www.steamguard008505508880488740421.workjapan.com.br Open in urlscan Pro
162.241.2.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.steamguard008505508880488740421.workjapan.com.br/
Submission Tags: @phishunt_io
Submission: On October 28 via api (October 28th 2021, 12:37:48 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 162.241.2.131, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.steamguard008505508880488740421.workjapan.com.br.
TLS certificate: Issued by R3 on October 28th 2021. Valid for: 3 months.

This is the only time www.steamguard008505508880488740421.workjapan.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
2	162.241.2.131 162.241.2.131	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
17	2606:4700::68... 2606:4700::6812:19d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	3

2 162.241.2.131 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-2-131.unifiedlayer.com

www.steamguard008505508880488740421.workjapan.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:19d9 (United States)

ASN13335 (CLOUDFLARENET, US)

community.cloudflare.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	steamstatic.com community.cloudflare.steamstatic.com	396 KB
2	workjapan.com.br www.steamguard008505508880488740421.workjapan.com.br	12 KB
19	2

	Domain	Requested by
17	community.cloudflare.steamstatic.com	www.steamguard008505508880488740421.workjapan.com.br community.cloudflare.steamstatic.com
2	www.steamguard008505508880488740421.workjapan.com.br	www.steamguard008505508880488740421.workjapan.com.br
19	2

This site contains links to these domains. Also see Links.

Domain
steamcommunity.com
store.steampowered.com
help.steampowered.com
www.valvesoftware.com
translation.steampowered.com
support.steampowered.com

Subject Issuer	Validity	Valid
*.workjapan.com.br R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.steamguard008505508880488740421.workjapan.com.br/
Frame ID: A13D12AEE1F65145BC1D953C9086E4D2
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iniciar sessão

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

408 kB
Transfer

611 kB
Size

1
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://steamcommunity.com/login/home/?goto=login%2Fhome%2F%3Fgoto%3D
Title: Iniciar sessão

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/
Title: Loja

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/explore/
Title: Lista de descobrimento

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/wishlist/
Title: Lista de desejos

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/points/shop/
Title: Loja de pontos

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/news/
Title: Notícias

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/stats/
Title: Estatísticas

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/
Title: Comunidade

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/discussions/
Title: Discussões

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/workshop/
Title: Oficina

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/market/
Title: Mercado

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/?subsection=broadcasts
Title: Transmissões

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/pt-br/
Title: Suporte

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/privacy_agreement/
Title: #footer_privacy_policy

Search URL Search Domain Scan URL

URL: http://www.valvesoftware.com/legal.htm
Title: #footer_legal

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/subscriber_agreement/
Title: #footer_ssa

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/steam_refunds/
Title: #footer_refunds

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/about/
Title: SOBRE

Search URL Search Domain Scan URL

URL: http://translation.steampowered.com/
Title: Ajude-nos a traduzir o Steam

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/pt-br/wizard/HelpWithLogin?redir=community%2Flogin%2Fhome%2F%3Fgoto%3D
Title: Esqueceu a sua senha?

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/about
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/join
Title: Cadastrar-se

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/pt-br/faqs/view/06B0-26E6-2CF8-254C
Title: Contate o Suporte Steam para ajuda com acesso à conta

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/
Title: Saiba mais sobre Tecnologia de Proteção de Identidade da Intel®

Search URL Search Domain Scan URL

URL: https://support.steampowered.com/
Title: Ajude-me Acho que preciso de ajuda do Suporte Steam...

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/linkfilter/?url=http://www.geonames.org
Title: geonames.org

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/privacy_agreement/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/legal/
Title: Termos Legais

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/subscriber_agreement/
Title: Acordo de Assinatura do Steam

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/account/cookiepreferences/
Title: Cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.steamguard008505508880488740421.workjapan.com.br/	57 KB 12 KB	876ms 418ms	Document text/html	162.241.2.131 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.131 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-131.unifiedlayer.com Software Apache / Resource Hash `056c5d8a19a3b02af6f90c3b79b5b99b29de2792a7bd470b91c0a8f87e0adcd2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding content-encoding gzip accept-ranges none content-length 12298 content-type text/html; charset=UTF-8 date Thu, 28 Oct 2021 12:37:44 GMT server Apache
GET H2	404	main.js www.steamguard008505508880488740421.workjapan.com.br/script/	0 0	137ms 135ms	Script text/html	162.241.2.131 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.steamguard008505508880488740421.workjapan.com.br/script/main.js Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.131 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-131.unifiedlayer.com Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip last-modified Mon, 22 Jul 2019 21:08:36 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 836
GET H2	200	motiva_sans.css community.cloudflare.steamstatic.com/public/shared/css/	3 KB 718 B	57ms 29ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e753a6b743187c7d592e6e2d3580336751e6211cd228ad7410e02db29ec91ad8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 717356 x-cache MISS content-length 638 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "GfSjbGKcNYaQ" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799df97d6d9-FRA expires Mon, 18 Apr 2022 05:21:48 GMT
GET H2	200	buttons.css community.cloudflare.steamstatic.com/public/shared/css/	33 KB 4 KB	43ms 16ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=uR_4hRD_HUln&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0be99fd30134de50d457729cebd0e08342777af747caf503108178cb4c375085` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 747692 x-cache MISS content-length 3537 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "uR_4hRD_HUln" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799df98d6d9-FRA expires Sun, 17 Apr 2022 20:56:12 GMT
GET H2	200	shared_global.css community.cloudflare.steamstatic.com/public/shared/css/	75 KB 18 KB	48ms 22ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=VDNgIEzZdaY6&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `caba39c26e910f2862ce37e285bcf47d76943d94fd059814b0bdc065cee24e40` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 1343361 x-cache HIT content-length 18738 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "VDNgIEzZdaY6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799df9ad6d9-FRA expires Sun, 10 Apr 2022 23:28:23 GMT
GET H2	200	globalv2.css community.cloudflare.steamstatic.com/public/css/	38 KB 12 KB	53ms 26ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=a1eMmW3-W8tv&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `336e045ca4770a0ccf24ac7afcef1e6aa03505a282ab5e204cb0a535540eb64a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 29366 x-cache MISS content-length 12367 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "a1eMmW3-W8tv" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799df9ed6d9-FRA expires Tue, 26 Apr 2022 04:28:17 GMT
GET H2	200	login.css community.cloudflare.steamstatic.com/public/shared/css/	16 KB 4 KB	55ms 29ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/css/login.css?v=Oy3fP-G14Qho&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e386e24348866f8a35f30daab9bdb83e8d81fded2eeac759c95238c7d722a120` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 29367 x-cache MISS content-length 3853 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "Oy3fP-G14Qho" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799dfa2d6d9-FRA expires Tue, 26 Apr 2022 04:28:17 GMT
GET H2	200	home.css community.cloudflare.steamstatic.com/public/css/skin_1/	15 KB 3 KB	47ms 21ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/css/skin_1/home.css?v=-6qQi3rZclGf&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `84fe36fa18724445ef05858506ade2e9bdafd2cee2d55555dc94ac94ae58fc6b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 704246 x-cache MISS content-length 3016 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "-6qQi3rZclGf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799dfa5d6d9-FRA expires Mon, 18 Apr 2022 09:00:18 GMT
GET H2	200	shared_responsive.css community.cloudflare.steamstatic.com/public/shared/css/	17 KB 6 KB	42ms 16ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=5zssNr7EOrgR&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d19bbf788031b4d2c84993c5cdb17fb838b7e71f5e24e6731099c6208990827b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 3156100 x-cache MISS content-length 5567 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "5zssNr7EOrgR" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799dfa4d6d9-FRA expires Sun, 20 Mar 2022 23:56:04 GMT
GET H2	200	header.css community.cloudflare.steamstatic.com/public/css/skin_1/	13 KB 4 KB	47ms 21ms	Stylesheet text/css	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=kSY7-qhkPHds&l=brazilian&_cdn=cloudflare Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8dcf5a1387b0cd5f740d0f369bfd7f2df53f4d55a3700d00e2c99561dc3c4fd7` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT age 717356 x-cache MISS content-length 3767 last-modified Sun, 09 Sep 2001 01:46:40 GMT server cloudflare etag "kSY7-qhkPHds" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public,max-age=15552000 accept-ranges bytes cf-ray 6a543799df9fd6d9-FRA expires Mon, 18 Apr 2022 05:21:48 GMT
GET H2	200	header_menu_hamburger.png community.cloudflare.steamstatic.com/public/shared/images/responsive/	4 KB 4 KB	18ms 18ms	Image image/png	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT cf-cache-status HIT last-modified Fri, 05 Jan 2018 01:35:16 GMT server cloudflare age 4766 etag "5a4ed654-ec1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/png accept-ranges bytes cf-ray 6a54379a0fdfd6d9-FRA content-length 3777
GET H2	200	header_logo.png community.cloudflare.steamstatic.com/public/shared/images/responsive/	11 KB 11 KB	17ms 16ms	Image image/png	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT cf-cache-status HIT last-modified Fri, 05 Jan 2018 01:35:16 GMT server cloudflare age 2244 etag "5a4ed654-2a6f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/png accept-ranges bytes cf-ray 6a54379a2817d6d9-FRA content-length 10863
GET H2	200	logo_steam.svg community.cloudflare.steamstatic.com/public/shared/images/header/	4 KB 2 KB	19ms 18ms	Image image/svg+xml	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Nov 2020 23:34:54 GMT server cloudflare age 4768 etag W/"5fb45e1e-e64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/svg+xml access-control-allow-origin * cf-ray 6a54379a483dd6d9-FRA
GET H2	200	join_pc.png community.cloudflare.steamstatic.com/public/shared/images/login/	33 KB 33 KB	22ms 22ms	Image image/png	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/shared/images/login/join_pc.png?v=1 Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT cf-cache-status HIT last-modified Tue, 20 Oct 2020 23:36:29 GMT server cloudflare age 5361 etag "5f8f747d-823a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/png accept-ranges bytes cf-ray 6a54379a586bd6d9-FRA content-length 33338
GET H2	200	footerLogo_valve.png community.cloudflare.steamstatic.com/public/images/skin_1/	4 KB 4 KB	15ms 14ms	Image image/png	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 Requested by Host: www.steamguard008505508880488740421.workjapan.com.br URL: https://www.steamguard008505508880488740421.workjapan.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.steamguard008505508880488740421.workjapan.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT cf-cache-status HIT last-modified Fri, 05 Jan 2018 01:34:51 GMT server cloudflare age 4810 etag "5a4ed63b-e99" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/png accept-ranges bytes cf-ray 6a54379a889bd6d9-FRA content-length 3737
GET H2	200	acct_creation_bg.jpg community.cloudflare.steamstatic.com/public/shared/images/joinsteam/	54 KB 55 KB	19ms 19ms	Image image/jpeg	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/shared/images/joinsteam/acct_creation_bg.jpg Requested by Host: community.cloudflare.steamstatic.com URL: https://community.cloudflare.steamstatic.com/public/shared/css/login.css?v=Oy3fP-G14Qho&l=brazilian&_cdn=cloudflare Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9d347144f3c2a396a44bfc7bbf231fa2185d3e536489811fc6dca3600dce3597` Request headers Accept-Language de-DE,de;q=0.9 Referer https://community.cloudflare.steamstatic.com/public/shared/css/login.css?v=Oy3fP-G14Qho&l=brazilian&_cdn=cloudflare User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT cf-cache-status HIT last-modified Tue, 22 Sep 2020 23:09:21 GMT server cloudflare age 5996 etag "5f6a8421-d9c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/jpeg accept-ranges bytes cf-ray 6a54379a98a4d6d9-FRA content-length 55753 cf-bgj h2pri
GET H2	200	btn_header_installsteam_download.png community.cloudflare.steamstatic.com/public/shared/images/header/	291 B 420 B	13ms 13ms	Image image/png	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1 Requested by Host: community.cloudflare.steamstatic.com URL: https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=VDNgIEzZdaY6&l=brazilian&_cdn=cloudflare Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082` Request headers Accept-Language de-DE,de;q=0.9 Referer https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=VDNgIEzZdaY6&l=brazilian&_cdn=cloudflare User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:44 GMT cf-cache-status HIT last-modified Wed, 21 Mar 2018 00:07:17 GMT server cloudflare age 3946 etag "5ab1a235-123" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type image/png accept-ranges bytes cf-ray 6a54379a98a5d6d9-FRA content-length 291
GET DATA	200 OK	truncated /	61 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	MotivaSans-Thin.ttf community.cloudflare.steamstatic.com/public/shared/fonts/	116 KB 116 KB	860ms 824ms	Font application/octet-stream	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 Requested by Host: community.cloudflare.steamstatic.com URL: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=brazilian&_cdn=cloudflare Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6` Request headers Referer https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=brazilian&_cdn=cloudflare Origin https://www.steamguard008505508880488740421.workjapan.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:45 GMT cf-cache-status MISS last-modified Tue, 28 Jul 2020 23:16:27 GMT server cloudflare etag "5f20b1cb-1cfd0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type application/octet-stream access-control-allow-origin * accept-ranges bytes cf-ray 6a54379adc3ef91b-MXP content-length 118736
GET H2	200	MotivaSans-Regular.ttf community.cloudflare.steamstatic.com/public/shared/fonts/	120 KB 120 KB	698ms 662ms	Font application/octet-stream	2606:4700::6812:19d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 Requested by Host: community.cloudflare.steamstatic.com URL: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=brazilian&_cdn=cloudflare Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14` Request headers Referer https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=brazilian&_cdn=cloudflare Origin https://www.steamguard008505508880488740421.workjapan.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 12:37:45 GMT cf-cache-status MISS last-modified Tue, 28 Jul 2020 23:16:28 GMT server cloudflare etag "5f20b1cc-1df3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type application/octet-stream access-control-allow-origin * accept-ranges bytes cf-ray 6a54379adc3ff91b-MXP content-length 122684

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.steamguard008505508880488740421.workjapan.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: 740bcf5a9aa4327997d10e1d1d53a735

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.steamguard008505508880488740421.workjapan.com.br/script/main.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

community.cloudflare.steamstatic.com
www.steamguard008505508880488740421.workjapan.com.br
162.241.2.131
2606:4700::6812:19d9
056c5d8a19a3b02af6f90c3b79b5b99b29de2792a7bd470b91c0a8f87e0adcd2
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
0be99fd30134de50d457729cebd0e08342777af747caf503108178cb4c375085
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
336e045ca4770a0ccf24ac7afcef1e6aa03505a282ab5e204cb0a535540eb64a
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
84fe36fa18724445ef05858506ade2e9bdafd2cee2d55555dc94ac94ae58fc6b
8dcf5a1387b0cd5f740d0f369bfd7f2df53f4d55a3700d00e2c99561dc3c4fd7
9d347144f3c2a396a44bfc7bbf231fa2185d3e536489811fc6dca3600dce3597
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
caba39c26e910f2862ce37e285bcf47d76943d94fd059814b0bdc065cee24e40
d19bbf788031b4d2c84993c5cdb17fb838b7e71f5e24e6731099c6208990827b
e386e24348866f8a35f30daab9bdb83e8d81fded2eeac759c95238c7d722a120
e753a6b743187c7d592e6e2d3580336751e6211cd228ad7410e02db29ec91ad8
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

www.steamguard008505508880488740421.workjapan.com.br Open in urlscan Pro 162.241.2.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

19 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

408 kBTransfer

611 kBSize

1 Cookies

30 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.steamguard008505508880488740421.workjapan.com.br Open in urlscan Pro
162.241.2.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

408 kB
Transfer

611 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!