counter-strike.games Open in urlscan Pro
185.234.10.154 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm
Submission Tags: tweet @noladefense #phishing #infosec #cybersecurity #フィッシング詐欺 #steam Search All
Submission: On April 10 via api (April 10th 2023, 11:19:10 am UTC) from FI — Scanned from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.234.10.154, located in Russian Federation and belongs to HOSTKEY-AS, NL. The main domain is counter-strike.games.
TLS certificate: Issued by R3 on April 8th 2023. Valid for: 3 months.

This is the only time counter-strike.games was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address		AS Autonomous System
11	185.234.10.154 185.234.10.154		57043 (HOSTKEY-AS) (HOSTKEY-AS)
11	1

11 185.234.10.154 (Russian Federation)

ASN57043 (HOSTKEY-AS, NL)
PTR: 1376111-cq90239.tw1.ru

counter-strike.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	counter-strike.games counter-strike.games	689 KB
11	1

	Domain	Requested by
11	counter-strike.games	counter-strike.games
11	1

This site contains no links.

Subject Issuer	Validity	Valid
counter-strike.games R3	`2023-04-08` - `2023-07-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm
Frame ID: 736972AA3552A93FF796C8C3A5BC988B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Steam Community

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

689 kB
Transfer

686 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Show response counter-strike.games/	337 B 544 B	1191ms 139ms	Document text/html	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Full URL https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `8c00e46a1ce0d136f96c69b8156397fc5985b39dd2b2258584473372617e3abb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Connection keep-alive Content-Length 337 Content-Type text/html; charset=utf-8 Date Mon, 10 Apr 2023 11:18:45 GMT ETag W/"151-n50IUfIb3pVI6jY3zILQEcGjZy4" Keep-Alive timeout=5
GET H/1.1	200 OK	s.js Show response counter-strike.games/assets/s/	535 KB 536 KB	151ms 151ms	Script application/javascript	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Full URL https://counter-strike.games/assets/s/s.js Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `97be8491259f23ffee6251858bbd792763161f42431f69b1092748d2244f171a` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:45 GMT Last-Modified Mon, 03 Apr 2023 20:10:15 GMT ETag W/"85ded-18748bddfd0" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 548333
GET H/1.1	200 OK	btn_header_installsteam_download.png counter-strike.games/assets/s/img/	291 B 569 B	73ms 73ms	Image image/png	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/btn_header_installsteam_download.png Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"123-18748bde358" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 291
GET H/1.1	200 OK	btn_arrow_down_padded.png counter-strike.games/assets/s/img/	161 B 438 B	218ms 73ms	Image image/png	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/btn_arrow_down_padded.png Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"a1-18748bde1dc" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 161
GET H/1.1	200 OK	MotivaSans-Regular.ttf counter-strike.games/assets/s/fonts/	120 KB 120 KB	147ms 74ms	Font font/ttf	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Full URL https://counter-strike.games/assets/s/fonts/MotivaSans-Regular.ttf Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14` Request headers Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Origin https://counter-strike.games accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"1df3c-18748bde260" Content-Type font/ttf Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 122684
GET H/1.1	200 OK	header_menu_hamburger.png counter-strike.games/assets/s/img/	4 KB 4 KB	211ms 73ms	Image image/png	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/header_menu_hamburger.png Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"ec1-18748bde314" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3777
GET H/1.1	200 OK	header_logo.png counter-strike.games/assets/s/img/	11 KB 11 KB	216ms 72ms	Image image/png	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/header_logo.png Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:17 GMT ETag W/"2a6f-18748bde5a4" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 10863
GET H/1.1	200 OK	logo_steam.svg counter-strike.games/assets/s/img/	4 KB 4 KB	289ms 144ms	Image image/svg+xml	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/logo_steam.svg Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:17 GMT ETag W/"e64-18748bde670" Content-Type image/svg+xml Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3684
GET H/1.1	200 OK	sits_landing.png counter-strike.games/assets/s/img/	5 KB 6 KB	224ms 144ms	Image image/png	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/sits_landing.png Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"1547-18748bde418" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 5447
GET H/1.1	200 OK	throbber.gif counter-strike.games/assets/s/img/	3 KB 3 KB	148ms 144ms	Image image/gif	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/throbber.gif Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"c88-18748bde420" Content-Type image/gif Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3208
GET H/1.1	200 OK	footerLogo_valve.png counter-strike.games/assets/s/img/	4 KB 4 KB	138ms 74ms	Image image/png	185.234.10.154 HOSTKEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://counter-strike.games/assets/s/img/footerLogo_valve.png Requested by Host: counter-strike.games URL: https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.234.10.154 , Russian Federation, ASN57043 (HOSTKEY-AS, NL), Reverse DNS 1376111-cq90239.tw1.ru Software / Resource Hash `ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1` Request headers accept-language es-ES,es;q=0.9 Referer https://counter-strike.games/sffnqjmrvtagxdrnopeoslgqnmmavvpkcxcwm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 11:18:46 GMT Last-Modified Mon, 03 Apr 2023 20:10:16 GMT ETag W/"e99-18748bde314" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3737

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| gj_0x35e2 function| gj_0x2e33 function| $changeLanguage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter-strike.games
185.234.10.154
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
8c00e46a1ce0d136f96c69b8156397fc5985b39dd2b2258584473372617e3abb
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
97be8491259f23ffee6251858bbd792763161f42431f69b1092748d2244f171a
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

counter-strike.games Open in urlscan Pro 185.234.10.154 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

689 kBTransfer

686 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

counter-strike.games Open in urlscan Pro
185.234.10.154 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

689 kB
Transfer

686 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!