steamwallet.ecarrier.net
Open in
urlscan Pro
193.111.234.59
Malicious Activity!
Public Scan
Effective URL: https://steamwallet.ecarrier.net/
Submission: On June 06 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 9th 2022. Valid for: 3 months.
This is the only time steamwallet.ecarrier.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 193.111.234.59 193.111.234.59 | 43754 (ASIATECH) (ASIATECH) | |
18 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
ecarrier.net
1 redirects
steamwallet.ecarrier.net |
1 MB |
0 |
nabztheme.com
Failed
styledl.nabztheme.com Failed |
|
18 | 2 |
Domain | Requested by | |
---|---|---|
18 | steamwallet.ecarrier.net |
1 redirects
steamwallet.ecarrier.net
|
0 | styledl.nabztheme.com Failed |
steamwallet.ecarrier.net
|
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
steamcommunity.com |
store.steampowered.com |
help.steampowered.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ecarrier.net R3 |
2022-04-09 - 2022-07-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://steamwallet.ecarrier.net/
Frame ID: 5E5E5B3394806E15DB829BA33CE4A9BA
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Redeem a Steam Gift CardPage URL History Show full URLs
-
http://steamwallet.ecarrier.net/
HTTP 301
https://steamwallet.ecarrier.net/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: login
Search URL Search Domain Scan URL
Title: Install Steam
Search URL Search Domain Scan URL
Title: STORE
Search URL Search Domain Scan URL
Title: COMMUNITY
Search URL Search Domain Scan URL
Title: CHAT
Search URL Search Domain Scan URL
Title: SUPPORT
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://steamwallet.ecarrier.net/
HTTP 301
https://steamwallet.ecarrier.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
steamwallet.ecarrier.net/ Redirect Chain
|
73 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style-rtl.min.css
steamwallet.ecarrier.net/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
formreset.min.css
steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/ |
4 KB 735 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
formsmain.min.css
steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/ |
73 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
readyclass.min.css
steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/ |
30 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
browsers.min.css
steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rtl.min.css
steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/ |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
steamwallet.ecarrier.net/wp-content/themes/Zephyr/css/ |
296 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rtl.min.css
steamwallet.ecarrier.net/wp-content/themes/Zephyr/common/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.min.css
steamwallet.ecarrier.net/wp-content/themes/Zephyr/common/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nabzthemefonts.css
styledl.nabztheme.com/free/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
steamwallet.ecarrier.net/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
steamwallet.ecarrier.net/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
steamwallet.ecarrier.net/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.core.min.js
steamwallet.ecarrier.net/wp-content/themes/Zephyr/js/ |
138 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
steam.png
steamwallet.ecarrier.net/wp-content/uploads/2021/06/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
material-icons.woff2
steamwallet.ecarrier.net/wp-content/themes/Zephyr/fonts/ |
59 KB 60 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_steam.svg
steamwallet.ecarrier.net/wp-content/uploads/2021/06/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- styledl.nabztheme.com
- URL
- https://styledl.nabztheme.com/free/nabzthemefonts.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _wpemojiSettings object| root object| $us undefined| $ function| jQuery function| EvEmitter function| imagesLoaded object| twemoji object| wp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
steamwallet.ecarrier.net
styledl.nabztheme.com
styledl.nabztheme.com
193.111.234.59
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
438740e5c6c9fa0baf0fede888e1843aca167355e12726a2872cb110cc8fb72a
4517f0a3893222df073141313c178ccbc99343f3903fb12023173b0d9de78ab9
46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
72d1071c8a56c67f8cc07ea4b72148fb3392bcc549bdb88d150d59a86341453f
7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674
8066bb39ee7bff8401619ece12cdc465428a5d500b5afe63e3f976ef3c17ea3b
8ca54ad7c2125ceb8ccc818fe9f11540ed97b780f1a1f4038306776e26690f8d
b1aa06690d5ab9d485e6d507b1b692c9dcfd7dc1c3a2018631b07345df48b080
b45ff622cc82e3641030f7e59e119b3c74b8c42aa6d0e9b1fce6760813589bc1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
d2ba242d6c332fe9449ad1da69e96a9ebc8c9bb6a9e5b368740799fa2356b7a7
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d91d53721aab8c1e586a1909f3359481223aa3b063a7e5984b3277900f76f1ca
e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb