auxingame.com
Open in
urlscan Pro
2606:4700:3032::6815:586d
Malicious Activity!
Public Scan
Submission Tags: https://sinking.yachts sinking-yachts phishing Search All
Submission: On March 23 via api from CZ — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 8th 2024. Valid for: 3 months.
This is the only time auxingame.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2606:4700:303... 2606:4700:3032::6815:586d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 95.101.149.47 95.101.149.47 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
12 | 172.64.145.151 172.64.145.151 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 8 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-47.deploy.static.akamaitechnologies.com
store.steampowered.com |
ASN13335 (CLOUDFLARENET, US)
store.cloudflare.steamstatic.com | |
cdn.cloudflare.steamstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
auxingame.com
auxingame.com |
13 MB |
12 |
steamstatic.com
store.cloudflare.steamstatic.com — Cisco Umbrella Rank: 14348 cdn.cloudflare.steamstatic.com — Cisco Umbrella Rank: 7745 |
374 KB |
2 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 78 |
67 KB |
1 |
steampowered.com
store.steampowered.com — Cisco Umbrella Rank: 4520 |
4 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1728 |
252 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
90 KB |
34 | 8 |
Domain | Requested by | |
---|---|---|
15 | auxingame.com |
auxingame.com
|
11 | store.cloudflare.steamstatic.com |
store.steampowered.com
store.cloudflare.steamstatic.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.cloudflare.steamstatic.com |
store.steampowered.com
|
1 | www.youtube.com |
auxingame.com
|
1 | store.steampowered.com |
auxingame.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
auxingame.com
|
1 | www.googletagmanager.com |
auxingame.com
|
34 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
cdn.discordapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
auxingame.com GTS CA 1P5 |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
store.steampowered.com DigiCert SHA2 Extended Validation Server CA |
2023-12-05 - 2024-12-05 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-18 - 2024-05-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://auxingame.com/
Frame ID: AC8DC7F4EE25A05BA6A488A7FAD0C1FC
Requests: 21 HTTP requests in this frame
Frame:
https://store.steampowered.com/widget/2601450/
Frame ID: BC41048F581E116775378FE182346FD8
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Auxin GameDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
MailChimp (Marketing Automation) Expand
Detected patterns
- <!-- Begin MailChimp Signup Form -->
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Download
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
auxingame.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
auxingame.com/www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
257 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
auxingame.com/ab/css/ |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min_html.js
auxingame.com/ajax.googleapis.com/ajax/libs/jquery/1.11.2/ |
17 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-2.7.2_html.js
auxingame.com/ajax.aspnetcdn.com/ajax/modernizr/ |
17 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Parallax.min.js
auxingame.com/ab/js/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iframe_api.js
auxingame.com/ |
993 B 1013 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
auxingame.com/ab/js/ |
655 B 711 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.jpg
auxingame.com/cdn.cloudflare.steamstatic.com/steam/apps/2601450/ |
58 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mc-validate_html.js
auxingame.com/s3.amazonaws.com/downloads.mailchimp.com/js/ |
17 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
niceduel.gif
auxingame.com/cdn.cloudflare.steamstatic.com/steam/apps/2601450/extras/ |
13 MB 13 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ss_2cea73a4233d4fa21bff00072f79966a41b59406.600x338.jpg
auxingame.com/cdn.cloudflare.steamstatic.com/steam/apps/2601450/ |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ss_b951629e4a7dbd81baab2c766a8b24ffbe9f94b0.600x338.jpg
auxingame.com/cdn.cloudflare.steamstatic.com/steam/apps/2601450/ |
92 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ss_b93599ea5b77e3ff212bc82382b7778f86875b48.600x338.jpg
auxingame.com/cdn.cloudflare.steamstatic.com/steam/apps/2601450/ |
106 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
store.steampowered.com/widget/2601450/ Frame BC41 |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
imagec2d0.png
auxingame.com/cdn.discordapp.com/attachments/1208837050623856691/1209490220433805312/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v32/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/ |
216 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
motiva_sans.css
store.cloudflare.steamstatic.com/public/shared/css/ Frame BC41 |
3 KB 741 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared_global.css
store.cloudflare.steamstatic.com/public/shared/css/ Frame BC41 |
85 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.css
store.cloudflare.steamstatic.com/public/shared/css/ Frame BC41 |
33 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
store.css
store.cloudflare.steamstatic.com/public/css/v6/ Frame BC41 |
133 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_widget.css
store.cloudflare.steamstatic.com/public/css/ Frame BC41 |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
game.css
store.cloudflare.steamstatic.com/public/css/v6/ Frame BC41 |
151 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.8.3.min.js
store.cloudflare.steamstatic.com/public/shared/javascript/ Frame BC41 |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
cdn.cloudflare.steamstatic.com/steam/apps/2601450/ Frame BC41 |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steam_ico.png
store.cloudflare.steamstatic.com/public/images/v6/ Frame BC41 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_platform_win.png
store.cloudflare.steamstatic.com/public/images/v6/ Frame BC41 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MotivaSans-Regular.ttf
store.cloudflare.steamstatic.com/public/shared/fonts/ Frame BC41 |
120 KB 120 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MotivaSans-Light.ttf
store.cloudflare.steamstatic.com/public/shared/fonts/ Frame BC41 |
120 KB 120 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
task.url
Submitted on
March 23rd 2024, 1:14:52 am
UTC —
From Czech Republic
Threats:
Phishing
Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| Parallax undefined| $mcj object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.auxingame.com/ | Name: _ga_4CXTY239DV Value: GS1.1.1711156484.1.0.1711156484.0.0.0 |
|
.auxingame.com/ | Name: _ga Value: GA1.1.764265949.1711156485 |
|
store.steampowered.com/ | Name: sessionid Value: 9b7f071c0ef2cf4143921005 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auxingame.com
cdn.cloudflare.steamstatic.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
store.cloudflare.steamstatic.com
store.steampowered.com
www.googletagmanager.com
www.youtube.com
172.64.145.151
2001:4860:4802:34::36
2606:4700:3032::6815:586d
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:827::200a
95.101.149.47
002a954accb6a2771008cc4314d450a069f5b09fc2b560561a41868bfbc9612f
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
1f0e71345bed5c8b09a5f645031c3577dffd9420ef7515fbbd84736a5a104172
20a5e17e3befa6a2ea0ebe737b43bd9a3859d92f0633544f107b261f8c45b8b1
24a6ddc71f3d94fd9bcd29b7540b49f299a1ca78986464aeb47291fdea955e35
2c4f7184c9bbac5e84c513cff80345c65b346778077d546974d2d82db228d59e
3a75131c0f0b23d88cd5a621cd541335ec42d6cee5ee3838e8712d7ab32e9b6c
3d1c7a96ab2b3c5f1947843f6d3801f2b2bf60ba301ac2a6735331d667c5ec09
3fa45dca3049f35f614432213eda32b1f04c3f2189bfcc6d5a59af8c73187a1b
44abc0a159ae3dbface6ecec68447d666168e623e1045a077574c160f256563b
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4e66226862ceb047807613b174dd3fac346475e70a0d10dc2aac65eba6bd2d24
5b30184dfe00661434d5420500133935a0188e2bb2ab079ddcff496166c98107
63ec62645f1c98daca78073971edf8d996af9d62cea4059cec343687d5a152dc
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
70460173ed836846def4adedb3792a48158fbb1c3c91fdea06bddef998c6357f
7b456ef87383967d7b709a1facaf1ad2581307f61bfed51eb272ee48f01e9544
7dc58d3fc62a0390b9e25476920d9f7cbf6edb1da7938fa533518b9ab8eacd71
88cb225bfa474b949019ecad8fc7744d6f94a6474ad7f9920cb215633e3ab912
8d6ea1d48ef0fcb5539a50d14a4ea718d9bfba777cffdc4598bc126ae1cee58a
9351f44c70e737af62552bdb63791ddecd40e303dafb406478bfcf0dcc44bef3
940e4053962c7f7013b070808a73128060dad7df76daaf482108bfb478118ded
aac4773060db9b24b12f105a903c92300d5aaabcf9a08cbf72a3418e92bb78da
afb487cb0927509900a94f5fe65e9fa66c264a1524d21dd7afaa4c75386e2dd2
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bf23cc242135c8c7463fab041335272ba5327d1236553d16e56d5fad5915a575
c8b7555aec027a2adddfd46c3efd04a146c8d537acf9e0ec5a397b52303e8d9a
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
dbc01abfde39ecb3781309d42e48750ca91a7e8b720e507da29429f2f08c2d7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855