www.validsteamkeys.com Open in urlscan Pro
194.145.208.13 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.validsteamkeys.com/?download_link=dTR3SjkzL3Uzc200RTFLZFpBNkRvY1ZCZTNkSjNaa2trd2cyRmtXNitJbWhTTHBvVjNtelBQcTZjY0F6V...
Effective URL:
https://www.validsteamkeys.com/cd-key/lockercode.html
Submission Tags: falconsandbox
Submission: On September 23 via api (September 23rd 2022, 9:39:07 pm UTC) from US — Scanned from NL

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 194.145.208.13, located in Amsterdam, Netherlands and belongs to KNOWNSRV, NL. The main domain is www.validsteamkeys.com.
TLS certificate: Issued by R3 on September 19th 2022. Valid for: 3 months.

This is the only time www.validsteamkeys.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 13	194.145.208.13 194.145.208.13	200514 (KNOWNSRV) (KNOWNSRV)
1	2600:9000:230... 2600:9000:2304:1c00:4:8d81:2c00:21	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:225e:3800:12:a4d0:1300:21	16509 (AMAZON-02) (AMAZON-02)
17	3

13 194.145.208.13 (Amsterdam, Netherlands) 1 redirects

ASN200514 (KNOWNSRV, NL)

www.validsteamkeys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:1c00:4:8d81:2c00:21 (United States)

ASN16509 (AMAZON-02, US)

dyodrs1kxvg6o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225e:3800:12:a4d0:1300:21 (United States)

ASN16509 (AMAZON-02, US)

d35kbxc0t24sp8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	validsteamkeys.com 1 redirects www.validsteamkeys.com	849 KB
5	cloudfront.net dyodrs1kxvg6o.cloudfront.net d35kbxc0t24sp8.cloudfront.net	32 KB
17	2

	Domain	Requested by
13	www.validsteamkeys.com	1 redirects www.validsteamkeys.com
4	d35kbxc0t24sp8.cloudfront.net	dyodrs1kxvg6o.cloudfront.net
1	dyodrs1kxvg6o.cloudfront.net	www.validsteamkeys.com
17	3

This site contains no links.

Subject Issuer	Validity	Valid
*.get-cracked.com R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.validsteamkeys.com/cd-key/lockercode.html
Frame ID: B7EF86AFED85E2386A0E8CB43E9914A0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CD Key

Page URL History Show full URLs

https://www.validsteamkeys.com/?download_link=dTR3SjkzL3Uzc200RTFLZFpBNkRvY1ZCZTNkSjNaa2trd2cyRmtXNitJbWhTT... HTTP 302
https://www.validsteamkeys.com/cd-key/loading.html Page URL
https://www.validsteamkeys.com/cd-key/lockercode.html Page URL

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

881 kB
Transfer

926 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.validsteamkeys.com/?download_link=dTR3SjkzL3Uzc200RTFLZFpBNkRvY1ZCZTNkSjNaa2trd2cyRmtXNitJbWhTTHBvVjNtelBQcTZjY0F6V2RWZ3luZ2gwSFlSdEZMcllDYTRLL3FGWGc9PQ%3D HTTP 302
https://www.validsteamkeys.com/cd-key/loading.html Page URL
https://www.validsteamkeys.com/cd-key/lockercode.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.validsteamkeys.com/?download_link=dTR3SjkzL3Uzc200RTFLZFpBNkRvY1ZCZTNkSjNaa2trd2cyRmtXNitJbWhTTHBvVjNtelBQcTZjY0F6V2RWZ3luZ2gwSFlSdEZMcllDYTRLL3FGWGc9PQ%3D HTTP 302
https://www.validsteamkeys.com/cd-key/loading.html

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	loading.html Show response www.validsteamkeys.com/cd-key/ Redirect Chain https://www.validsteamkeys.com/?download_link=dTR3SjkzL3Uzc200RTFLZFpBNkRvY1ZCZTNkSjNaa2trd2cyRmtXNitJbWhTTHBvVjNtelBQcTZjY0F6V2RWZ3luZ2gwSFlSdEZMcllDYTRLL3FGWGc9PQ%3D https://www.validsteamkeys.com/cd-key/loading.html	790 B 392 B	27ms 25ms	Document text/html	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/loading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `d96cf6cf8bdda5f47de50e9539d3fe775258879285e50d835fe29182e5556584` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 311 content-type text/html date Fri, 23 Sep 2022 21:39:02 GMT last-modified Tue, 17 Aug 2021 09:50:35 GMT server LiteSpeed vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Fri, 23 Sep 2022 21:39:02 GMT location https://www.validsteamkeys.com/cd-key/loading.html server LiteSpeed x-powered-by PHP/7.4.21 x-redirect-by WordPress
GET H2	200	code.css www.validsteamkeys.com/cd-key/loading-files/	8 KB 2 KB	27ms 25ms	Stylesheet text/css	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/loading-files/code.css Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/loading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `07603a35f24654c2ca2f6d63eaf42905d52dcbcb67d3af72f2c429a397fa48f5` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/loading.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:02 GMT content-encoding br last-modified Thu, 09 Sep 2021 22:02:33 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 1622 expires Fri, 30 Sep 2022 21:39:02 GMT
GET H2	200	responsive.css www.validsteamkeys.com/cd-key/responsive/css/	10 KB 2 KB	27ms 26ms	Stylesheet text/css	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/responsive/css/responsive.css Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/loading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `8828139e9ec24dcb2c3a51388850c510df51acfd05e1a3d5c2cffdeb60a5abd3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/loading.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:02 GMT content-encoding br last-modified Wed, 23 Aug 2017 00:34:34 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 2378 expires Fri, 30 Sep 2022 21:39:02 GMT
GET H2	200	ajax-loader.gif www.validsteamkeys.com/cd-key/loading-files/	3 KB 3 KB	25ms 25ms	Image image/gif	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Show image Full URL https://www.validsteamkeys.com/cd-key/loading-files/ajax-loader.gif Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/loading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `914244cefc6978d91d7d848bdccafabdc40acb79383766fd5ee8894cd3066290` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/loading.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:02 GMT last-modified Wed, 01 Jun 2016 23:19:04 GMT server LiteSpeed content-type image/gif cache-control public, max-age=604800 accept-ranges bytes content-length 2892 expires Fri, 30 Sep 2022 21:39:02 GMT
GET H2	200	background.jpg www.validsteamkeys.com/cd-key/generator-files/	338 KB 339 KB	25ms 24ms	Image image/jpeg	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Show image Full URL https://www.validsteamkeys.com/cd-key/generator-files/background.jpg Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/loading-files/code.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `9c254b9fbf4bd5e697d60631ae99b9a5399f0bc459bfeeec889b292b010aaa4a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/loading-files/code.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:02 GMT last-modified Mon, 16 Aug 2021 22:36:38 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 346494 expires Fri, 30 Sep 2022 21:39:02 GMT
GET H2	200	Primary Request lockercode.html Show response www.validsteamkeys.com/cd-key/	3 KB 1 KB	26ms 25ms	Document text/html	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/lockercode.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `16bc402e0cb0ba26fb0f6606c170d12c1523f8192927c326feb41c35528b6b11` Request headers Referer https://www.validsteamkeys.com/cd-key/loading.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 1075 content-type text/html date Fri, 23 Sep 2022 21:39:04 GMT last-modified Wed, 14 Sep 2022 14:37:39 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	code.css www.validsteamkeys.com/cd-key/lockercode_files/	8 KB 2 KB	26ms 25ms	Stylesheet text/css	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/lockercode_files/code.css Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `970c8a79506404a7a1ebad297ed4ff7401216d184cdb5b699b0bdceb831a0fb4` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/lockercode.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:04 GMT content-encoding br last-modified Thu, 09 Sep 2021 22:00:42 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 1666 expires Fri, 30 Sep 2022 21:39:04 GMT
GET H2	200	responsive.css www.validsteamkeys.com/cd-key/responsive/css/	10 KB 2 KB	26ms 26ms	Stylesheet text/css	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/responsive/css/responsive.css Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `8828139e9ec24dcb2c3a51388850c510df51acfd05e1a3d5c2cffdeb60a5abd3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/lockercode.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:04 GMT content-encoding br last-modified Wed, 23 Aug 2017 00:34:34 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 2378 expires Fri, 30 Sep 2022 21:39:04 GMT
GET H2	200	972a57a.js Show response dyodrs1kxvg6o.cloudfront.net/	23 KB 7 KB	501ms 387ms	Script application/javascript	2600:9000:2304:1c00:4:8d81:2c00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dyodrs1kxvg6o.cloudfront.net/972a57a.js Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:1c00:4:8d81:2c00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `0751374ed51a1a4dc0dbfa14df6939125a9581cf7ef1e2bbc0c769be7df73ce7` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:26:54 GMT content-encoding br last-modified Sun, 11 Sep 2022 15:37:35 GMT server AmazonS3 age 738 etag W/"b0e3313a9ea34dcc3bd36696e9ef572c" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript via 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-P1 x-amz-cf-id n6dj3HQvFfPuterv794scxz4tT26GavbsMDZcS1RQ07EzXj0yZWG2Q==
GET H2	200	html.1806399.096f5.0.js Show response d35kbxc0t24sp8.cloudfront.net/public/external/v2/	17 KB 17 KB	277ms 193ms	Script application/javascript	2600:9000:225e:3800:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/external/v2/html.1806399.096f5.0.js Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/972a57a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:3800:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash `835c399605fb9a41f21788a0cd51f47104c348102ba61003f1809d429290e116` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:05 GMT via 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id 9TaSR5fE5KQq3QuJcKET5LFRgaGem7NjmfalXHl3-2mJuxrpqN0zyg==
GET H2	200	css_front.css d35kbxc0t24sp8.cloudfront.net/public/external/	6 KB 7 KB	267ms 183ms	Stylesheet text/css	2600:9000:225e:3800:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/external/css_front.css Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/972a57a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:3800:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash `a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:05 GMT via 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id lQP6Cz20n3_8RFyx50GC7MyXEZSHL2LHiCIim3uvXUEFWo46g9_o8g==
GET H2	200	background.jpg www.validsteamkeys.com/cd-key/generator-files/	338 KB 339 KB	51ms 51ms	Image image/jpeg	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Show image Full URL https://www.validsteamkeys.com/cd-key/generator-files/background.jpg Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode_files/code.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `9c254b9fbf4bd5e697d60631ae99b9a5399f0bc459bfeeec889b292b010aaa4a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/lockercode_files/code.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:04 GMT last-modified Mon, 16 Aug 2021 22:36:38 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 346494 expires Fri, 30 Sep 2022 21:39:04 GMT
GET H2	200	gen.png www.validsteamkeys.com/cd-key/lockercode_files/	22 KB 23 KB	52ms 51ms	Image image/png	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Show image Full URL https://www.validsteamkeys.com/cd-key/lockercode_files/gen.png Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode_files/code.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `59fd87d2d37355263b7991b96fc4600afa91f23b28bf9b19cfcc28bf766933c4` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/lockercode_files/code.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:04 GMT last-modified Tue, 17 Aug 2021 09:50:10 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 22974 expires Fri, 30 Sep 2022 21:39:05 GMT
GET H2	404	footer-icons.html www.validsteamkeys.com/cd-key/lockercode_files/	109 KB 109 KB	393ms 393ms	Image text/html	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Show image Full URL https://www.validsteamkeys.com/cd-key/lockercode_files/footer-icons.html Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode_files/code.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / PHP/7.4.21 Resource Hash `cb59749bc3723fa6333beb253e44227d2b25deb115c1d609872dbeef86d32899` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/cd-key/lockercode_files/code.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:05 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.4.21 vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	firasansot-regular-webfont.woff www.validsteamkeys.com/cd-key/fonts/	27 KB 27 KB	75ms 75ms	Font font/woff	194.145.208.13 KNOWNSRV
General Check archive.org Show headers Download Go to Full URL https://www.validsteamkeys.com/cd-key/fonts/firasansot-regular-webfont.woff Requested by Host: www.validsteamkeys.com URL: https://www.validsteamkeys.com/cd-key/lockercode_files/code.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.145.208.13 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL), Reverse DNS Software LiteSpeed / Resource Hash `cfc9e8abe35471a8fc2fa2cba5937fb79ca48e20c26b074cfd0819705bc5c076` Request headers Referer https://www.validsteamkeys.com/cd-key/lockercode_files/code.css Origin https://www.validsteamkeys.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:05 GMT last-modified Wed, 01 Jun 2016 23:19:04 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 28068 expires Fri, 30 Sep 2022 21:39:05 GMT
GET H2	200	css.css d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	184ms 184ms	Stylesheet text/css	2600:9000:225e:3800:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/972a57a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:3800:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash `a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:05 GMT via 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id F6mDzkZSusC2d9bJXyozWlRXulyf5Szzijiv9yjg8mUwg3cq7qZwsQ==
GET H2	200	guid Show response d35kbxc0t24sp8.cloudfront.net/public/	0 278 B	332ms 331ms	Script text/html	2600:9000:225e:3800:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/guid?cpguid=a48jd10nj&e=ll&t=1663969146387 Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/972a57a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:3800:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.validsteamkeys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:39:06 GMT via 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id PXavZ07nmJFe7AGbX68CwVVUAIMIy4BI8D5R8LocmxnHqNz3gC6log==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.validsteamkeys.com/	1970-01-20 06:27:13	Name: _cpguid Value: a48jd10nj

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.validsteamkeys.com/cd-key/lockercode_files/footer-icons.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d35kbxc0t24sp8.cloudfront.net
dyodrs1kxvg6o.cloudfront.net
www.validsteamkeys.com
194.145.208.13
2600:9000:225e:3800:12:a4d0:1300:21
2600:9000:2304:1c00:4:8d81:2c00:21
0751374ed51a1a4dc0dbfa14df6939125a9581cf7ef1e2bbc0c769be7df73ce7
07603a35f24654c2ca2f6d63eaf42905d52dcbcb67d3af72f2c429a397fa48f5
16bc402e0cb0ba26fb0f6606c170d12c1523f8192927c326feb41c35528b6b11
59fd87d2d37355263b7991b96fc4600afa91f23b28bf9b19cfcc28bf766933c4
835c399605fb9a41f21788a0cd51f47104c348102ba61003f1809d429290e116
8828139e9ec24dcb2c3a51388850c510df51acfd05e1a3d5c2cffdeb60a5abd3
914244cefc6978d91d7d848bdccafabdc40acb79383766fd5ee8894cd3066290
970c8a79506404a7a1ebad297ed4ff7401216d184cdb5b699b0bdceb831a0fb4
9c254b9fbf4bd5e697d60631ae99b9a5399f0bc459bfeeec889b292b010aaa4a
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
cb59749bc3723fa6333beb253e44227d2b25deb115c1d609872dbeef86d32899
cfc9e8abe35471a8fc2fa2cba5937fb79ca48e20c26b074cfd0819705bc5c076
d96cf6cf8bdda5f47de50e9539d3fe775258879285e50d835fe29182e5556584
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.validsteamkeys.com Open in urlscan Pro 194.145.208.13 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

881 kBTransfer

926 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.validsteamkeys.com Open in urlscan Pro
194.145.208.13 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

881 kB
Transfer

926 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!