help.poweredsupport.com Open in urlscan Pro
2606:4700:3030::6815:1d5c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://help.poweredsupport.com/v/76561198840695586
Effective URL:
https://help.poweredsupport.com/v/76561198840695586
Submission: On October 14 via automatic, source openphish (October 14th 2024, 2:06:36 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3030::6815:1d5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is help.poweredsupport.com.
TLS certificate: Issued by WE1 on August 29th 2024. Valid for: 3 months.

This is the only time help.poweredsupport.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3030::6815:1d5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.67.133.187 23.67.133.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:480... 2a02:26f0:480:15::213:7e5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	188.116.20.70 188.116.20.70	200590 (ASNLS) (ASNLS)
22	5

12 2606:4700:3030::6815:1d5c (United States)

ASN13335 (CLOUDFLARENET, US)

help.poweredsupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pulsy.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.67.133.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-133-187.deploy.static.akamaitechnologies.com

help.steampowered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:15::213:7e5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

avatars.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.116.20.70 (Almaty, Kazakhstan)

ASN200590 (ASNLS, KZ)

tyson-mrbeast.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	poweredsupport.com help.poweredsupport.com	775 KB
5	steampowered.com help.steampowered.com — Cisco Umbrella Rank: 39076	9 KB
2	steamstatic.com avatars.akamai.steamstatic.com — Cisco Umbrella Rank: 23654	4 KB
2	pulsy.top pulsy.top	3 KB
1	tyson-mrbeast.pics tyson-mrbeast.pics	393 B
22	5

	Domain	Requested by
12	help.poweredsupport.com	help.poweredsupport.com
5	help.steampowered.com	help.poweredsupport.com
2	avatars.akamai.steamstatic.com	help.poweredsupport.com
2	pulsy.top	help.poweredsupport.com pulsy.top
1	tyson-mrbeast.pics	help.poweredsupport.com
22	5

This site contains links to these domains. Also see Links.

Domain
store.steampowered.com
steamcommunity.com
help.steampowered.com
www.valvesoftware.com
partner.steamgames.com

Subject Issuer	Validity	Valid
poweredsupport.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
pulsy.top WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
store.steampowered.com DigiCert SHA2 Extended Validation Server CA	`2023-12-05` - `2024-12-05`	a year	crt.sh
avatars.akamai.steamstatic.com R11	`2024-08-15` - `2024-11-13`	3 months	crt.sh
tyson-mrbeast.pics R11	`2024-10-07` - `2025-01-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://help.poweredsupport.com/v/76561198840695586
Frame ID: 5FA101133F8FC54ECFCD0D8B8CF081AA
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support :: KusiGame

Page URL History Show full URLs

http://help.poweredsupport.com/v/76561198840695586 HTTP 307
https://help.poweredsupport.com/v/76561198840695586 Page URL

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

791 kB
Transfer

1281 kB
Size

1
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://store.steampowered.com/

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/explore/
Title: Discovery Queue

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/wishlist/
Title: Wishlist

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/points/shop/
Title: Points Shop

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/charts
Title: Stats

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/discussions/
Title: Discussions

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/workshop/
Title: Workshop

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/market/
Title: Market

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/?subsection=broadcasts
Title: Broadcasts

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/
Title: KusiGame

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/home/
Title: Activity

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/friends/
Title: Friends

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/games/
Title: Games

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/groups/
Title: Groups

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/screenshots/
Title: Content

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/badges/
Title: Badges

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/my/inventory/
Title: Inventory

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/yearinreview/
Title: Year In Review

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/chat/
Title: Chat

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/profiles/76561198840695586/
Title: View my profile

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/account/
Title: Account details

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/account/preferences/
Title: Store preferences

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/steamaccount/addfunds/
Title: View my wallet

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/en/faqs/view/669A-2F68-D1D1-A5EC
Title: Another steps...

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/en/faqs/view/46D2-B5B1-F0B9-B867
Title: Using a Router with Steam

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/en/faqs/view/66C8-4FF1-8470-B666
Title: Using a Firewall with Steam

Search URL Search Domain Scan URL

URL: http://www.valvesoftware.com/

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/privacy_agreement/?snr=100601_44_44_
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/legal/?snr=100601_44_44_
Title: Legal

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/subscriber_agreement/?snr=100601_44_44_
Title: Steam Subscriber Agreement

Search URL Search Domain Scan URL

URL: http://www.valvesoftware.com/about.html
Title: About Valve

Search URL Search Domain Scan URL

URL: https://partner.steamgames.com/?snr=100601_44_44_
Title: Steamworks

Search URL Search Domain Scan URL

URL: http://www.valvesoftware.com/jobs.html
Title: Jobs

Search URL Search Domain Scan URL

URL: https://partner.steamgames.com/steamdirect
Title: Steam Distribution

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/digitalgiftcards/?snr=100601_44_44_
Title: Gift Cards

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://help.poweredsupport.com/v/76561198840695586 HTTP 307
https://help.poweredsupport.com/v/76561198840695586 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request 76561198840695586 Show response
help.poweredsupport.com/v/
Redirect Chain

http://help.poweredsupport.com/v/76561198840695586
https://help.poweredsupport.com/v/76561198840695586

21 KB
6 KB

283ms
246ms

Document
text/html

2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.8
Resource Hash: 2eb601d427a8fababf53e23144c843c738be13d79f12d97338c026eb080bb5e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: help.poweredsupport.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d2402b4de98a022-FRA
content-encoding: zstd
content-type: text/html;charset=UTF-8
date: Mon, 14 Oct 2024 02:06:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfVqIduph75hAWASkd6ZAU5jeO2QPB3TqKO%2Bczk%2BrmSTOfJCZDDwjk14J9AcUmSSSKTMAEc0d0JH1sKLbn6lPQF54I8Nb6R7465Os9bj7D%2FAi8suZdt0A4jFBXREmP4%2BiViy9DpeAAwJaVCmS5sCd2QfIdGwBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Origin accept-encoding
x-powered-by: PHP/8.3.8

Redirect headers

Location: https://help.poweredsupport.com/v/76561198840695586
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 speculation
help.poweredsupport.com/cdn-cgi/ 128 B
596 B 52ms
51ms Other
application/speculationrules+json 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://help.poweredsupport.com
Referer: https://help.poweredsupport.com/v/76561198840695586

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eja7%2B7KzFKKNQ2T%2FhE7jHXQGVBJbQ3VHZ0T%2BH5HolrzCmJwWNXu4vRmC4WHHxv857vnWztzJkGyTjWI9vmT%2BDNgwR5OWDVplyb2jpVbX29KgPv%2BhsqlxzILuMMmeyoM3l31wy%2FrI%2BhgK4RKbXUzgIAHDTFzd2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b67fc1a022-FRA
access-control-allow-origin: https://help.poweredsupport.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 script.tagged-events.pageview-props.outbound-links.js Show response
pulsy.top/js/ 3 KB
2 KB 71ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pulsy.top/js/script.tagged-events.pageview-props.outbound-links.js

Requested by

Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e3b5a6b72989568f517ed8d9b2bb61dbd72e5edb9b89b2705d4a51b2e9d030

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 60968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYnPgbXnUUUKo92BISkmM4SARKdoxBkShA7Dg8gNoMxlgOnkFcKbak7DOucb%2FqDeNWe%2Fh5RJ%2FcetMQEGHqN6GWvRPrnRiWDzOdlfmQK5TWVwD7R5eUOLp%2BZWfK6K07zcpeggc2udsgM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/javascript
x-served-by: pulsy.top
vary: Accept-Encoding
last-modified: Sun, 13 Oct 2024 09:10:23 GMT
cache-control: public, max-age=86400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d2402b6be073a4f-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 3d0da5is9kfs.js Show response
help.poweredsupport.com/public/assets/js/ 506 KB
170 KB 52ms
51ms Script
application/javascript 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/assets/js/3d0da5is9kfs.js
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94c4f561af79ec3e608a1d2c9b58a9b05d39d0ace10c5e5b39532301f38d1ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/v/76561198840695586

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6703a9e0-7e838"
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4pHlTTaLheJ%2BgVqwx68VmvL4Z6Aoko%2BTaeVlnDRNX8b6Vorhev1KBiypkXMZEysyhFHgzhE5NPmd5vTA2JiDDDK46wpsyKpXf9GwanqrpvwEHoUl%2FMfLS84Xs9Jev4Uq%2B6ddD%2FxphHY5RY6tHGAxkz9vcMbo%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b67fc5a022-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 09:29:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 app-1485cae2.css
help.poweredsupport.com/public/build/assets/ 50 KB
10 KB 30ms
29ms Stylesheet
text/css 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1485cae2f5e85e133fe26948e101aeb7a968571aa16c8ed3895f60fc9115d7ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/v/76561198840695586

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f46680-c63c"
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWBapxe9shWLvmaSzzJEdvFV5GU1SBI5Ddd57WltJeJZfWda4A89UKDpgw4BAiyTFRRi2THDbrk%2FdKg6AY8TiIRookga0%2BLW9vFOGPm5%2FUM6dwXILhOU6CCjDLabGXvPJdXrs9oh5SNcHf6ZGkT5MKqxL%2FjUMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b67fc6a022-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 app-f123e354.js Show response
help.poweredsupport.com/public/build/assets/ 177 KB
82 KB 31ms
30ms Script
application/javascript 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/build/assets/app-f123e354.js
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acac1e69cd8e9ad785bf5b0cbe6a5ea752440b359f2adf8871a1602a990a875d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://help.poweredsupport.com
Referer: https://help.poweredsupport.com/v/76561198840695586

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f46680-2c2bc"
age: 6406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBI4X90RbDw%2FnnSBQUP%2B7%2BF9cQL7FExvGT5SNt3p0k6w8%2BoyraarkwkW7QxpEOtKCA%2FnpxkiyKmu%2F18aU2OEY0CQq9e7jnWJaJcS89OR5jkoDC%2BEvCHeUQp66CGLqLOpy%2FMsCXJSd4Kg2oGgzJtJTf3nPH%2FowA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b67fc7a022-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK logo_steam.svg
help.steampowered.com/public/shared/images/header/ 4 KB
4 KB 219ms
176ms Image
image/svg+xml 23.67.133.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://help.steampowered.com/public/shared/images/header/logo_steam.svg?t=962016

Requested by

Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.133.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-133-187.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
ETag: "5fb45dad-e64"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3684
Date: Mon, 14 Oct 2024 02:06:31 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 17 Nov 2020 23:33:01 GMT
Server: nginx

GET
H2 200 523b1f904b597b005582940e416972e7f79b0b84_medium.jpg
avatars.akamai.steamstatic.com/ 2 KB
2 KB 96ms
22ms Image
image/jpeg 2a02:26f0:480:15::213:7e5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.akamai.steamstatic.com/523b1f904b597b005582940e416972e7f79b0b84_medium.jpg
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6014d4b2c161b5a7016eabc5229dacbf18dafd06b9fb968ff483d0a5e72455e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

content-md5: Qfde9tz2JGxiN/xD6teuPQ==
cache-control: public, max-age=315313852
etag: "0x8DA053F1E4D37F1"
expires: Wed, 11 Oct 2034 13:17:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1858
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: image/jpeg
last-modified: Sun, 13 Mar 2022 22:16:27 GMT
server: nginx

GET
H2 200 fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_medium.jpg
avatars.akamai.steamstatic.com/ 1 KB
2 KB 94ms
20ms Image
image/jpeg 2a02:26f0:480:15::213:7e5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_medium.jpg
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c5e52a948590226a9a789364ffa8171c33ba7f1749481b1a4a8b06162dd4c792

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

cache-control: public, max-age=285768850
etag: "5b36b962-58f"
expires: Thu, 03 Nov 2033 14:20:41 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1423
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: image/jpeg
last-modified: Fri, 29 Jun 2018 22:57:38 GMT
server: nginx

GET
H/1.1 200
OK footerLogo_valve_new.png
help.steampowered.com/public/images/ 3 KB
3 KB 231ms
176ms Image
image/png 23.67.133.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://help.steampowered.com/public/images/footerLogo_valve_new.png
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/v/76561198840695586
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.133.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-133-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

ETag: "605a768e-a18"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2584
Date: Mon, 14 Oct 2024 02:06:31 GMT
Content-Type: image/png
Last-Modified: Tue, 23 Mar 2021 23:15:26 GMT
Server: nginx

GET
H3 200 blue_body_top-aeacbf69.jpg
help.poweredsupport.com/public/build/assets/ 50 KB
50 KB 88ms
88ms Image
image/jpeg 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://help.poweredsupport.com/public/build/assets/blue_body_top-aeacbf69.jpg
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f46680-c6c7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PjD3F6gQ5jZs7XzJ00yYF9Ly7xVU41viXh%2BU2Ir%2BJh0rJ1yMSNppHhLEiFaZLBObPAuT4LzQzuG89h3b5ctLSO1eM1XS6Dblxk8hAUo7r25HK0X0JIzXQ1OzhqLMcbq4jpZ%2FsECVVf6J4G6Kul5MGo0kGL0NAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b75848a022-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 50887
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 blue_body_repeat-b258176e.jpg
help.poweredsupport.com/public/build/assets/ 64 KB
65 KB 84ms
83ms Image
image/jpeg 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://help.poweredsupport.com/public/build/assets/blue_body_repeat-b258176e.jpg
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b258176e6b291343c18679962ab8658108451a22f12a5aecab106501d8bc091e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f46680-100cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdtePoK74FkeZyCySkDcLZbE%2Fba0xP5dDd0jwsMVv8v7cAKRvc7FSmRw3olmfXJLCz3CHaOf%2Blsj4SRQMn31rvbz%2F8vksEnCpftNVYOjCS%2Bq7vQBrskyulec%2FDwcduHELwiP%2BJgwcziRyjF9Zn1uO8ElL6ZfYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b7584aa022-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 65743
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK btn_header_installsteam_download.png
help.steampowered.com/public/shared/images/header/ 291 B
595 B 219ms
178ms Image
image/png 23.67.133.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://help.steampowered.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

Requested by

Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.133.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-133-187.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
ETag: "5ab19bf7-123"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 291
Date: Mon, 14 Oct 2024 02:06:31 GMT
Content-Type: image/png
Last-Modified: Tue, 20 Mar 2018 23:40:39 GMT
Server: nginx

GET
H/1.1 200
OK btn_arrow_down_padded.png
help.steampowered.com/public/shared/images/popups/ 161 B
464 B 230ms
190ms Image
image/png 23.67.133.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://help.steampowered.com/public/shared/images/popups/btn_arrow_down_padded.png

Requested by

Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.133.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-133-187.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
ETag: "5a4ffd98-a1"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 161
Date: Mon, 14 Oct 2024 02:06:31 GMT
Content-Type: image/png
Last-Modified: Fri, 05 Jan 2018 22:35:04 GMT
Server: nginx

GET
H/1.1 200
OK arrow_right.png
help.steampowered.com/public/images/ 1 KB
1 KB 230ms
190ms Image
image/png 23.67.133.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://help.steampowered.com/public/images/arrow_right.png
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.133.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-133-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/

Response headers

ETag: "5a4ffd80-448"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1096
Date: Mon, 14 Oct 2024 02:06:31 GMT
Content-Type: image/png
Last-Modified: Fri, 05 Jan 2018 22:34:40 GMT
Server: nginx

GET
H3 200 MotivaSans-Medium-045b433f.ttf
help.poweredsupport.com/public/build/assets/ 121 KB
122 KB 86ms
85ms Font
application/octet-stream 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/build/assets/MotivaSans-Medium-045b433f.ttf?v=4.015
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://help.poweredsupport.com
Referer: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f46680-1e490"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYYKqUHAooSL3MJgBnIKvJagn2uTbGPLF5v6K%2BOHR16OrP4RZKK6Ptr8yzwd%2Fq3l%2Fh%2BM2gSeky7Ws9JII4%2BpWQAYI7zaNT3QCN5rRQvGW%2FwnUsEM1rBtmr1O7Of1B44xZkFZO8%2FATzdL3OxqfeMLlhhE7NIAFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b7684fa022-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 124048
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/octet-stream
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 MotivaSans-Regular-19b8db16.ttf
help.poweredsupport.com/public/build/assets/ 120 KB
120 KB 94ms
94ms Font
application/octet-stream 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/build/assets/MotivaSans-Regular-19b8db16.ttf?v=4.015
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://help.poweredsupport.com
Referer: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f46680-1df3c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G38aTYFfPm%2BSs5U%2BOcwQ7WokYJ7UJ4KsQIlMsg1o5uHStY%2F30QjoD1Hg%2F%2BpGACxmBYtLu7FPBa2uGkBbYX4zo6r8PXEjRSi25kcEPxYQ0syBwyquuki01Lbu6Jnid2rpoaiydMGfGLu6ww4OjgUC6wUL8WwPLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b76850a022-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 122684
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/octet-stream
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 MotivaSans-Light-6b7a3177.ttf
help.poweredsupport.com/public/build/assets/ 120 KB
120 KB 97ms
97ms Font
application/octet-stream 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/build/assets/MotivaSans-Light-6b7a3177.ttf?v=4.015
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://help.poweredsupport.com
Referer: https://help.poweredsupport.com/public/build/assets/app-1485cae2.css

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f46680-1df24"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKw2CtraZq7LzacUOO9iYCA37t0MK0ZZHtpsA7w%2Fd5BIjdY7AnB4ZSMHEhOPIGhWspM81Paeje%2B7zK8HHnHdwX11Tbcss4ylBplJcUE1OmYF1huZX3NKnsyybLj%2Fiz8iViKjSAMsRxU4vBXvQGh%2B9mj4ffRwGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b76851a022-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 122660
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: application/octet-stream
last-modified: Wed, 25 Sep 2024 19:37:36 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 202 event Show response
pulsy.top/api/ 2 B
521 B 214ms
190ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulsy.top/api/event
Requested by: Host: pulsy.top
URL: https://pulsy.top/js/script.tagged-events.pageview-props.outbound-links.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://help.poweredsupport.com/

Response headers

x-request-id: F_4vjYDA2r-QTZoACMCx
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tlztTFQMXrA6x7tqMM6RC8VXGs%2FIJ5HsWgQ4mw9zsjfREN3MnAU%2Bw%2FfkRuPH%2BtqkoJH0i8%2BLr%2FBPj670Kgnn3aaQh9iqc9YV2fmKqa1yZdEldbDTcaRwiVV1N3S7OaK%2B91YvqFRc30%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b79bb0d2a8-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: text/plain; charset=utf-8
server: cloudflare

POST
H/1.1 200
OK dqklikdagotprpuxflmjenoohwiazhsixlwaigocqbvspn Show response
tyson-mrbeast.pics/ 48 B
393 B 966ms
187ms XHR
application/json 188.116.20.70
ASNLS

General

Check archive.org

Show headers Download Go to

Full URL: https://tyson-mrbeast.pics/dqklikdagotprpuxflmjenoohwiazhsixlwaigocqbvspn
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/assets/js/3d0da5is9kfs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.116.20.70 Almaty, Kazakhstan, ASN200590 (ASNLS, KZ),
Reverse DNS
Software: / Express
Resource Hash: 374b1c4e1e5036fb5f6f7fafed78b8cdcecab1b6a87b97426142e6b65a9c2ce8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://help.poweredsupport.com/

Response headers

ETag: W/"30-6LtxL6j3ajiCzCGB48gFeUY5zFc"
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 48
Keep-Alive: timeout=5
Date: Mon, 14 Oct 2024 02:06:32 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 76561198840695586 Show response
help.poweredsupport.com/steam/getUser/ 729 B
826 B 225ms
225ms Fetch
application/json 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/steam/getUser/76561198840695586
Requested by: Host: help.poweredsupport.com
URL: https://help.poweredsupport.com/public/build/assets/app-f123e354.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.8
Resource Hash: ed9bf9e5fbbd1997782a53feedaab49a83f5b9c9c7b71707394692dc28a76bac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/v/76561198840695586

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXfqVbnusuoicHDwHUdSWvzwEgXyfAOg0YIzekhQD0erALDswbI3vPkmiE%2BkGbOOPGqHwtuVmX%2Fh1RfZVnTT9L1A%2Bg5iW6HK77xD%2BdbGplxLGtXdk5Ty3KUIBJo8LAfHC6evDnJcfSRQfD%2BsQiOnTDIgBIaJvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cf-ray: 8d2402b8c923a022-FRA
access-control-allow-origin: help.poweredsupport.com
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 02:06:32 GMT
content-type: application/json
x-powered-by: PHP/8.3.8
vary: Origin, accept-encoding
server: cloudflare
access-control-allow-headers: *

GET
H3 200 favicon.ico
help.poweredsupport.com/public/ 38 KB
28 KB 66ms
66ms Other
image/x-icon 2606:4700:3030::6815:1d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.poweredsupport.com/public/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://help.poweredsupport.com/v/76561198840695586

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"6690cb50-969a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXLke6Cc4PoSdGm1DunTuGq%2Bq5e%2Fe2r9M2N9F9B1paApr3e81bUljZk6kFnyf9rktByVcICedgJFcPYIv8hGqcMY%2BOLel5wru3LNgU4jI2wTeuuvJYYYfGCMdXpssdsFg5txwYFqiBOUUOuIM7sd3%2BHAd3PfTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2402b8c925a022-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 02:06:31 GMT
content-type: image/x-icon
last-modified: Fri, 12 Jul 2024 06:21:04 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			help.poweredsupport.com/	1969-12-31 23:59:59	Name: account_id Value: 76561198840695586

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.akamai.steamstatic.com
help.poweredsupport.com
help.steampowered.com
pulsy.top
tyson-mrbeast.pics
188.116.20.70
23.67.133.187
2606:4700:3030::6815:1d5c
2a02:26f0:480:15::213:7e5b
2a06:98c1:3120::3
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1485cae2f5e85e133fe26948e101aeb7a968571aa16c8ed3895f60fc9115d7ff
18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2eb601d427a8fababf53e23144c843c738be13d79f12d97338c026eb080bb5e7
374b1c4e1e5036fb5f6f7fafed78b8cdcecab1b6a87b97426142e6b65a9c2ce8
46e3b5a6b72989568f517ed8d9b2bb61dbd72e5edb9b89b2705d4a51b2e9d030
6014d4b2c161b5a7016eabc5229dacbf18dafd06b9fb968ff483d0a5e72455e4
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
94c4f561af79ec3e608a1d2c9b58a9b05d39d0ace10c5e5b39532301f38d1ec6
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
acac1e69cd8e9ad785bf5b0cbe6a5ea752440b359f2adf8871a1602a990a875d
aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7
b258176e6b291343c18679962ab8658108451a22f12a5aecab106501d8bc091e
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
c5e52a948590226a9a789364ffa8171c33ba7f1749481b1a4a8b06162dd4c792
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc
ed9bf9e5fbbd1997782a53feedaab49a83f5b9c9c7b71707394692dc28a76bac

help.poweredsupport.com Open in urlscan Pro 2606:4700:3030::6815:1d5c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

791 kBTransfer

1281 kBSize

1 Cookies

38 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

Indicators

help.poweredsupport.com Open in urlscan Pro
2606:4700:3030::6815:1d5c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

791 kB
Transfer

1281 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!