steamwallet.ecarrier.net Open in urlscan Pro
193.111.234.59 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://steamwallet.ecarrier.net/
Effective URL:
https://steamwallet.ecarrier.net/
Submission: On June 06 via api (June 6th 2022, 8:07:44 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 193.111.234.59, located in Iran, Islamic Republic Of and belongs to ASIATECH, IR. The main domain is steamwallet.ecarrier.net.
TLS certificate: Issued by R3 on April 9th 2022. Valid for: 3 months.

This is the only time steamwallet.ecarrier.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address		AS Autonomous System
1 18	193.111.234.59 193.111.234.59		43754 (ASIATECH) (ASIATECH)
18	2

18 193.111.234.59 (Iran, Islamic Republic Of) 1 redirects

ASN43754 (ASIATECH, IR)

steamwallet.ecarrier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ecarrier.net 1 redirects steamwallet.ecarrier.net	1 MB
0	nabztheme.com Failed styledl.nabztheme.com Failed
18	2

	Domain	Requested by
18	steamwallet.ecarrier.net	1 redirects steamwallet.ecarrier.net
0	styledl.nabztheme.com Failed	steamwallet.ecarrier.net
18	2

This site contains links to these domains. Also see Links.

Domain
steamcommunity.com
store.steampowered.com
help.steampowered.com

Subject Issuer	Validity	Valid
*.ecarrier.net R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://steamwallet.ecarrier.net/
Frame ID: 5E5E5B3394806E15DB829BA33CE4A9BA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redeem a Steam Gift Card

Page URL History Show full URLs

http://steamwallet.ecarrier.net/ HTTP 301
https://steamwallet.ecarrier.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1305 kB
Transfer

2007 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://steamcommunity.com/login/home/?goto=
Title: login

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/about/
Title: Install Steam

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/
Title: STORE

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/
Title: COMMUNITY

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/chat/
Title: CHAT

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/en/
Title: SUPPORT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://steamwallet.ecarrier.net/ HTTP 301
https://steamwallet.ecarrier.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response steamwallet.ecarrier.net/ Redirect Chain http://steamwallet.ecarrier.net/ https://steamwallet.ecarrier.net/	73 KB 13 KB	3251ms 3020ms	Document text/html	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / PHP/7.4.22 Resource Hash `72d1071c8a56c67f8cc07ea4b72148fb3392bcc549bdb88d150d59a86341453f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 13217 Content-Type text/html; charset=UTF-8 Date Mon, 06 Jun 2022 20:07:35 GMT Keep-Alive timeout=2, max=100 Link <https://steamwallet.ecarrier.net/index.php?rest_route=/>; rel="https://api.w.org/" <https://steamwallet.ecarrier.net/index.php?rest_route=/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://steamwallet.ecarrier.net/>; rel=shortlink Server Apache/2 Vary Accept-Encoding,User-Agent X-Powered-By PHP/7.4.22 Redirect headers Connection Keep-Alive Content-Length 241 Content-Type text/html; charset=iso-8859-1 Date Mon, 06 Jun 2022 20:07:34 GMT Keep-Alive timeout=2, max=100 Location https://steamwallet.ecarrier.net/ Server Apache/2
GET H/1.1	200 OK	style-rtl.min.css steamwallet.ecarrier.net/wp-includes/css/dist/block-library/	87 KB 12 KB	213ms 111ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Tue, 24 May 2022 21:56:53 GMT Server Apache/2 ETag "15a87-5dfc908d76671-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 11623
GET H/1.1	200 OK	formreset.min.css steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/	4 KB 735 B	271ms 92ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/formreset.min.css?ver=2.4.20 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 22:02:18 GMT Server Apache/2 ETag "f14-5c59e4b09ee80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 402
GET H/1.1	200 OK	formsmain.min.css steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/	73 KB 12 KB	274ms 95ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/formsmain.min.css?ver=2.4.20 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `b1aa06690d5ab9d485e6d507b1b692c9dcfd7dc1c3a2018631b07345df48b080` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 22:02:18 GMT Server Apache/2 ETag "12305-5c59e4b09ee80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 11788
GET H/1.1	200 OK	readyclass.min.css steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/	30 KB 4 KB	274ms 92ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/readyclass.min.css?ver=2.4.20 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 22:02:18 GMT Server Apache/2 ETag "76e7-5c59e4b09ee80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 3406
GET H/1.1	200 OK	browsers.min.css steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/	7 KB 2 KB	292ms 98ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/browsers.min.css?ver=2.4.20 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 22:02:18 GMT Server Apache/2 ETag "1d79-5c59e4b09ee80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 1227
GET H/1.1	200 OK	rtl.min.css steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/	21 KB 3 KB	297ms 102ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/plugins/gravityforms-master/css/rtl.min.css?ver=2.4.20 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `438740e5c6c9fa0baf0fede888e1843aca167355e12726a2872cb110cc8fb72a` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 22:02:18 GMT Server Apache/2 ETag "54ea-5c59e4b09ee80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 3081
GET H/1.1	200 OK	style.min.css steamwallet.ecarrier.net/wp-content/themes/Zephyr/css/	296 KB 55 KB	331ms 120ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/themes/Zephyr/css/style.min.css?ver=7.0.3 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `8ca54ad7c2125ceb8ccc818fe9f11540ed97b780f1a1f4038306776e26690f8d` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 21:41:38 GMT Server Apache/2 ETag "49f6d-5c59e01210880-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 55627
GET H/1.1	200 OK	rtl.min.css steamwallet.ecarrier.net/wp-content/themes/Zephyr/common/css/	19 KB 4 KB	360ms 91ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/themes/Zephyr/common/css/rtl.min.css?ver=7.0.3 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `d91d53721aab8c1e586a1909f3359481223aa3b063a7e5984b3277900f76f1ca` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 21:41:38 GMT Server Apache/2 ETag "4c88-5c59e01210880-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 3877
GET H/1.1	200 OK	responsive.min.css steamwallet.ecarrier.net/wp-content/themes/Zephyr/common/css/	20 KB 4 KB	370ms 97ms	Stylesheet text/css	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/themes/Zephyr/common/css/responsive.min.css?ver=7.0.3 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `d2ba242d6c332fe9449ad1da69e96a9ebc8c9bb6a9e5b368740799fa2356b7a7` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 21:41:38 GMT Server Apache/2 ETag "5106-5c59e01210880-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 4260
GET		nabzthemefonts.css styledl.nabztheme.com/free/	0 0

GET H/1.1	200 OK	wp-emoji-release.min.js Show response steamwallet.ecarrier.net/wp-includes/js/	18 KB 5 KB	110ms 110ms	Script application/javascript	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Tue, 24 May 2022 21:56:52 GMT Server Apache/2 ETag "48b9-5dfc908d24dbf-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 5009
GET H/1.1	200 OK	jquery.min.js Show response steamwallet.ecarrier.net/wp-includes/js/jquery/	87 KB 31 KB	268ms 95ms	Script application/javascript	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Sun, 01 Aug 2021 21:39:49 GMT Server Apache/2 ETag "15db1-5c8864ac2b340-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 30908
GET H/1.1	200 OK	jquery-migrate.min.js Show response steamwallet.ecarrier.net/wp-includes/js/jquery/	11 KB 4 KB	289ms 98ms	Script application/javascript	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Wed, 18 Nov 2020 14:06:06 GMT Server Apache/2 ETag "2bd8-5b4621cc4af80-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 4169
GET H/1.1	200 OK	us.core.min.js Show response steamwallet.ecarrier.net/wp-content/themes/Zephyr/js/	138 KB 34 KB	301ms 107ms	Script application/javascript	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/themes/Zephyr/js/us.core.min.js?ver=7.0.3 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `b45ff622cc82e3641030f7e59e119b3c74b8c42aa6d0e9b1fce6760813589bc1` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 21:41:38 GMT Server Apache/2 ETag "226f3-5c59e01210880-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 34160
GET H/1.1	200 OK	steam.png steamwallet.ecarrier.net/wp-content/uploads/2021/06/	1 MB 1 MB	96ms 96ms	Image image/png	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Show image Full URL https://steamwallet.ecarrier.net/wp-content/uploads/2021/06/steam.png Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `8066bb39ee7bff8401619ece12cdc465428a5d500b5afe63e3f976ef3c17ea3b` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Last-Modified Fri, 25 Jun 2021 21:49:01 GMT Server Apache/2 ETag "109076-5c59e1b88ad40" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 1085558
GET H/1.1	200 OK	material-icons.woff2 steamwallet.ecarrier.net/wp-content/themes/Zephyr/fonts/	59 KB 60 KB	115ms 115ms	Font application/octet-stream	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://steamwallet.ecarrier.net/wp-content/themes/Zephyr/fonts/material-icons.woff2?ver=5.14.0 Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `4517f0a3893222df073141313c178ccbc99343f3903fb12023173b0d9de78ab9` Request headers Referer https://steamwallet.ecarrier.net/ Origin https://steamwallet.ecarrier.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 21:41:38 GMT Server Apache/2 ETag "eda0-5c59e01210880-gzip" Vary Accept-Encoding,User-Agent Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=97 Content-Length 60860
GET H/1.1	200 OK	logo_steam.svg steamwallet.ecarrier.net/wp-content/uploads/2021/06/	4 KB 2 KB	98ms 98ms	Image image/svg+xml	193.111.234.59 ASIATECH
General Check archive.org Show headers Download Go to Show image Full URL https://steamwallet.ecarrier.net/wp-content/uploads/2021/06/logo_steam.svg Requested by Host: steamwallet.ecarrier.net URL: https://steamwallet.ecarrier.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.111.234.59 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software Apache/2 / Resource Hash `c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb` Request headers accept-language de-DE,de;q=0.9 Referer https://steamwallet.ecarrier.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Mon, 06 Jun 2022 20:07:38 GMT Content-Encoding gzip Last-Modified Fri, 25 Jun 2021 22:01:38 GMT Server Apache/2 ETag "e64-5c59e48a79480-gzip" Vary Accept-Encoding,User-Agent Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 1736

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: styledl.nabztheme.com
URL: https://styledl.nabztheme.com/free/nabzthemefonts.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://styledl.nabztheme.com/free/nabzthemefonts.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

steamwallet.ecarrier.net
styledl.nabztheme.com
styledl.nabztheme.com
193.111.234.59
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
438740e5c6c9fa0baf0fede888e1843aca167355e12726a2872cb110cc8fb72a
4517f0a3893222df073141313c178ccbc99343f3903fb12023173b0d9de78ab9
46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
72d1071c8a56c67f8cc07ea4b72148fb3392bcc549bdb88d150d59a86341453f
7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674
8066bb39ee7bff8401619ece12cdc465428a5d500b5afe63e3f976ef3c17ea3b
8ca54ad7c2125ceb8ccc818fe9f11540ed97b780f1a1f4038306776e26690f8d
b1aa06690d5ab9d485e6d507b1b692c9dcfd7dc1c3a2018631b07345df48b080
b45ff622cc82e3641030f7e59e119b3c74b8c42aa6d0e9b1fce6760813589bc1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
d2ba242d6c332fe9449ad1da69e96a9ebc8c9bb6a9e5b368740799fa2356b7a7
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d91d53721aab8c1e586a1909f3359481223aa3b063a7e5984b3277900f76f1ca
e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb

steamwallet.ecarrier.net Open in urlscan Pro 193.111.234.59 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1305 kBTransfer

2007 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

steamwallet.ecarrier.net Open in urlscan Pro
193.111.234.59 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1305 kB
Transfer

2007 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!