steamcormuninty.ru
Open in
urlscan Pro
2606:4700:3033::ac43:caec
Malicious Activity!
Public Scan
Effective URL: https://steamcormuninty.ru/gift/765622905294217733
Submission: On December 08 via manual from BG — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 7th 2023. Valid for: 3 months.
This is the only time steamcormuninty.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Steam (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 45.130.41.96 45.130.41.96 | 198610 (BEGET-AS) (BEGET-AS) | |
15 | 2606:4700:303... 2606:4700:3033::ac43:caec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:600... 2a04:4e42:600::649 | 54113 (FASTLY) (FASTLY) | |
1 | 2001:4860:480... 2001:4860:4802:34::15 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:480... 2a02:26f0:480:e::210:f106 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
20 | 6 |
ASN198610 (BEGET-AS, RU)
PTR: ssl.crusader.beget.com
kurl.ru |
ASN20940 (AKAMAI-ASN1, NL)
steamuserimages-a.akamaihd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
steamcormuninty.ru
steamcormuninty.ru |
848 KB |
1 |
akamaihd.net
steamuserimages-a.akamaihd.net — Cisco Umbrella Rank: 28128 |
290 KB |
1 |
svgur.com
svgur.com |
2 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 735 |
112 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204 |
28 KB |
1 |
kurl.ru
1 redirects
kurl.ru |
346 B |
20 | 6 |
Domain | Requested by | |
---|---|---|
15 | steamcormuninty.ru |
steamcormuninty.ru
|
1 | steamuserimages-a.akamaihd.net |
steamcormuninty.ru
|
1 | svgur.com |
steamcormuninty.ru
|
1 | code.jquery.com |
steamcormuninty.ru
|
1 | cdnjs.cloudflare.com |
steamcormuninty.ru
|
1 | kurl.ru | 1 redirects |
20 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
steamcormuninty.ru GTS CA 1P5 |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
svgur.com GTS CA 1D4 |
2023-11-23 - 2024-02-21 |
3 months | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-16 - 2024-05-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://steamcormuninty.ru/gift/765622905294217733
Frame ID: 15E62CA9E1C740D20ED0E8B8684CE375
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Sign InPage URL History Show full URLs
-
https://kurl.ru/MZcco
HTTP 301
https://steamcormuninty.ru/gift/765622905294217733 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://kurl.ru/MZcco
HTTP 301
https://steamcormuninty.ru/gift/765622905294217733 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
765622905294217733
steamcormuninty.ru/gift/ Redirect Chain
|
954 KB 699 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad988eea2ab21d803a09a7828b87531b03b1df11d31b.css
steamcormuninty.ru/fe6d6fc98675d6e4e3cbf164d614ffb574124d0e5cd4/ |
20 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6bd904eb991812488107248568b87f7f5c86cb99cadc.css
steamcormuninty.ru/fe6d6fc98675d6e4e3cbf164d614ffb574124d0e5cd4/ |
75 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c5a5151fe236ef7acc5d888d6b43467cd9c7f44fed75.css
steamcormuninty.ru/fe6d6fc98675d6e4e3cbf164d614ffb574124d0e5cd4/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2b6fd384d309402f7ce42733329dd896c47506d31696.css
steamcormuninty.ru/fe6d6fc98675d6e4e3cbf164d614ffb574124d0e5cd4/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c8df189aa3310823049191ffa078368ab6f6ae680428.css
steamcormuninty.ru/fe6d6fc98675d6e4e3cbf164d614ffb574124d0e5cd4/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d7b4d821ebd8d45decb0e06987a1857a7951e1c5d0a8.css
steamcormuninty.ru/fe6d6fc98675d6e4e3cbf164d614ffb574124d0e5cd4/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0266cde157ee791249a46dce4bf02cdbfe2ce1ada305.css
steamcormuninty.ru/3569bdc8c5c3b0347cc95678f47faf062d593cafc70a/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6873bf8c46615e4fe0a0d7e51eaf773987696c808055.css
steamcormuninty.ru/3569bdc8c5c3b0347cc95678f47faf062d593cafc70a/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53236d8df959cddd09191c143b6f70d9df7040245b7d.css
steamcormuninty.ru/3569bdc8c5c3b0347cc95678f47faf062d593cafc70a/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f8499c1f4ede7848881ce76d39b491ee47ce5b2cc1b4.css
steamcormuninty.ru/3569bdc8c5c3b0347cc95678f47faf062d593cafc70a/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a5798eaec0377dae5ae94e8087dbf6fa3548702dbbea.css
steamcormuninty.ru/3569bdc8c5c3b0347cc95678f47faf062d593cafc70a/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
632ef8f3a1618966e1612b979b57d82f6a19b820007e.css
steamcormuninty.ru/3569bdc8c5c3b0347cc95678f47faf062d593cafc70a/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
86 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
code.jquery.com/ui/1.11.3/ |
459 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tkh.svg
svgur.com/i/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
39a0ab51259c5dcf7ef5e4b9adec6a4bf305843c0a38.js
steamcormuninty.ru/721a1be2a85a200e935bdcc1021cc99fc47c4ea21cd8/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e8322f654e8f609d5b543868a0a8ef9a0766c95aaeef.js
steamcormuninty.ru/6bc9307ab19cfd4d73274908f06f4cee7c8f2bc3b807/ |
313 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
steamuserimages-a.akamaihd.net/ugc/1857169464518071324/B59EEE35C466E504AE4BA77F264FE482DED69A15/ |
289 KB 290 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
126 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
50 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
metrica.php
steamcormuninty.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
397 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
164 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- steamcormuninty.ru
- URL
- https://steamcormuninty.ru/metrica.php?method=LoadedCount&url=https%3A%2F%2Fsteamcormuninty.ru%2Fgift%2F765622905294217733
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Steam (Gaming)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery string| domain2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kurl.ru/ | Name: PHPSESSID Value: d6770e49670fd2ce4cdf7aba5c8020c9 |
|
kurl.ru/ | Name: short_268497 Value: 1 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
kurl.ru
steamcormuninty.ru
steamuserimages-a.akamaihd.net
svgur.com
steamcormuninty.ru
2001:4860:4802:34::15
2606:4700:3033::ac43:caec
2606:4700::6811:180e
2a02:26f0:480:e::210:f106
2a04:4e42:600::649
45.130.41.96
02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
273c20f1baf5f9dea82b8a5f9ef8e525cfa4a9405f7ce66a59f90f0c5d366d54
2cbd794a6e921c001bf88e6bae14f340edcede19484fb09df083e24d15503549
497aa81906d9174fe9fad60157cd7e425ac595480606187bfd79587e8cebde26
4d6741cbdfc174d457e447c2f7c5318803cbbc460a9ea0c2ab37e597ee7f24a5
55f5888a748de265df87db0a7a25b5b667bb107688dee2f821758340df21f250
5638af2be5b3f870b92758c6537349a737c7f218af3c99885856a47e1293d53a
5af3161cbd635bc309009c10a421f6918c18ecddfb9ab64fc12cf53012b75718
5f252583f194853b942c066de3fbc22c53a1e80f42d9b8ae176e598de22a1020
6a13129c52b4af929efe3e1fddeceb315a4f8038ad01c469f8d45d5c19483ac9
915f54940345cde82bd6daee2127791d7c86cdf003822c752ad0d1f97329ca03
c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e
dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4
e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d
ea28a1b6e2062469b40a7d82f305034ab64176eaa414ed4c8c55a32a14fdfe89
f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3