steamcommunityusa.com
Open in
urlscan Pro
2606:4700:3037::6815:3b80
Malicious Activity!
Public Scan
Effective URL: https://steamcommunityusa.com/
Submission Tags: @phishunt_io
Submission: On November 17 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on November 16th 2023. Valid for: 3 months.
This is the only time steamcommunityusa.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3030::ac43:b183 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3037::6815:3b80 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 2606:4700:303... 2606:4700:3033::ac43:895f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
steamcomunityusa.com
steamcomunityusa.com |
1017 KB |
2 |
steamcommunityusa.com
1 redirects
steamcommunityusa.com |
2 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | steamcomunityusa.com |
steamcommunityusa.com
steamcomunityusa.com |
2 | steamcommunityusa.com | 1 redirects |
17 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
steamcommunityusa.com GTS CA 1P5 |
2023-11-16 - 2024-02-14 |
3 months | crt.sh |
steamcomunityusa.com GTS CA 1P5 |
2023-11-16 - 2024-02-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://steamcommunityusa.com/
Frame ID: FB928E5248B47EEDFB4816A5EC7C12DC
Requests: 1 HTTP requests in this frame
Frame:
https://steamcomunityusa.com/b8574
Frame ID: B54042712C0492EB8F9697FC2C6DC3B4
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Steam CommunityPage URL History Show full URLs
-
http://steamcommunityusa.com/
HTTP 301
https://steamcommunityusa.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://steamcommunityusa.com/
HTTP 301
https://steamcommunityusa.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
steamcommunityusa.com/ Redirect Chain
|
734 B 944 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b8574
steamcomunityusa.com/ Frame B540 |
122 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a6988b0.css
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
40 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52464ae.js
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
93 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9a7c3e0.js
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
1 MB 435 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9652ba3.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
974 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8c0803b.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5a1d1ff.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bb550a7.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ff43544.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
40a3f10.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
986 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
022f804.png
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
297 B 752 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame B540 |
61 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f8ab146.jpg
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fd4df15.woff2
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a5e8d84.ttf
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
116 KB 116 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb8f889.ttf
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
120 KB 120 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fd868e1.ttf
steamcomunityusa.com/be408d2e9/0c5a7/ Frame B540 |
121 KB 122 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame B540 |
85 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame B540 |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| unlockPage string| h object| j function| m object| k number| g number| f string| c string| b function| n0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
steamcommunityusa.com
steamcomunityusa.com
2606:4700:3030::ac43:b183
2606:4700:3033::ac43:895f
2606:4700:3037::6815:3b80
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
15fd9a09d7406d988265667b2ea80f5fcc8b46a9a4660404f6e67b5f35f0d438
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
225edf54855697e6207ba9bded4d041d824e44c7c842f2803ede51764a9e54ab
24b00ed5229b78b93c4d7f9a884ca573b9dc908e5f7ad773fcfa48c4c0aec227
30aa0af04b9363d6f32d354b564dd6fc98d5b350f6fea7086c41b5b1b2f1baa0
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
4675a8ce063f9f5885a692f7a273acf7eeb800abca14aac75b6707b689532f04
494b812231b9d2d68b3ce82286bd4c5b449469037d7bd498c241c337eb2666ee
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4cf7dea803e6fa625b451fc6eee4aab95d4d4fa640b62b924b57a39dae8967e3
5fa6444a1b9c378607e7fe125bce2950bf4c600680a02522a55af3d903363c14
85673c9e1c2b3640091db2f39d674849938fb056c94c99ee4265e954eea069f8
ac2637f35ea8cfd2cf75c89cddce8b5a7cafca14b017e5bf5c76c2a624902e36
b0c0fe0737158962973d5ae50c2c97297e52289714e052a945c7ba7f100ed313
b86f7c08459bcef306ed31201b4d994eb278b68f32907d861568e9090ee195da
c9a8bbcc1898b7ee267fc0792bc2293a4c959a9ad4637aac07bfbdc37a99a2d8
de867e10dbad1e99cbeb004914666a8d560e5105889f4ec174d6b2f1f00d04b1
e3e393ad594615255e4c5ed63744fe326ae65de61127f384e4b9fc65d0439040