help.poweredsupport.com
Open in
urlscan Pro
172.67.148.183
Malicious Activity!
Public Scan
Submission: On October 15 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by WE1 on August 29th 2024. Valid for: 3 months.
This is the only time help.poweredsupport.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 172.67.148.183 172.67.148.183 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.67.163.45 172.67.163.45 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 23.204.10.89 23.204.10.89 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 23.44.201.203 23.44.201.203 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 188.116.20.70 188.116.20.70 | 200590 (ASNLS) (ASNLS) | |
28 | 5 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-204-10-89.deploy.static.akamaitechnologies.com
help.steampowered.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-203.deploy.static.akamaitechnologies.com
avatars.akamai.steamstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
poweredsupport.com
1 redirects
help.poweredsupport.com |
786 KB |
5 |
steampowered.com
help.steampowered.com — Cisco Umbrella Rank: 39076 |
9 KB |
3 |
steamstatic.com
avatars.akamai.steamstatic.com — Cisco Umbrella Rank: 23654 |
4 KB |
2 |
pulsy.top
pulsy.top |
3 KB |
1 |
tyson-mrbeast.pics
tyson-mrbeast.pics |
393 B |
28 | 5 |
Domain | Requested by | |
---|---|---|
18 | help.poweredsupport.com |
1 redirects
help.poweredsupport.com
|
5 | help.steampowered.com |
help.poweredsupport.com
|
3 | avatars.akamai.steamstatic.com |
help.poweredsupport.com
|
2 | pulsy.top |
help.poweredsupport.com
pulsy.top |
1 | tyson-mrbeast.pics |
help.poweredsupport.com
|
28 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
store.steampowered.com |
steamcommunity.com |
help.steampowered.com |
www.valvesoftware.com |
partner.steamgames.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
poweredsupport.com WE1 |
2024-08-29 - 2024-11-27 |
3 months | crt.sh |
pulsy.top WE1 |
2024-08-27 - 2024-11-25 |
3 months | crt.sh |
store.steampowered.com DigiCert SHA2 Extended Validation Server CA |
2023-12-05 - 2024-12-05 |
a year | crt.sh |
avatars.akamai.steamstatic.com R11 |
2024-08-15 - 2024-11-13 |
3 months | crt.sh |
tyson-mrbeast.pics R11 |
2024-10-07 - 2025-01-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://help.poweredsupport.com/v/76561198840695586
Frame ID: 586B491DCE0389D0EF097689463F174F
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Support :: KusiGamePage URL History Show full URLs
- https://help.poweredsupport.com/v/76561198840695586 Page URL
-
https://help.poweredsupport.com/cdn-cgi/phish-bypass?atok=Lg_A3Hs1b7a6DUvhP33_.rk2I35ETJMkUmVN2mylGwY-172897...
HTTP 301
https://help.poweredsupport.com/v/76561198840695586 Page URL
Page Statistics
38 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Discovery Queue
Search URL Search Domain Scan URL
Title: Wishlist
Search URL Search Domain Scan URL
Title: Points Shop
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Stats
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Discussions
Search URL Search Domain Scan URL
Title: Workshop
Search URL Search Domain Scan URL
Title: Market
Search URL Search Domain Scan URL
Title: Broadcasts
Search URL Search Domain Scan URL
Title: KusiGame
Search URL Search Domain Scan URL
Title: Activity
Search URL Search Domain Scan URL
Title: Friends
Search URL Search Domain Scan URL
Title: Games
Search URL Search Domain Scan URL
Title: Groups
Search URL Search Domain Scan URL
Title: Content
Search URL Search Domain Scan URL
Title: Badges
Search URL Search Domain Scan URL
Title: Inventory
Search URL Search Domain Scan URL
Title: Year In Review
Search URL Search Domain Scan URL
Title: Chat
Search URL Search Domain Scan URL
Title: View my profile
Search URL Search Domain Scan URL
Title: Account details
Search URL Search Domain Scan URL
Title: Store preferences
Search URL Search Domain Scan URL
Title: View my wallet
Search URL Search Domain Scan URL
Title: Another steps...
Search URL Search Domain Scan URL
Title: Using a Router with Steam
Search URL Search Domain Scan URL
Title: Using a Firewall with Steam
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Steam Subscriber Agreement
Search URL Search Domain Scan URL
Title: About Valve
Search URL Search Domain Scan URL
Title: Steamworks
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Steam Distribution
Search URL Search Domain Scan URL
Title: Gift Cards
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://help.poweredsupport.com/v/76561198840695586 Page URL
-
https://help.poweredsupport.com/cdn-cgi/phish-bypass?atok=Lg_A3Hs1b7a6DUvhP33_.rk2I35ETJMkUmVN2mylGwY-1728970521-0.0.1.1-%2Fv%2F76561198840695586
HTTP 301
https://help.poweredsupport.com/v/76561198840695586 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
76561198840695586
help.poweredsupport.com/v/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
speculation
help.poweredsupport.com/cdn-cgi/ |
128 B 500 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
help.poweredsupport.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-exclamation.png
help.poweredsupport.com/cdn-cgi/images/ |
452 B 541 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
help.poweredsupport.com/ |
4 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
76561198840695586
help.poweredsupport.com/v/ Redirect Chain
|
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
help.poweredsupport.com/cdn-cgi/ |
128 B 600 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.tagged-events.pageview-props.outbound-links.js
pulsy.top/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3d0da5is9kfs.js
help.poweredsupport.com/public/assets/js/ |
506 KB 171 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-1485cae2.css
help.poweredsupport.com/public/build/assets/ |
50 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-f123e354.js
help.poweredsupport.com/public/build/assets/ |
177 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_steam.svg
help.steampowered.com/public/shared/images/header/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
523b1f904b597b005582940e416972e7f79b0b84_medium.jpg
avatars.akamai.steamstatic.com/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_medium.jpg
avatars.akamai.steamstatic.com/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footerLogo_valve_new.png
help.steampowered.com/public/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blue_body_top-aeacbf69.jpg
help.poweredsupport.com/public/build/assets/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blue_body_repeat-b258176e.jpg
help.poweredsupport.com/public/build/assets/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_header_installsteam_download.png
help.steampowered.com/public/shared/images/header/ |
291 B 595 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_arrow_down_padded.png
help.steampowered.com/public/shared/images/popups/ |
161 B 464 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_right.png
help.steampowered.com/public/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MotivaSans-Medium-045b433f.ttf
help.poweredsupport.com/public/build/assets/ |
121 KB 122 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MotivaSans-Regular-19b8db16.ttf
help.poweredsupport.com/public/build/assets/ |
120 KB 120 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MotivaSans-Light-6b7a3177.ttf
help.poweredsupport.com/public/build/assets/ |
120 KB 120 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
pulsy.top/api/ |
2 B 522 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dehghuecaofpekxewzmvbjwhlepamvefqvetilzljcvebn
tyson-mrbeast.pics/ |
48 B 393 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
76561198840695586
help.poweredsupport.com/steam/getUser/ |
729 B 829 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
help.poweredsupport.com/public/ |
38 KB 28 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
523b1f904b597b005582940e416972e7f79b0b84_medium.jpg
avatars.akamai.steamstatic.com/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming) Generic Cloudflare (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| m0_0x33e6 function| m0_0x5183 function| _ function| toggleA object| steam function| plausible2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.help.poweredsupport.com/ | Name: __cf_mw_byp Value: Lg_A3Hs1b7a6DUvhP33_.rk2I35ETJMkUmVN2mylGwY-1728970521-0.0.1.1-/v/76561198840695586 |
|
help.poweredsupport.com/ | Name: account_id Value: 76561198840695586 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avatars.akamai.steamstatic.com
help.poweredsupport.com
help.steampowered.com
pulsy.top
tyson-mrbeast.pics
172.67.148.183
172.67.163.45
188.116.20.70
23.204.10.89
23.44.201.203
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1485cae2f5e85e133fe26948e101aeb7a968571aa16c8ed3895f60fc9115d7ff
18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
286711cc295870b313303c68911ab7bcc6ff39511f528ff3d18406729152676f
2eb601d427a8fababf53e23144c843c738be13d79f12d97338c026eb080bb5e7
46e3b5a6b72989568f517ed8d9b2bb61dbd72e5edb9b89b2705d4a51b2e9d030
6014d4b2c161b5a7016eabc5229dacbf18dafd06b9fb968ff483d0a5e72455e4
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
94c4f561af79ec3e608a1d2c9b58a9b05d39d0ace10c5e5b39532301f38d1ec6
94d11eaa406649fe4ec573a93269843329303ade576c6916269137e0363af808
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
acac1e69cd8e9ad785bf5b0cbe6a5ea752440b359f2adf8871a1602a990a875d
aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7
b258176e6b291343c18679962ab8658108451a22f12a5aecab106501d8bc091e
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
c5e52a948590226a9a789364ffa8171c33ba7f1749481b1a4a8b06162dd4c792
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc
dc42ca146357d47e0721f71919bff9ebd58b5ebde7dbe9a18db2728ca82ff93c
ed9bf9e5fbbd1997782a53feedaab49a83f5b9c9c7b71707394692dc28a76bac
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016