steampowered-ticket.help
Open in
urlscan Pro
81.200.157.246
Malicious Activity!
Public Scan
Submission Tags: phishingrod
Submission: On December 26 via api from DE — Scanned from PL
Summary
TLS certificate: Issued by R3 on December 25th 2023. Valid for: 3 months.
This is the only time steampowered-ticket.help was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 81.200.157.246 81.200.157.246 | 200088 (ARTNET2) (ARTNET2) | |
1 | 172.64.145.151 172.64.145.151 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 92.122.104.90 92.122.104.90 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 149.102.225.41 149.102.225.41 | 212238 (CDNEXT) (CDNEXT) | |
21 | 4 |
ASN200088 (ARTNET2, PL)
PTR: 2344847-cq90239.twc1.net
steampowered-ticket.help |
ASN16625 (AKAMAI-AS, US)
PTR: a92-122-104-90.deploy.static.akamaitechnologies.com
help.steampowered.com |
ASN212238 (CDNEXT, GB)
PTR: unn-149-102-225-41.datapacket.com
overgreen.money |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
steampowered-ticket.help
steampowered-ticket.help |
498 KB |
5 |
steampowered.com
help.steampowered.com — Cisco Umbrella Rank: 43790 |
117 KB |
1 |
overgreen.money
overgreen.money |
394 B |
1 |
steamstatic.com
cdn.cloudflare.steamstatic.com — Cisco Umbrella Rank: 14701 |
34 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
14 | steampowered-ticket.help |
steampowered-ticket.help
|
5 | help.steampowered.com |
steampowered-ticket.help
|
1 | overgreen.money |
steampowered-ticket.help
|
1 | cdn.cloudflare.steamstatic.com |
steampowered-ticket.help
|
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
steampowered-ticket.help R3 |
2023-12-25 - 2024-03-24 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-18 - 2024-05-17 |
a year | crt.sh |
store.steampowered.com DigiCert SHA2 Extended Validation Server CA |
2023-12-05 - 2024-12-05 |
a year | crt.sh |
overgreen.money R3 |
2023-12-20 - 2024-03-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://steampowered-ticket.help/
Frame ID: D344E1C392BBFB2A2E02E2E10126F00B
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
steampowered-ticket.help/ |
17 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
motiva_sans.css
steampowered-ticket.help/aboutme/ |
2 KB 882 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttons.css
steampowered-ticket.help/aboutme/ |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shared_global.css
steampowered-ticket.help/aboutme/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
help.css
steampowered-ticket.help/aboutme/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shared_responsive.css
steampowered-ticket.help/aboutme/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_valve_footer.png
steampowered-ticket.help/aboutme/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_menu_hamburger.png
steampowered-ticket.help/aboutme/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_logo.png
steampowered-ticket.help/aboutme/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_steam.svg
steampowered-ticket.help/aboutme/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.jpg
cdn.cloudflare.steamstatic.com/steam/apps/730/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
at1hzoa6sfye.js
steampowered-ticket.help/ |
326 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue_body_top.jpg
help.steampowered.com/public/images/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue_body_repeat.jpg
help.steampowered.com/public/images/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_header_installsteam_download.png
help.steampowered.com/public/shared/images/header/ |
291 B 595 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_arrow_down_padded.png
help.steampowered.com/public/shared/images/popups/ |
161 B 464 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_right.png
help.steampowered.com/public/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MotivaSans-Thin.ttf
steampowered-ticket.help/aboutme/ |
116 KB 116 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MotivaSans-Light.ttf
steampowered-ticket.help/aboutme/ |
120 KB 120 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MotivaSans-Regular.ttf
steampowered-ticket.help/aboutme/ |
120 KB 120 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dfdxuojdxogxlnvqknmbnnxpjrkaybohcwiaixwjduvkin
overgreen.money/ |
49 B 394 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| m0_0x2c06 function| m0_0x71b3 function| toggleA0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.cloudflare.steamstatic.com
help.steampowered.com
overgreen.money
steampowered-ticket.help
149.102.225.41
172.64.145.151
81.200.157.246
92.122.104.90
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
18af5ae91365e0ef0d029cac6cd819377bc1daef5f4d55dbe9767c10c86adf29
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
31e4fd3dcbc5418dd2304b8db15d59c0ecaac3e816168864f9f369ccacc385e2
3339d1a5105301625790087bf08dc0a6e64bd6221a7c83d3ddfc0c8823c70330
3d60645c8fdddc4bfe8a9e55dc1b4650311b2e8220f221908c8ef1cd94f067fa
6521ad70433df34026ee0073b0a5ba1d73b3c9b8c4cec53180e7f864a7c38e56
68208ab22cddf542edb6ecefeb31a487efd19a1fa4fb31b2407a233a82b36a26
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
831617f58d6b51a4a752522db34cfe08233c23e28efa1e2b8f10286d318ea56e
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
aeacbf69f083c220da60b8994c08cf8cd1505a62a0df5a7c0a9aa4f258bab1e7
b258176e6b291343c18679962ab8658108451a22f12a5aecab106501d8bc091e
b28743e6de130e07a10a9cc236153bbd8112b7e8b210151379121eebdf5f9a24
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
e4c6f3fb5e060fc7cb3f543ef8175b0fcd427fdc9deea1a467ce835e8255375c
eeb94f0cc335386630227c2832e42548f130ece774400832f4d540c4bcc1a867
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa