guigjkjhklk.vip
Open in
urlscan Pro
172.67.155.23
Malicious Activity!
Public Scan
Submission: On December 03 via manual from BG — Scanned from DE
Summary
TLS certificate: Issued by WE1 on November 20th 2024. Valid for: 3 months.
This is the only time guigjkjhklk.vip was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 172.67.155.23 172.67.155.23 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
guigjkjhklk.vip
guigjkjhklk.vip |
1 MB |
18 | 1 |
Domain | Requested by | |
---|---|---|
18 | guigjkjhklk.vip |
guigjkjhklk.vip
|
18 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
steamcommunity.com |
store.steampowered.com |
help.steampowered.com |
www.valvesoftware.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
guigjkjhklk.vip WE1 |
2024-11-20 - 2025-02-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://guigjkjhklk.vip/dcaec245b/MTczMzA5NTAxNQ==
Frame ID: FD160B2C41FAE1C851D4D7B8F56AF460
Requests: 21 HTTP requests in this frame
55 Outgoing links
These are links going to different origins than the main page.
Title: Anmelden
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: Entdeckungsliste
Search URL Search Domain Scan URL
Title: Wunschliste
Search URL Search Domain Scan URL
Title: Punkteshop
Search URL Search Domain Scan URL
Title: Neuigkeiten
Search URL Search Domain Scan URL
Title: Statistiken
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Diskussionen
Search URL Search Domain Scan URL
Title: Workshop
Search URL Search Domain Scan URL
Title: Markt
Search URL Search Domain Scan URL
Title: Übertragungen
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: #footer_privacy_policy
Search URL Search Domain Scan URL
Title: #footer_legal
Search URL Search Domain Scan URL
Title: #footer_ssa
Search URL Search Domain Scan URL
Title: #footer_refunds
Search URL Search Domain Scan URL
Title: INFO
Search URL Search Domain Scan URL
Title: 简体中文 (Vereinfachtes Chinesisch)
Search URL Search Domain Scan URL
Title: 繁體中文 (Traditionelles Chinesisch)
Search URL Search Domain Scan URL
Title: 日本語 (Japanisch)
Search URL Search Domain Scan URL
Title: 한국어 (Koreanisch)
Search URL Search Domain Scan URL
Title: ไทย (Thai)
Search URL Search Domain Scan URL
Title: български (Bulgarisch)
Search URL Search Domain Scan URL
Title: Čeština (Tschechisch)
Search URL Search Domain Scan URL
Title: Dansk (Dänisch)
Search URL Search Domain Scan URL
Title: English (Englisch)
Search URL Search Domain Scan URL
Title: Español - España (Spanisch - Spanien)
Search URL Search Domain Scan URL
Title: Español – Latinoamérica (Lateinamerikanisches Spanisch)
Search URL Search Domain Scan URL
Title: Ελληνικά (Griechisch)
Search URL Search Domain Scan URL
Title: Français (Französisch)
Search URL Search Domain Scan URL
Title: Italiano (Italienisch)
Search URL Search Domain Scan URL
Title: Magyar (Ungarisch)
Search URL Search Domain Scan URL
Title: Nederlands (Niederländisch)
Search URL Search Domain Scan URL
Title: Norsk (Norwegisch)
Search URL Search Domain Scan URL
Title: Polski (Polnisch)
Search URL Search Domain Scan URL
Title: Português (Portugiesisch – Portugal)
Search URL Search Domain Scan URL
Title: Português - Brasil (Brasil. Portugiesisch)
Search URL Search Domain Scan URL
Title: Română (Rumänisch)
Search URL Search Domain Scan URL
Title: Русский (Russisch)
Search URL Search Domain Scan URL
Title: Suomi (Finnisch)
Search URL Search Domain Scan URL
Title: Svenska (Schwedisch)
Search URL Search Domain Scan URL
Title: Türkçe (Türkisch)
Search URL Search Domain Scan URL
Title: Tiếng Việt (Vietnamesisch)
Search URL Search Domain Scan URL
Title: Українська (Ukrainisch)
Search URL Search Domain Scan URL
Title: Ein Übersetzungsproblem melden
Search URL Search Domain Scan URL
Title: Hilfe! Ich kann mich nicht anmelden
Search URL Search Domain Scan URL
Title: Steam-Mobile-App
Search URL Search Domain Scan URL
Title: Mehr erfahren
Search URL Search Domain Scan URL
Title: Steam-Account einrichten
Search URL Search Domain Scan URL
Title: geonames.org
Search URL Search Domain Scan URL
Title: Datenschutzrichtlinien
Search URL Search Domain Scan URL
Title: Rechtliches
Search URL Search Domain Scan URL
Title: Steam-Nutzungsvertrag
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
MTczMzA5NTAxNQ==
guigjkjhklk.vip/dcaec245b/ |
124 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5eb3491.css
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
40 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d257500.js
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
93 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8db1651.js
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
1 MB 467 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b999668.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
975 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0ffc43a.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3362935.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d4d54b1.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1219d1f.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a2999c2.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
987 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0f9e873.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
297 B 925 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
61 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
24b03d5.jpg
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
95 KB 96 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e8ad143.woff2
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b9cf5d8.ttf
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
116 KB 117 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a82e503.ttf
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
120 KB 120 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fe346c0.ttf
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
121 KB 122 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MTczMzA5NTAxNQ==
guigjkjhklk.vip/dcaec245b/ |
0 615 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
85 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
876e9ee.png
guigjkjhklk.vip/fbfdc2feb/7aa84/ |
26 KB 27 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| jQuery string| gJadMuzQOI4y function| b65e33f1cb function| b65e524980 function| b65e5089f1 function| b65ef23214 function| b65e2d5a8e function| b65e5cbaa6 function| b65e1d7a0f function| b65e2ab03f function| b65e2c3565 function| b65e138b88 function| b65e229af8 function| b65e595374 function| b65e42580e function| b65e13bcc function| b65e2d126c function| b65e17168c function| b65e4f9e98 function| b65ea4d75 function| b65e475be9 function| b65e4b829b function| b65e986bd function| b65e2e0b37 function| b65e4d739d function| b65e241ebc function| b65e3fd970 function| b65e15399c function| b65e2f0345 function| b65e336428 function| b65ec595 function| b65e13c69b function| b65e5a2104 function| b65e24df17 function| b65e1cb42c function| b65e827c5 function| b65e5311bf function| b65e30db39 function| b65e5f1101 function| b65e30699d function| b65e4d6390 function| b65e243f1c function| b65e278368 function| b65ef983b4 function| b65e5b74 function| b65ed2a5a7 function| b65e57c39e function| b65e5babaa function| b65e57b0be function| b65e39475a function| b65e5d94f9 function| b65e17ad2d function| b65e4a25eb function| b65eda180 function| b65e2b0442 function| b65e4d7a function| b65e3529ed function| b65e51243e function| b65e14b625 function| b65e1f6b29 function| b65e2d85f8 function| b65e2cfef1 function| b65e469d6b function| b65e386ddd function| b65e5af102 function| b65e284fff function| b65e35f84a function| b65e555c3e function| b65e2243fe function| b65e5e6897 function| b65e2fd56a object| b65e1106e4 function| b65e3192a2 function| b65e480c29 function| b65e1b761c function| b65e144beb function| b65e442973 function| b65e1aeb88 function| b65e597442 function| b65e334f16 function| b65ec8fa5b function| b65e59911d function| b65e51ae40 function| b65e27203b function| b65e4b6b34 function| b65eb731e2 function| b65e3866d2 function| b65e3d0a31 function| b65e47d11d function| b65e60b758 function| $J object| WebStorage function| UseTouchFriendlyMode function| UseSmallScreenMode function| UseMobileScreenMode function| UseTabletScreenMode function| UseNewMobileAppMode object| jQuery111108143542352495810 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
guigjkjhklk.vip
172.67.155.23
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
225edf54855697e6207ba9bded4d041d824e44c7c842f2803ede51764a9e54ab
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
4675a8ce063f9f5885a692f7a273acf7eeb800abca14aac75b6707b689532f04
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
51f2159ae7caf90e4ac07a3862694e90bc8e35694aeb5126b98473f2fd4b8504
5a2b76ea22f73dc68ae389aec6c1022efb59f1b8c5eb59d7234abfb9e9fbdcd0
5a67004c66d7a2b3e62209209e74588ce7d614cb19c84b4f31a32d1a0a67986d
610b2531f0a33a5d71598601fa59be896d05c3a70480a6c322f2e1574b9a50a0
62ee714a9397532fa0e2eaf5db739796a7e9a282ddb87855727841ded66193dc
81ba26e6e4dcfd8c3b34e38d7c09cdc5e327e64e7ccdab5990f17d0a6c7fa302
85b6b15391b3528bc453133b2e4802e0294252e60cf48ea22240332cf4ba20c0
9572ef4eb8d9300bdbb20f82e480375ceb9019c63c679327e31e9dae765bebe1
9b777f238455a6052ecd3ea3bfafe732076395468b51e65eff380be6b513cf9c
c5dc6d1485f0803e9b402ba71c8e4b95bc2533fced0cf40503c9f559bece9710
dca3acafe620896da1c3b024d2ddb6457f270a305221dd8cbe6e468e56d7c306
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e666b0f3a11868d51e113cedaa18a585f44eee4cc004a58c01c35243ddc4e7e0
f17f463a78ba108cd7f78e2ed0edd9d18369c28d895b46111b5898a6c297755a