steam.poweredgift.com Open in urlscan Pro
104.21.56.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://steam.poweredgift.com/
Effective URL:
https://steam.poweredgift.com/
Submission: On March 02 via api (March 2nd 2024, 9:23:50 am UTC) from FI — Scanned from FI

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 104.21.56.5, located in and belongs to CLOUDFLARENET, US. The main domain is steam.poweredgift.com.
TLS certificate: Issued by GTS CA 1P5 on February 29th 2024. Valid for: 3 months.

This is the only time steam.poweredgift.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.21.56.5 104.21.56.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
6	172.67.142.11 172.67.142.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	4

6 104.21.56.5 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

steam.poweredgift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.poweredgift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.142.11 (United States)

ASN13335 (CLOUDFLARENET, US)

randomxpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	randomxpanel.com randomxpanel.com	1 KB
6	poweredgift.com 1 redirects steam.poweredgift.com cdn.poweredgift.com	2 MB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368	88 KB
12	3

	Domain	Requested by
6	randomxpanel.com	steam.poweredgift.com
4	steam.poweredgift.com	1 redirects cdn.poweredgift.com steam.poweredgift.com
2	cdn.poweredgift.com	steam.poweredgift.com
1	ajax.googleapis.com	steam.poweredgift.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
poweredgift.com GTS CA 1P5	`2024-02-29` - `2024-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
randomxpanel.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://steam.poweredgift.com/
Frame ID: 04B4C4D1FAC96AE5B32FA14B573B9DEF
Requests: 21 HTTP requests in this frame

Frame: https://steam.poweredgift.com/rulrnbndxcbt.html
Frame ID: F293E03F56AB56B5EC5D67456D9CCBC5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Steam, The Ultimate Online Game Platform

Page URL History Show full URLs

http://steam.poweredgift.com/ HTTP 301
https://steam.poweredgift.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

2297 kB
Transfer

5106 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://steam.poweredgift.com/ HTTP 301
https://steam.poweredgift.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
steam.poweredgift.com/
Redirect Chain

http://steam.poweredgift.com/
https://steam.poweredgift.com/

2 MB
1 MB

772ms
240ms

Document
text/html

104.21.56.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://steam.poweredgift.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.56.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd37b3fd622c6278e4571c2242c2b14cbf97a8f1473f23918e1903bef192c1aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85e054642b1a736b-CPH
content-encoding: br
content-type: text/html
date: Sat, 02 Mar 2024 09:23:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg6YavmKFCpanfavSXJHS9gwiRhx7zIDId7XHzhaJGhLLC0DYJGiI37NWX0jCvnfsySDnDxbWHi2tAkyTH3K486u9vgVZLgKQJtby9QcPBDH71kuRe91FBQKAoHsU2aiyf%2FAk5u1ZEQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 85e0545fab73abcf-CPH
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 02 Mar 2024 09:23:42 GMT
Expires: Sat, 02 Mar 2024 10:23:42 GMT
Location: https://steam.poweredgift.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJph%2Fa1nabOfegIXk9DrOogFGPxuWnIwT1BfyAw37WTP50MyuyfXzUf6xn0g9pvS2lrqAvrZ7rp3BhU3tbmrkpz%2B96B72hU%2BXAq22hchE2VKEDI6haIwhbepRiKzsbH0FUw%2FmqV%2B9GQ%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 291 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 161 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 191 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a30196bdec7ce1a39dd394923e35bb0f4a0de30390851f8ec000928b1c344d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 116 KB
116 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

Request headers

Referer
Origin: https://steam.poweredgift.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 121 KB
121 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

Request headers

Referer
Origin: https://steam.poweredgift.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 120 KB
120 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

Referer
Origin: https://steam.poweredgift.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 487 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b742f628cbe7bf577c82994d01f4a25312c3ba38e01232197f8b282fc48c833

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18e6ee2ed3ea311b09c504798ccbb37fb9386840a9fce138f0a03dfa3d5564df

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caabf4747b164eb5fa61a0d1461443961ff2ffae35eb60869f2e4f93d1530cf1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d46c60d96efe34a372f59b9b4844f2ac5301e0fa1e0c460bc5e888134af9a57c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 940 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f15208efd7d316c067ed5f70c97f0a3159861e1ae47dfd96762cfca293b84aab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 121 KB
121 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

Request headers

Referer
Origin: https://steam.poweredgift.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 120 KB
120 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

Request headers

Referer
Origin: https://steam.poweredgift.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 main.073c9b0a.css
cdn.poweredgift.com/static/css/ 118 KB
30 KB 823ms
809ms Stylesheet
text/css 104.21.56.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poweredgift.com/static/css/main.073c9b0a.css
Requested by: Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.56.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 84dfbfef6f4cdd07cf545d6136dd21171c4bbdb7002ba0ca8ad69b713272f6f1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://steam.poweredgift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 09:23:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 15:09:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1d942-187142b12a6"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRo3zLO1o8GMmdgtWZa9jbB8vPGYZfBHCtAsZvKOepySw75L3FrkkdTgPUQHS7C9JLe%2BT5YPABa9VFSgubFHV%2FnqerajyoNcpbqpQFw9%2BEAXTDR1CC%2B3CO6Q29LBR1DsQGFLlYt6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 85e054677eba736b-CPH
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
88 KB 757ms
187ms Script
text/javascript 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://steam.poweredgift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 14:50:19 GMT
x-content-type-options: nosniff
age: 239605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89947
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 14:50:19 GMT

GET
H2 200 main.66ec5583.js Show response
cdn.poweredgift.com/static/js/ 189 KB
59 KB 720ms
716ms Script
application/javascript 104.21.56.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poweredgift.com/static/js/main.66ec5583.js
Requested by: Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.56.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9050c3c6187cf144f108da835e351aa3d0bc3815b717d45e2d16ad17014af5f2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://steam.poweredgift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 09:23:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Mar 2023 06:55:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2f42e-18726fffdd8"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuU5Cl4u85mDAQEIoojfp5Mu8Cqpjzlh3wSHnDpFvLT234%2BzYllnhXydflj%2F63BxywlJwwIR8QHIvpuzbou4T0oBY7RCcNw33NymGlaWGZvAPyM9%2BOP%2FTpPveLoSE3eaAki17Qgw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 85e054677ebc736b-CPH
alt-svc: h3=":443"; ma=86400

GET
H2 200 rulrnbndxcbt.html Show response
steam.poweredgift.com/ Frame F293 51 KB
29 KB 155ms
154ms Document
text/html 104.21.56.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://steam.poweredgift.com/rulrnbndxcbt.html
Requested by: Host: cdn.poweredgift.com
URL: https://cdn.poweredgift.com/static/js/main.66ec5583.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.56.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c97b97d819b04616a9ef528a3c12e355d9bc1f9055a9659637d439e82deed67

Request headers

Referer: https://steam.poweredgift.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85e0546d0d18736b-CPH
content-encoding: br
content-type: text/html
date: Sat, 02 Mar 2024 09:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmSm9hRA%2BXR1hGjCUT815%2FKw81e1hsZdJtzYEH3vpgkEtvVCYhyqOa9CObbH%2FJMxuQaMUmQySI7nLGMh9RGuBYuKIeCYrah7F8wVsYQS5YLCqVleXOqvXCGF9ThyFHz0B%2FHEtnLrD3k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 nbyn34s8vcna.js Show response
steam.poweredgift.com/ Frame F293 1 MB
403 KB 270ms
270ms Script
application/javascript 104.21.56.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://steam.poweredgift.com/nbyn34s8vcna.js
Requested by: Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/rulrnbndxcbt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.56.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 026d41301a1f90c11ace7d67f374feb2ddd220a546429781c6ba864e15ab65a1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://steam.poweredgift.com/rulrnbndxcbt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 09:23:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 29 Feb 2024 19:37:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e0dd17-10e742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq4A3PUZAPN75%2FI9LhIpqELUJ3yIHPSlH4dH0rL3dRYHVjRyZjnS9AbfR5SVX8bnJvNEylrRqHQ20f6oAKKai0t%2FzRVn9ubAuevQC1cTPEXAYZoFwaAxci2IbL%2FSphmb9VDKkxSxXgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 85e0546dfdf7736b-CPH
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Mar 2024 09:23:45 GMT

OPTIONS
H2 200 dblyennopohldpkpspmjkmsvckxacpwmahfxipafibjten
randomxpanel.com/ Frame 0
0 870ms
318ms Preflight
text/html 172.67.142.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomxpanel.com/dblyennopohldpkpspmjkmsvckxacpwmahfxipafibjten
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://steam.poweredgift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85e0547458097373-CPH
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 02 Mar 2024 09:23:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgS2gsDxkIVnnZOq7uu3W2TxXwTWVnhl99CAhK9Ac6OY9RWgFgYhKXLtND6Psbn7tV1HC1S6v90%2BcxQY6us7%2FtGFTYmFAkrvnkQg6pOsE2N5gIs%2Bh0PCYNL9SDNWqpWkfYHF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

POST
H2 200 dblyennopohldpkpspmjkmsvckxacpwmahfxipafibjten Show response
randomxpanel.com/ Frame F293 48 B
396 B 239ms
237ms XHR
application/json 172.67.142.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomxpanel.com/dblyennopohldpkpspmjkmsvckxacpwmahfxipafibjten
Requested by: Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/nbyn34s8vcna.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7848c9683040f6351d99c6fe210687998efccefc4589ba7758bb9fd91e5e54ee

Request headers

Accept: application/json, text/plain, */*
Referer: https://steam.poweredgift.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 09:23:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"30-Q6HOv6H9hr6XY5mTo0+4YMxRbsk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiFXgT1hBUVKIzCnScQYIVI%2FImfV6Wmp3w5guPo4kAxeAOJ%2Fj4eQomPyG1izzC5FFBhZ%2FsCQ1c%2BVfjMG2zInPnCK4tkVIXZWhmMwG%2Brpf2mwXfLaBrUlqHPXnushcdGaHxMb"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 85e0547619ba7373-CPH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame F293 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F293 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F293 33 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F293 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 cqudhcuaeycmclvok Show response
randomxpanel.com/ Frame F293 70 B
393 B 573ms
572ms XHR
application/json 172.67.142.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomxpanel.com/cqudhcuaeycmclvok
Requested by: Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/nbyn34s8vcna.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8696b92cdae1a677d2bd5fe762dac040dfa61589284834924ae540b7a2d977c9

Request headers

Accept: application/json, text/plain, */*
Referer: https://steam.poweredgift.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 09:23:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"46-TGvnSh1DSPn6kHvv+6ustXql478"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSHJqeYmICs14OHYw2sMc0OTJDonIQ09Kwn3PRGJ%2B2M6wtcBTSOjD9%2BBecNBuBuge60B23O3hcccwY81d5evMjwXKiLmSWH4qzsk6ha%2FQNXfEprAIIwl%2Buq3VuYNSTMPHvmM"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 85e05478bc777373-CPH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 cqudhcuaeycmclvok
randomxpanel.com/ Frame 0
0 166ms
166ms Preflight
text/html 172.67.142.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomxpanel.com/cqudhcuaeycmclvok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://steam.poweredgift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85e05477ab897373-CPH
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 02 Mar 2024 09:23:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dmuym0wA0fkQfzm9FznCDP8azxuHORSwayjpqwhXnU4YIQS8oWlXB%2FPX%2BiSgSVAjCdFXS%2Fu21Q7oYxxa7BC5m1E%2BdmW5IJrkIfD07qAMj1B6Fhc%2BKSNuQiUddVPkHL%2BBoe1%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

POST
H2 200 cmrihuzkeyyrcqitk Show response
randomxpanel.com/ Frame F293 12 B
312 B 234ms
234ms XHR
application/json 172.67.142.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomxpanel.com/cmrihuzkeyyrcqitk
Requested by: Host: steam.poweredgift.com
URL: https://steam.poweredgift.com/nbyn34s8vcna.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept: application/json, text/plain, */*
Referer: https://steam.poweredgift.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 09:23:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c-W8b47RZH5mUQPFFL7w2Ud28rDAA"
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T3wO8rcErNqu6%2BH9ysx9QqjbrkkfA0NGOTnVY6LmyiD1k2gTqB6SHkjecZ9ONu3KN7ipZaYEYSMkwhqMGuUJyw8A7ZzP24ZbZ%2BD6iiqKHrflyFKzvA%2BMfuGM0olXcTYsmG8"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 85e05489df0c7373-CPH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 12
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 cmrihuzkeyyrcqitk
randomxpanel.com/ Frame 0
0 160ms
159ms Preflight
text/html 172.67.142.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomxpanel.com/cmrihuzkeyyrcqitk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://steam.poweredgift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85e05488edae7373-CPH
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 02 Mar 2024 09:23:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPUKR%2BHrVkfAZU0oYhTUY8aXv0lt4%2FGM2kApbXasBPx10zRPuWqLIl6Mw%2BbZiIAswrqVA0e7E2h%2FjCsVuAfnOlygeAbuLg2zzw1RQu6%2Fy500Y0hXzzYyMyg%2Fac0YgwjWfZLG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| webpackChunkfake_window

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.poweredgift.com
randomxpanel.com
steam.poweredgift.com
104.21.56.5
142.250.184.234
172.67.142.11
026d41301a1f90c11ace7d67f374feb2ddd220a546429781c6ba864e15ab65a1
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
18e6ee2ed3ea311b09c504798ccbb37fb9386840a9fce138f0a03dfa3d5564df
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
1b742f628cbe7bf577c82994d01f4a25312c3ba38e01232197f8b282fc48c833
1c97b97d819b04616a9ef528a3c12e355d9bc1f9055a9659637d439e82deed67
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
6a30196bdec7ce1a39dd394923e35bb0f4a0de30390851f8ec000928b1c344d8
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
7848c9683040f6351d99c6fe210687998efccefc4589ba7758bb9fd91e5e54ee
84dfbfef6f4cdd07cf545d6136dd21171c4bbdb7002ba0ca8ad69b713272f6f1
8696b92cdae1a677d2bd5fe762dac040dfa61589284834924ae540b7a2d977c9
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
9050c3c6187cf144f108da835e351aa3d0bc3815b717d45e2d16ad17014af5f2
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
caabf4747b164eb5fa61a0d1461443961ff2ffae35eb60869f2e4f93d1530cf1
d46c60d96efe34a372f59b9b4844f2ac5301e0fa1e0c460bc5e888134af9a57c
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66
f15208efd7d316c067ed5f70c97f0a3159861e1ae47dfd96762cfca293b84aab
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
fd37b3fd622c6278e4571c2242c2b14cbf97a8f1473f23918e1903bef192c1aa

steam.poweredgift.com Open in urlscan Pro 104.21.56.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

2297 kBTransfer

5106 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

steam.poweredgift.com Open in urlscan Pro
104.21.56.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

2297 kB
Transfer

5106 kB
Size

0
Cookies

12 HTTP transactions
21 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!