gtm.you1.cn
Open in
urlscan Pro
47.57.233.162
Malicious Activity!
Public Scan
Submission: On August 22 via api from US — Scanned from US
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on July 29th 2024. Valid for: 3 months.
This is the only time gtm.you1.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
32 | 47.57.233.162 47.57.233.162 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
2 | 23.55.243.82 23.55.243.82 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:141b:700... 2600:141b:7000::173f:f04a | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
35 | 3 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gtm.you1.cn |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-243-82.deploy.static.akamaitechnologies.com
cdn.akamai.steamstatic.com |
ASN20940 (AKAMAI-ASN1, NL)
avatars.akamai.steamstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
you1.cn
gtm.you1.cn |
655 KB |
3 |
steamstatic.com
cdn.akamai.steamstatic.com — Cisco Umbrella Rank: 8977 avatars.akamai.steamstatic.com — Cisco Umbrella Rank: 14032 |
154 KB |
35 | 2 |
Domain | Requested by | |
---|---|---|
32 | gtm.you1.cn |
gtm.you1.cn
|
2 | cdn.akamai.steamstatic.com |
gtm.you1.cn
|
1 | avatars.akamai.steamstatic.com |
gtm.you1.cn
|
35 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gtm.you1.cn Encryption Everywhere DV TLS CA - G2 |
2024-07-29 - 2024-10-27 |
3 months | crt.sh |
cdn.akamai.steamstatic.com R11 |
2024-06-13 - 2024-09-11 |
3 months | crt.sh |
avatars.akamai.steamstatic.com R11 |
2024-08-15 - 2024-11-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gtm.you1.cn/id/mayziegrobe/gamecards/1562430?l=dutch
Frame ID: DDAD8A2E878D587EE4299322B5FDE80F
Requests: 35 HTTP requests in this frame
Screenshot
Detected technologies
Prototype (JavaScript Frameworks) ExpandDetected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
script.aculo.us (JavaScript Libraries) Expand
Detected patterns
- /(?:scriptaculous|protoaculous)(?:\.js|/)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1562430
gtm.you1.cn/id/mayziegrobe/gamecards/ |
30 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
motiva_sans.css
gtm.you1.cn/public/shared/css/ |
2 KB 791 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.css
gtm.you1.cn/public/shared/css/ |
33 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_global.css
gtm.you1.cn/public/shared/css/ |
84 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
globalv2.css
gtm.you1.cn/public/css/ |
38 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
economy.css
gtm.you1.cn/public/css/skin_1/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
profilev2.css
gtm.you1.cn/public/css/skin_1/ |
87 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
badges.css
gtm.you1.cn/public/css/skin_1/ |
25 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gamecard_crafting.css
gtm.you1.cn/public/css/skin_1/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_responsive.css
gtm.you1.cn/public/shared/css/ |
19 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.css
gtm.you1.cn/public/css/skin_1/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prototype-1.7.js
gtm.you1.cn/public/javascript/ |
165 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_combined.js
gtm.you1.cn/public/javascript/scriptaculous/ |
119 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.js
gtm.you1.cn/public/javascript/ |
48 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.1.min.js
gtm.you1.cn/public/javascript/ |
94 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tooltip.js
gtm.you1.cn/public/shared/javascript/ |
16 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_global.js
gtm.you1.cn/public/shared/javascript/ |
151 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
economy_common.js
gtm.you1.cn/public/javascript/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
economy.js
gtm.you1.cn/public/javascript/ |
145 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
profile.js
gtm.you1.cn/public/javascript/ |
27 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
badges.js
gtm.you1.cn/public/javascript/ |
42 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_responsive_adapter.js
gtm.you1.cn/public/shared/javascript/ |
24 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_valve_footer.png
gtm.you1.cn/public/shared/images/responsive/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_menu_hamburger.png
gtm.you1.cn/public/shared/images/responsive/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_logo.png
gtm.you1.cn/public/shared/images/responsive/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_steam.svg
gtm.you1.cn/public/shared/images/header/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4570f7a4bb2825aa3c2de09e225d0fb286ac65ae.png
cdn.akamai.steamstatic.com/steamcommunity/public/images/items/1037910/ |
144 KB 144 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1a1e5854b52eaaaede61fa563d149dc2cd42ed4a_medium.jpg
avatars.akamai.steamstatic.com/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1d8680caa4dc6859bef6e14804901dc652587cfa.png
cdn.akamai.steamstatic.com/steamcommunity/public/images/items/1562430/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IzMF03bk9WpSBq-S-ekoE33L-iLqGFHVaU25ZzQNQcXdA3g5gMEPvUZZEfSMJ6dESN8p_2SVTY7V2NgKwnEImz4QPivs0XEwUe1pc-3P0w32ruyKGWaxYTrFKCSESVppGeYKPDqP-jX2tOqTSzjPQbwlFw8NdaYGpjAcPJqKbRM4gYUJ_yuomUM7HBk6dsBUTwa2y...
gtm.you1.cn/economy/image/ |
79 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IzMF03bk9WpSBq-S-ekoE33L-iLqGFHVaU25ZzQNQcXdA3g5gMEPvUZZEfSMJ6dESN8p_2SVTY7V2NgKwnEImz4QPivs0XEwUe1pc-bH2Qrp5-uAHXPyNTTCdiLbGAg8HLZXNTvR_zKh4eyVFzjOQL0tS1sCKaoD8WdAOcHcNxEjlNlc7We3hUB4DCkhf8RBdVLpn...
gtm.you1.cn/economy/image/ |
79 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IzMF03bk9WpSBq-S-ekoE33L-iLqGFHVaU25ZzQNQcXdA3g5gMEPvUZZEfSMJ6dESN8p_2SVTY7V2NgKwnEImz4QPivs0XEwUe1pc_jOyRXss-uKFGCxYTrFKCSESww9ReIIN2_Yq2D27OzBQzzNQ7wkRAAMdaNW9jJLPs7dakZu1YQPqCuomUM7HBk6dsBUTwa2y...
gtm.you1.cn/economy/image/ |
88 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IzMF03bk9WpSBq-S-ekoE33L-iLqGFHVaU25ZzQNQcXdA3g5gMEPvUZZEfSMJ6dESN8p_2SVTY7V2NgKwnEImz4QPivs0XEwUe1pc-fPxw3vqe2YD3G8QzLBPyTLWldlHOQLOGza_zCl5uySRz2fELosQQkGL6cFozFJbMyON0Rv0tMP8z3szkd7SkBmYstBNg202...
gtm.you1.cn/economy/image/ |
700 B 700 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IzMF03bk9WpSBq-S-ekoE33L-iLqGFHVaU25ZzQNQcXdA3g5gMEPvUZZEfSMJ6dESN8p_2SVTY7V2NgKwnEImz4QPivs0XEwUe1pc-jJzAn-ovaCDjL-ZTbDKnyKGFg7TrRZZzra9jal4rjHQTjLQu4uQFxRKKMFoGRNOMvcNxtu1IUK5XW2kAJ_EQQsd9d5eQK6z...
gtm.you1.cn/economy/image/ |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footerLogo_valve.png
gtm.you1.cn/public/images/skin_1/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| __PrototypePreserve object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ function| Selector string| VALVE_PUBLIC_PATH object| Scriptaculous object| Effect object| Autocompleter object| Control object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gtm.you1.cn/ | Name: sessionid Value: 0ba3c9ee4ce326b88027a031 |
|
gtm.you1.cn/ | Name: steamCountry Value: HK%7C3af08add26c3b25cccc13631b6f22cf2 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ; |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avatars.akamai.steamstatic.com
cdn.akamai.steamstatic.com
gtm.you1.cn
23.55.243.82
2600:141b:7000::173f:f04a
47.57.233.162
01033f4dcb6e604ae5d4a224f0f6c1cee544d33b339f9469b498ebd3286346b8
13a528ccbea8400653fc0e1fa45d3c3e4c79ed994d2ec8193eb772e32ee802f0
13dc96a38051c7265fc09c2d6715c6a1b24dfa215ae7d05334db48844b3a1f5a
17930cb46dd1fe195dac437b9d0c3c5284917414611cf323c7160134c90412d1
1befb2fc5af9ef88487c3a3a2b6689955e293dee75f7e4d2b9be6ce472374740
44ca3193862ffdda5d3f69975ddc41bb1d07cc473c698565a444c6d375ebe65d
5156a168201376b874ea72dd1fb44de377794234e033e26dbf62b803de4b4370
519002863ae8a3fbd9481b81bdc9d1dffd1f1e6493030639f619366ea62d347f
522d1e31cc7725e86de4ec738fd77b33f93b822912aa3699b64b36e64f5e18a0
5ae2a21c48d436aae0e7a180a10bffb5cc6ecb256b2ca880582a182577156679
5cfc5e9cc0238b8222c62247cfa3a950e23085495e32a6e563a082f1893351ee
5dc1481be087f29bb67a0b49be113a0bb50e2230ddcc3d3c69ac9f3a1c0c20f1
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
71f9b8dac23e898c336cbaddb7e8c957d883ee81690c76f2dba82d8f6eed7703
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
a3b6f1dafe9b802dc14a7d8a843cf754e7f26351b96d52c0d759cf4ce2ad13ea
aa8fc6d94f0200872306240392602befddf39899de703d0df685c5200e876e83
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
b174b82996bf83140e2038ca17d6d6134bdcb3250a1517beaffb13a2b887c6b5
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
ca2d6462ca23986b2303f2623858cd35aacaec5a79559917276dde9ae93d90c1
d18578ba26b39897d832a11c641f50631e6640cb662531607c6aad5ffce937fd
d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96
da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c
dce32244dc2ce4b6c21dd682eb084db723addb0e5ccf97c2c22543461f11ebeb
e22307bf09c5484500209edb91c734a92962194323ee4d9c81beda49a0db5d81
e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661
ed17f925ec2e6b3947ca8c79c59deab077d8b3fe2a117763f190e048561078a0
f6c274f2b1b7562382048d702d42926b80091fcbee87d27a95ee50d416b9ba96
f6dc770e2691d65bd3a68b5340c943a7a9e5dae53b5d092d0969da7e59c01bf2
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
ff80db573407a9e92917a9902a9759eef528fa9517c1f7173c39638a40591940
ffff1de651d1693f46b52c8d23b4f925cb73396ea20a7d2c665e62e27b64a8b4