www.steampowered-help.info
Open in
urlscan Pro
185.100.235.16
Malicious Activity!
Public Scan
URL:
https://www.steampowered-help.info/
Submission: On September 02 via automatic, source certstream-suspicious — Scanned from NL
Submission: On September 02 via automatic, source certstream-suspicious — Scanned from NL
Summary
This website contacted 4 IPs
in 4 countries
across 4 domains to perform 19 HTTP transactions.
The main IP is 185.100.235.16, located in
Netherlands and
belongs to WORLDSTREAM, NL.
The main domain is www.steampowered-help.info.
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.
This is the only time www.steampowered-help.info was scanned on urlscan.io!
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.
This is the only time www.steampowered-help.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 15 | 185.100.235.16 185.100.235.16 | 49981 (WORLDSTREAM) (WORLDSTREAM) | |
| 1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 23.192.247.89 23.192.247.89 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 212.113.101.228 212.113.101.228 | 210644 (AEZA-AS) (AEZA-AS) | |
| 19 | 4 |
15
185.100.235.16
(Netherlands)
ASN49981 (WORLDSTREAM, NL)
PTR: isp3.eu.fastfox.pro
ASN49981 (WORLDSTREAM, NL)
PTR: isp3.eu.fastfox.pro
| www.steampowered-help.info |
2
23.192.247.89
(Düsseldorf, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-192-247-89.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-192-247-89.deploy.static.akamaitechnologies.com
| help.steampowered.com |
1
212.113.101.228
(Russian Federation)
ASN210644 (AEZA-AS, GB)
PTR: lovely-idea.aeza.network
ASN210644 (AEZA-AS, GB)
PTR: lovely-idea.aeza.network
| tysons-team.pics |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
steampowered-help.info
www.steampowered-help.info |
180 KB |
| 2 |
steampowered.com
help.steampowered.com — Cisco Umbrella Rank: 17867 |
51 KB |
| 1 |
tysons-team.pics
tysons-team.pics |
393 B |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
955 B |
| 19 | 4 |
| Domain | Requested by | |
|---|---|---|
| 15 | www.steampowered-help.info |
www.steampowered-help.info
|
| 2 | help.steampowered.com |
www.steampowered-help.info
|
| 1 | tysons-team.pics |
www.steampowered-help.info
|
| 1 | cdnjs.cloudflare.com |
www.steampowered-help.info
|
| 19 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| steampowered-help.info R11 |
2024-09-02 - 2024-12-01 |
3 months | crt.sh |
| cdnjs.cloudflare.com WE1 |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
| store.steampowered.com DigiCert SHA2 Extended Validation Server CA |
2023-12-05 - 2024-12-05 |
a year | crt.sh |
| tysons-team.pics R10 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.steampowered-help.info/
Frame ID: 5B3D0CB2CB27E4A1372ACB4980DE06AD
Requests: 19 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.steampowered-help.info/ |
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
globals.css
www.steampowered-help.info/ |
468 B 626 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styleguide.css
www.steampowered-help.info/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.steampowered-help.info/ |
33 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
www.steampowered-help.info/static/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
btn_arrow_down_padded.png
www.steampowered-help.info/static/images/ |
161 B 319 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow_right.png
www.steampowered-help.info/static/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3d0da5is9kfs.js
www.steampowered-help.info/ |
505 KB 161 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ |
773 B 955 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blue_body_top.jpg
help.steampowered.com/public/images/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btn_header_installsteam_download.png
help.steampowered.com/public/shared/images/header/ |
291 B 595 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
764ad8ff458f7020d63a3f7f0abf6ad8882c05df.jpg
www.steampowered-help.info/static/images/ |
737 B 896 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8dbc71957312bbd3baea65848b545be9eae2a355.jpg
www.steampowered-help.info/static/images/ |
702 B 862 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
609f27278aa70697c13bf99f32c5a0248c381f9d.jpg
www.steampowered-help.info/static/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0bbb630d63262dd66d2fdd0f7d37e8661a410075.jpg
www.steampowered-help.info/static/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
svg-10@2x.png
www.steampowered-help.info/static/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.35963.otf
www.steampowered-help.info/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
dfbdwvepgomewvzpkemnmmgupjuaoowjvgelinxriylopn
tysons-team.pics/ |
48 B 393 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.steampowered-help.info/ |
196 B 267 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| m0_0x418f function| m0_0x5a8c function| _ function| toggleA0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
help.steampowered.com
tysons-team.pics
www.steampowered-help.info
104.17.24.14
185.100.235.16
212.113.101.228
23.192.247.89
02453f5ce31c0cb6b2c44a238699a1f2196fc4bf9a5eea671dd2b114fe8c6acb
0fa60b91b8b3e4a139a9a343e16490b776cdc2e0e8963b918f54d48d3c99a620
18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
3155179225a4b4ea66c392fec611c74789d8373e796a2c979674315c16f13fe0
3520b13dd1a7954829eb15cd6abafce4f908ea5c624b9de40c25ccaeff74f87b
3925f0b871517307e76e7333ffd3aaa40d98e195aa7a389578eb1765cae21276
3fb721d4f89ad130676cd39b48d40c66d2cf051d114606556d5334d74c3621e3
7a65d786722a0608302b501d4016f1b566011a411f0f8f093c6ad0d3d40cd70b
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
860e2cc264b3c359b8b4728542c6bbf9c65edd186deca349f482d5f276f37bfe
8963c16204c73fad0d7c51468585db82c9c1803cc9732f05607e5cad43d2b116
8b7b4200ae13d316d71b36774ab93f97f317bb06fe471ce80ce408fc7c60b233
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
9498210d8f9b4268d4396c6e0756a0f414895ae89c8ed5ea972e13b172e4dcd3
aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7
f0e23b85af71fe17c28a17f31890faca786424ac0a586c5473a14d2bc53a69c6