe7e8937175076bc
3be79631f256a26c5b4bf7ace54c850adffcd018b1d2f26c3af9dd41dacdfe7d
59b64bb0ba614c4f05dcad3ba8adfa23e82ce71c8c08785888a1dde3de081478
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4
90ae1c77d18f1076414c514523e8b18db3df30fce734f00268c6c976a15b0e81
993bd79059195b2f746858d3c3c981780ea7debf81554801a077ea7d67bd9f2e
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1ee16413c4f011c970bb2f1881fd2e409eb5374770a4c88711575cd5012ff8b
bd7fe5e4ad5ee3b917ef0dc87b871a078cc78fc0eb1521cd30c167549e520913
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f995b71b9d53ba816215d97e239ba013d135eef01b2acfa34cabbf19931bb602