urlscan.io logo urlscan.io
SecurityTrails logo

valve.poweredsupport.com Open in urlscan Pro
2606:4700:3030::6815:1d5c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://valve.poweredsupport.com/v/76561198336658244/
Effective URL: https://valve.poweredsupport.com/v/76561198336658244
Submission: On September 25 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3030::6815:1d5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is valve.poweredsupport.com.
TLS certificate: Issued by WE1 on August 29th 2024. Valid for: 3 months.
This is the only time valve.poweredsupport.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 12 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 92.122.104.90 16625 (AKAMAI-AS)
2 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 188.116.20.70 200590 (ASNLS)
21 5
12    2606:4700:3030::6815:1d5c (United States)

ASN13335 (CLOUDFLARENET, US)
valve.poweredsupport.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
pulsy.top
5    92.122.104.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-104-90.deploy.static.akamaitechnologies.com
help.steampowered.com
2    2a02:26f0:e300::5f64:9243 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
avatars.akamai.steamstatic.com
1    188.116.20.70 (Almaty, Kazakhstan)

ASN200590 (ASNLS, KZ)
tyson-beast.pics
Apex Domain
Subdomains		 Transfer
12 poweredsupport.com
valve.poweredsupport.com
580 KB
5 steampowered.com
help.steampowered.com — Cisco Umbrella Rank: 31558
9 KB
2 steamstatic.com
avatars.akamai.steamstatic.com — Cisco Umbrella Rank: 19600
4 KB
2 pulsy.top
pulsy.top
3 KB
1 tyson-beast.pics
tyson-beast.pics
393 B
21 5
Domain Requested by
12 valve.poweredsupport.com 1 redirects valve.poweredsupport.com
5 help.steampowered.com valve.poweredsupport.com
2 avatars.akamai.steamstatic.com valve.poweredsupport.com
2 pulsy.top valve.poweredsupport.com
pulsy.top
1 tyson-beast.pics valve.poweredsupport.com
21 5
Subject Issuer Validity Valid
poweredsupport.com
WE1		 2024-08-29 -
2024-11-27		 3 months crt.sh
pulsy.top
WE1		 2024-08-27 -
2024-11-25		 3 months crt.sh
store.steampowered.com
DigiCert SHA2 Extended Validation Server CA		 2023-12-05 -
2024-12-05		 a year crt.sh
avatars.akamai.steamstatic.com
R11		 2024-08-15 -
2024-11-13		 3 months crt.sh
tyson-beast.pics
R10		 2024-09-11 -
2024-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://valve.poweredsupport.com/v/76561198336658244
Frame ID: DF7E9579094576A0E9F6F7E3A718130D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Support :: ☭wersertf☭

Page URL History Show full URLs

  1. http://valve.poweredsupport.com/v/76561198336658244/ HTTP 307
    https://valve.poweredsupport.com/v/76561198336658244/ HTTP 301
    http://valve.poweredsupport.com/v/76561198336658244 HTTP 307
    https://valve.poweredsupport.com/v/76561198336658244 Page URL

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

595 kB
Transfer

1286 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://valve.poweredsupport.com/v/76561198336658244/ HTTP 307
    https://valve.poweredsupport.com/v/76561198336658244/ HTTP 301
    http://valve.poweredsupport.com/v/76561198336658244 HTTP 307
    https://valve.poweredsupport.com/v/76561198336658244 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 76561198336658244
valve.poweredsupport.com/v/
Redirect Chain
  • http://valve.poweredsupport.com/v/76561198336658244/
  • https://valve.poweredsupport.com/v/76561198336658244/
  • http://valve.poweredsupport.com/v/76561198336658244
  • https://valve.poweredsupport.com/v/76561198336658244
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/v/76561198336658244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.8
Resource Hash
50175bf8d38e3ddb18d810d037cd0c51b297eb6b9a18683f0faa60d726b8a326

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
valve.poweredsupport.com
cf-cache-status
DYNAMIC
cf-ray
8c878f6c1c8f2bb6-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 25 Sep 2024 02:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B2%2F9wErQazq14sq6GICmIjhjxsqOQjyVMZijL8TrQJfMZC7%2FdDZ22yPXBTMrA3rf1ImC46hXRhY0KqIDZt71%2FvCRQx4f7ADDSZ%2BIV%2B1aW43KNxGPr%2FrmbCVt6Ds8SE9UHsrMfg3To7BAViFX7CmufEnG88uT0A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Accept-Encoding
x-powered-by
PHP/8.3.8

Redirect headers

Location
https://valve.poweredsupport.com/v/76561198336658244
Non-Authoritative-Reason
HttpsUpgrades
script.tagged-events.pageview-props.outbound-links.js
pulsy.top/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pulsy.top/js/script.tagged-events.pageview-props.outbound-links.js
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e3b5a6b72989568f517ed8d9b2bb61dbd72e5edb9b89b2705d4a51b2e9d030
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
37897
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ByjDX1P%2BzVGryq6eDBstJJKshA2I8ESEOcQOW1XQKvmVTpG96ci7DHfOJvl%2F5U74aiagbJUx3WU32blt0pyDbLrYQTnre77K6ouXkk5QpexEJesOFEZP4NaKaVsulQr%2FdUEa%2BqMFw8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 25 Sep 2024 02:24:50 GMT
content-type
application/javascript
x-served-by
pulsy.top
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 15:53:13 GMT
cache-control
public, max-age=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8c878f6ea8931cb9-FRA
access-control-allow-origin
*
server
cloudflare
3d0da5is9kfs.js
valve.poweredsupport.com/public/assets/js/ 		505 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/assets/js/3d0da5is9kfs.js
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d49a44db1368b8f08c84b230cce07a94a7126692ab02b862b35dad85f0de052

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/v/76561198336658244

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66e22d4e-7e525"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7G6qgeM9qNk2f2Alliqxv%2BT2%2Be12oOsyvbd1obXtHBHt4xbqq0O08LjmT%2BL9BzEvKH3oIomTDr1t80RTTgqPfCPRrvj%2FQfVyJJYMUwOZxrH8KoamyOScHeQK9qYHlq0CzlWVfge8oZkDneYFDUDBY1zqGrq448%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6dcde22bb6-FRA
date
Wed, 25 Sep 2024 02:24:50 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Sep 2024 23:52:46 GMT
vary
Accept-Encoding
server
cloudflare
app-1485cae2.css
valve.poweredsupport.com/public/build/assets/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1485cae2f5e85e133fe26948e101aeb7a968571aa16c8ed3895f60fc9115d7ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/v/76561198336658244

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66f3386c-c63c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbrNrCKzZK6qu3yblo5ZTAroTx8gJRjwUNMH96iANAWD1I9nb1yFFnJFm2I3cWgoJ2B%2Btp%2FwVMf4M353IQYt6UYdLa0zyVmMM6cy8hiLG%2BefYR10wkb%2FrGAIJ1sMGKuBPxTgsVMHvRUAxYx6PH%2BUEhD%2FVJLE4IM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6dcde52bb6-FRA
date
Wed, 25 Sep 2024 02:24:50 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
app-e7eb089f.js
valve.poweredsupport.com/public/build/assets/ 		182 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/build/assets/app-e7eb089f.js
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276462b558dc3093039b31edd198acd455d59fa1dcdbb2c46e22ea844292b924

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://valve.poweredsupport.com
Referer
https://valve.poweredsupport.com/v/76561198336658244

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66f3386c-2d800"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ4eximL4RoJIadnG8E9y7DLk9xkQ31JIuPxnp9KrdukeWTrQqJvvx2NI5agrMYM%2F%2B%2FdoNTUSmC11shT3BsT5i5bZBZfI5i1Ztdifj5euRKs71pu%2FdQyF7lvQwQoqfXuB6GBZtnwbMCHgRFOUTWeZYYcEq6Qpjo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6dcde62bb6-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 25 Sep 2024 02:24:50 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
logo_steam.svg
help.steampowered.com/public/shared/images/header/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.steampowered.com/public/shared/images/header/logo_steam.svg?t=962016
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.104.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
ETag
"5fb45dad-e64"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3684
Date
Wed, 25 Sep 2024 02:24:51 GMT
Content-Type
image/svg+xml
Last-Modified
Tue, 17 Nov 2020 23:33:01 GMT
Server
nginx
63833adcb6311e253fe6463e88ba11200fc83dfd_medium.jpg
avatars.akamai.steamstatic.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.akamai.steamstatic.com/63833adcb6311e253fe6463e88ba11200fc83dfd_medium.jpg
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9243 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6fc573887858cc7500fb5c79752cf88518348a6245f1feccdec2ba4f9858f761

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

content-md5
CxZwHbbLDnoYssYozC2mzQ==
cache-control
public, max-age=315341246
etag
"0x8DB1593E38C0414"
expires
Fri, 22 Sep 2034 21:12:16 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2534
date
Wed, 25 Sep 2024 02:24:50 GMT
content-type
image/jpeg
last-modified
Thu, 23 Feb 2023 11:48:32 GMT
server
nginx
fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_medium.jpg
avatars.akamai.steamstatic.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_medium.jpg
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9243 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c5e52a948590226a9a789364ffa8171c33ba7f1749481b1a4a8b06162dd4c792

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

cache-control
public, max-age=305919012
etag
"5b36b962-58f"
expires
Mon, 05 Jun 2034 19:55:02 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
1423
date
Wed, 25 Sep 2024 02:24:50 GMT
content-type
image/jpeg
last-modified
Fri, 29 Jun 2018 22:57:38 GMT
server
nginx
footerLogo_valve_new.png
help.steampowered.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.steampowered.com/public/images/footerLogo_valve_new.png
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/v/76561198336658244
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.104.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

ETag
"605a768e-a18"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2584
Date
Wed, 25 Sep 2024 02:24:51 GMT
Content-Type
image/png
Last-Modified
Tue, 23 Mar 2021 23:15:26 GMT
Server
nginx
blue_body_top-aeacbf69.jpg
valve.poweredsupport.com/public/build/assets/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valve.poweredsupport.com/public/build/assets/blue_body_top-aeacbf69.jpg
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f3386c-c6c7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBxvEDdAYlGYj8W4oJdnzear3MLtx9QQ5%2BVM3nQBXuLnCu2oZJhk%2FLqpdS5rVDiYTHRrQw9W2w5y4duMhqHUP2AM%2Bsb%2BGFz62HhAvwOhFh8Qby9F8VYBX9rphjTmphwhwFr3HlekM5t2q9lpsc6giFHt3OusC90%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6eae622bb6-FRA
accept-ranges
bytes
content-length
50887
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
image/jpeg
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
blue_body_repeat-b258176e.jpg
valve.poweredsupport.com/public/build/assets/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valve.poweredsupport.com/public/build/assets/blue_body_repeat-b258176e.jpg
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b258176e6b291343c18679962ab8658108451a22f12a5aecab106501d8bc091e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66f3386c-100cf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MMJfk3y%2FvwKnPyVU7agoMHGim%2FzMq4BKUaefjYQPPxGcQVPdRA4Ss7Qm91qtpZrNFH2gWM4wUca2bex%2FI7e0NovQ5B53gia8GHB5sAk0edDyt6qP0RL1jTydSdEeF5y1SqlL%2BEU4EHFUaBHrIy6SnOjrOACS3k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6eae642bb6-FRA
accept-ranges
bytes
content-length
65743
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
image/jpeg
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
btn_header_installsteam_download.png
help.steampowered.com/public/shared/images/header/ 		291 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.steampowered.com/public/shared/images/header/btn_header_installsteam_download.png?v=1
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.104.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
ETag
"5ab19bf7-123"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
291
Date
Wed, 25 Sep 2024 02:24:51 GMT
Content-Type
image/png
Last-Modified
Tue, 20 Mar 2018 23:40:39 GMT
Server
nginx
btn_arrow_down_padded.png
help.steampowered.com/public/shared/images/popups/ 		161 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.steampowered.com/public/shared/images/popups/btn_arrow_down_padded.png
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.104.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
ETag
"5a4ffd98-a1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
161
Date
Wed, 25 Sep 2024 02:24:51 GMT
Content-Type
image/png
Last-Modified
Fri, 05 Jan 2018 22:35:04 GMT
Server
nginx
arrow_right.png
help.steampowered.com/public/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.steampowered.com/public/images/arrow_right.png
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.104.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/

Response headers

ETag
"5a4ffd80-448"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1096
Date
Wed, 25 Sep 2024 02:24:51 GMT
Content-Type
image/png
Last-Modified
Fri, 05 Jan 2018 22:34:40 GMT
Server
nginx
MotivaSans-Medium-045b433f.ttf
valve.poweredsupport.com/public/build/assets/ 		121 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/build/assets/MotivaSans-Medium-045b433f.ttf?v=4.015
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://valve.poweredsupport.com
Referer
https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"1e490-622e4bfadf300"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piOOyjzc4OKvhEg5pTJA%2BCtPwEWi1gC2ZJbfjL%2FwZ1Su4Gng5C%2BgoS6IaoJA73bqvED%2BCgIwYfJXJUBEoy%2FXH34ACcxPaIy9Vhp4ngmM2OUG3bBqwHO%2FoFN6%2FF80%2FcNrVku8QwwtnGq3DovREE0Rt7QeNLKk0hM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6ece702bb6-FRA
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
font/ttf
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
MotivaSans-Regular-19b8db16.ttf
valve.poweredsupport.com/public/build/assets/ 		120 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/build/assets/MotivaSans-Regular-19b8db16.ttf?v=4.015
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://valve.poweredsupport.com
Referer
https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"1df3c-622e4bfadf300"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOm4DaphNoa05PZvIevHAR1zm%2Bfc66ICUREG3EF9jkOfP0SNXRgrtrjflSRiQhtymK9fZGPJHVwDg%2BNT%2Fj3nT%2BAOb%2BCo1AHuSEz15gHcDcBMSyAaojj8HNCYrGeE5Wwofh2KsX%2Bovocp30okp1qZ9gJRiYGtA5k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6ece712bb6-FRA
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
font/ttf
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
MotivaSans-Light-6b7a3177.ttf
valve.poweredsupport.com/public/build/assets/ 		120 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/build/assets/MotivaSans-Light-6b7a3177.ttf?v=4.015
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://valve.poweredsupport.com
Referer
https://valve.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"1df24-622e4bfadf300"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yXS4mM6cJYXBml0ztUK7UNmMduOEUzT%2BnMN54syEObDbComP%2FO5cHfzwbGKYN0jw%2BcpX0lz%2BiQS9ofIBzXZGiW%2Br4Rch2rQGzEBgS84E%2BCcOVBP9%2FYmxg1qd799Ttx3vDAKaY3JmeRmRu9loKSwvSmS0rn0ueo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6ece732bb6-FRA
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
font/ttf
last-modified
Tue, 24 Sep 2024 22:08:44 GMT
vary
Accept-Encoding
server
cloudflare
dmgkyplmpoubeferdumlayuvkweaoohsvbxpiitcrjhcqn
tyson-beast.pics/ 		48 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tyson-beast.pics/dmgkyplmpoubeferdumlayuvkweaoohsvbxpiitcrjhcqn
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/assets/js/3d0da5is9kfs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.116.20.70 Almaty, Kazakhstan, ASN200590 (ASNLS, KZ),
Reverse DNS
Software
/ Express
Resource Hash
2fd2c27961899e1b8d70ddf63d6fd03e42b91a2f199f7122db016b7f8566f484

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://valve.poweredsupport.com/

Response headers

ETag
W/"30-xt0cQxrW15yhaTKnSpWIv2Wczzc"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
48
Keep-Alive
timeout=5
Date
Wed, 25 Sep 2024 02:24:51 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
event
pulsy.top/api/ 		2 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pulsy.top/api/event
Requested by
Host: pulsy.top
URL: https://pulsy.top/js/script.tagged-events.pageview-props.outbound-links.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://valve.poweredsupport.com/

Response headers

x-request-id
F_hbhrKCUgP90ZYAAYyR
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzR%2F0TiWuZGr7xNjgROz96w8tqj4Plbv0zwbv4rZvoDVRmyK%2FyPKlrCh0B0hB%2By5HfuFqDWJOGBwmWepbJvMRFl%2B8ZObNpu%2Brn0sCbB9HIF9CmHt4SGcEHuS5O8AXuInlMsgz2mGuH8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6ee82a2bae-FRA
access-control-allow-origin
*
content-length
2
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
text/plain; charset=utf-8
server
cloudflare
76561198336658244
valve.poweredsupport.com/steam/getUser/ 		579 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/steam/getUser/76561198336658244
Requested by
Host: valve.poweredsupport.com
URL: https://valve.poweredsupport.com/public/build/assets/app-e7eb089f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.8
Resource Hash
84942d01c3d12bd3aa58395692b891943436aeca58e93bcb3ed79cca31032076

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/v/76561198336658244

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3poqR1AhGJe38ZAVbvqbWn6z2n9Vf9Zfx99Uds8hImzXnZ65Zd4KzcdwL%2BagQy8Wu4g7pCUYo8niBasDJOm%2FoXo657edjKSts2iDoyWX93tpvH3gmPVcewvxk6xuRWcA8omBlPNYAtYFjQwSxZN2P1UIGwPi8k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
cf-ray
8c878f6ffefe2bb6-FRA
access-control-allow-origin
valve.poweredsupport.com
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
application/json
x-powered-by
PHP/8.3.8
vary
Origin
server
cloudflare
access-control-allow-headers
*
favicon.ico
valve.poweredsupport.com/public/ 		38 KB
28 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://valve.poweredsupport.com/public/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://valve.poweredsupport.com/v/76561198336658244

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6690cb50-969a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJDR2ljv08%2BHgjyiRwEBgO2ZO4x4xOOGw7%2B3jAACmP1RC74g4hXKDVvyzYZIWsGSh2Zi3jugsdUSh5tkvtEhkfIN6VHlSETULErBOi10gTjanF8T%2BFKIfmvV9BvHn28YEmJAvqvmnI0mlbxsb8MeKDKm%2BxcYUC0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c878f6fff002bb6-FRA
date
Wed, 25 Sep 2024 02:24:51 GMT
content-type
image/x-icon
last-modified
Fri, 12 Jul 2024 06:21:04 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| m0_0x4ed2 function| m0_0x3147 function| _ function| toggleA object| steam function| plausible

1 Cookies

Domain/Path Name / Value
valve.poweredsupport.com/ Name: account_id
Value: 76561198336658244

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.akamai.steamstatic.com
help.steampowered.com
pulsy.top
tyson-beast.pics
valve.poweredsupport.com
188.116.20.70
2606:4700:3030::6815:1d5c
2a02:26f0:e300::5f64:9243
2a06:98c1:3120::3
92.122.104.90
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
1485cae2f5e85e133fe26948e101aeb7a968571aa16c8ed3895f60fc9115d7ff
18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
1d49a44db1368b8f08c84b230cce07a94a7126692ab02b862b35dad85f0de052
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276462b558dc3093039b31edd198acd455d59fa1dcdbb2c46e22ea844292b924
2fd2c27961899e1b8d70ddf63d6fd03e42b91a2f199f7122db016b7f8566f484
46e3b5a6b72989568f517ed8d9b2bb61dbd72e5edb9b89b2705d4a51b2e9d030
50175bf8d38e3ddb18d810d037cd0c51b297eb6b9a18683f0faa60d726b8a326
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
6fc573887858cc7500fb5c79752cf88518348a6245f1feccdec2ba4f9858f761
84942d01c3d12bd3aa58395692b891943436aeca58e93bcb3ed79cca31032076
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7
b258176e6b291343c18679962ab8658108451a22f12a5aecab106501d8bc091e
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
c5e52a948590226a9a789364ffa8171c33ba7f1749481b1a4a8b06162dd4c792
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc