steamcommynitiy.com
Open in
urlscan Pro
147.45.47.205
Malicious Activity!
Public Scan
Effective URL: https://steamcommynitiy.com/gift-card/937649152
Submission Tags: @phish_report
Submission: On September 15 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E6 on September 8th 2024. Valid for: 3 months.
This is the only time steamcommynitiy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 172.67.147.152 172.67.147.152 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 147.45.47.205 147.45.47.205 | 215789 (KARINAR) (KARINAR) | |
1 | 104.96.144.90 104.96.144.90 | () () | |
7 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
store-steaempowered.com
2 redirects
store-steaempowered.com |
44 KB |
1 |
steamcommunity.com
steamcommunity.com |
38 KB |
1 |
steamcommynitiy.com
steamcommynitiy.com |
8 KB |
7 | 3 |
Domain | Requested by | |
---|---|---|
6 | store-steaempowered.com |
2 redirects
store-steaempowered.com
|
1 | steamcommunity.com | |
1 | steamcommynitiy.com |
steamcommynitiy.com
|
7 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
store-steaempowered.com WE1 |
2024-09-15 - 2024-12-14 |
3 months | crt.sh |
steamcommynitiy.com E6 |
2024-09-08 - 2024-12-07 |
3 months | crt.sh |
store.steampowered.com DigiCert SHA2 Extended Validation Server CA |
2023-12-05 - 2024-12-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://steamcommynitiy.com/gift-card/937649152
Frame ID: B56B1B4BFDA13973830FFC4538F774E9
Requests: 6 HTTP requests in this frame
Frame:
https://steamcommynitiy.com/74492b05740252505e51404c51024a011051245a0a5405055c070d50
Frame ID: DE67A02296BA695D00E505F2D937A64D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Welcome Autumn!Page URL History Show full URLs
- https://store-steaempowered.com/s/KRQA Page URL
-
https://store-steaempowered.com/cdn-cgi/phish-bypass?atok=WZ05wa.jRNg7OTx.D_dM.G7PFMuqf3IDpAfUnY7D4tU-172642...
HTTP 301
https://store-steaempowered.com/s/KRQA HTTP 302
https://steamcommynitiy.com/gift-card/937649152 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://store-steaempowered.com/s/KRQA Page URL
-
https://store-steaempowered.com/cdn-cgi/phish-bypass?atok=WZ05wa.jRNg7OTx.D_dM.G7PFMuqf3IDpAfUnY7D4tU-1726425252-0.0.1.1-%2Fs%2FKRQA
HTTP 301
https://store-steaempowered.com/s/KRQA HTTP 302
https://steamcommynitiy.com/gift-card/937649152 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
KRQA
store-steaempowered.com/s/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
store-steaempowered.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
store-steaempowered.com/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
store-steaempowered.com/ |
175 KB 36 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
937649152
steamcommynitiy.com/gift-card/ Redirect Chain
|
21 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
74492b05740252505e51404c51024a011051245a0a5405055c070d50
steamcommynitiy.com/ Frame DE67 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
steamcommunity.com/ |
38 KB 38 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- steamcommynitiy.com
- URL
- https://steamcommynitiy.com/74492b05740252505e51404c51024a011051245a0a5405055c070d50
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| VMEOSp object| P90U3TW function| DLKNSD function| pCYpwb0 function| d9TC98 function| nsrSVZc function| oGS7Ib3 string| FQqZ9K string| _x_Erxr string| ryB6ee string| xlvxBf string| QG7PCL object| v888eN string| ZhCiIe object| K7Tg7V_ string| _id4pS object| uYX2KIp number| eo6Lq2 function| cYNPlq object| l5v3OS number| Eqa8vUO object| mHTFChn function| JjKuht function| wDiwS3J function| FWmGFXF function| GE2KNHG function| P9Xj13 function| HOElJp7 function| nhddMp function| aN0EFII function| e1VcRRE function| eYFUxco function| Bd0VbwX function| VmY6X9 function| h3yZqj function| lwT5ms function| xp_7KO function| eubJtCx object| token3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.store-steaempowered.com/ | Name: __cf_mw_byp Value: WZ05wa.jRNg7OTx.D_dM.G7PFMuqf3IDpAfUnY7D4tU-1726425252-0.0.1.1-/s/KRQA |
|
steamcommynitiy.com/ | Name: session Value: eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.pX8ZXd5DEQ97CFANfLda2b5zxBUkQLPi.SAKuz6dIyUxxzh-v.zsVunY3yjTes4Cd_CIywcwDp_XQo2TAfLa6W7cRBNo6Hp8VBJOJ53aA_9XCNksopzCRrF1pUjz0EN-deyKJ148uWkqbOogiFlRoQ0l1BZrEkFDXHFEwNyWV3mSOV1ziU93Dyi6EzWKqtXYPCe9vu2hahpv_ggL865t_voAK3X26f3qcG-_Z7u8hnlYDfpT-VLFsC3qxdfChvSILTPBQKNBjDlAdB5vn2ckDwrnNN3_m8SdR09m6v9A.cxTehDftUC6TFoc6O8QzaQ |
|
steamcommynitiy.com/ | Name: token Value: eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzQsInNlY3JldCI6IjAwZWQ5MzE3Nzc0YTJjOGU1Y2JjOWMzMWU2OGI2MjVmIiwic2VydmljZSI6IlN0ZWFtIn0.LQFv1cRWhGYu71O0RLvX21ixF6Ggzyg4lAc2jaIBRIc |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
steamcommunity.com
steamcommynitiy.com
store-steaempowered.com
steamcommynitiy.com
104.96.144.90
147.45.47.205
172.67.147.152
1df320e7753771847e99a7d80f1373a0f3424444f4ee5a482786c6ae04603f32
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
a7ad863752a2d9c757c5f9b351e592c8a450e0c79edab0d7aa62479ba84cef8c
ce83b35dd4d68eb7f78c8d42e96e1090cd9cd214e022c173d663ec5a46c0d83d
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016