Report - steamcommulnilty.com/

Report Overview

Submitted URL
steamcommulnilty.com/
IP
194.58.112.174
ASN
#197695 Domain names registrar REG.RU, Ltd
Submitted
2024-04-18 14:44:50
Access
public
Website Title
steamcommulnilty.com
Final URL
steamcommulnilty.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
steamcommulnilty.com	unknown	2023-08-29	2023-08-29	2023-11-17	2.4 kB	67 kB	194.58.112.174
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-18	884 B	162 kB	142.250.74.72
parking.reg.ru	366165	2005-10-31	2012-07-03	2024-04-18	488 B	359 B	194.58.112.166
files.reg.ru	unknown	2005-10-31	2022-11-17	2024-04-18	1.0 kB	206 kB	194.67.72.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	steamcommulnilty.com	Sinkholed
2024-04-18	medium	steamcommulnilty.com	Sinkholed
2024-04-18	medium	steamcommulnilty.com	Sinkholed
2024-04-18	medium	steamcommulnilty.com	Sinkholed
2024-04-18	medium	steamcommulnilty.com	Sinkholed
2024-04-18	medium	steamcommulnilty.com	Sinkholed
2024-04-18	medium	steamcommulnilty.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	38 B	2023-04-11	2024-04-25
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 09:22:34 Last Seen2024-04-25 09:43:01 Times Seen349 Hash 5b057d8aa1e34436f8d5fd111b6491ce 02b8cad77321003b4b409e66834f858541576457 4ab09ea291b2663ca5bbf7dc04757e161bdbb7ce39a4add0865e5fd5458db231 Loading...

	unknown	42 B	2023-04-11	2024-04-25
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 09:22:34 Last Seen2024-04-25 09:43:01 Times Seen348 Hash 223df5584c6ae20363251af3f42518ca a9fc6f70a65fc4af507feebef6435dc898bcac3a 82839328e0573e00fd00bee3854b0f53cd9c83681558a65e7206f5d75cb1e4f8 Loading...

	steamcommulnilty.com/	62 B	2023-04-08	2024-04-25
Pretty URL steamcommulnilty.com/ IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-08 13:55:05 Last Seen2024-04-25 09:43:01 Times Seen320 Hash d82cd7daeb15c9d66ab83586ad873bd7 88ced76c0caae20c9018df03a7a128f7c794b68c 70ad95bf81a13ff13ea86c4a9acd099b6bde4a2046f44774367ad69d224e1047 Loading...

	www.googletagmanager.com/gtag/js?id=UA-3380909-25	202 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-3380909-25 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 16:44:50 Last Seen2024-04-18 16:44:51 Times Seen2 Hash 4d679f0cd83b0433676ea3bc686e73d9 b83470255be0d7d1fcdf077b997c0afdf334603a b47de625cde32e716b6c5c8096082008188ddb390fcd51cebdbe5859ca27d2c5 Loading...

	steamcommulnilty.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-01
Pretty URL steamcommulnilty.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-01 18:36:15 Times Seen343793 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	steamcommulnilty.com/	966 B	2024-04-18	2024-04-18
Pretty URL steamcommulnilty.com/ IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 16:44:50 Last Seen2024-04-18 16:44:50 Times Seen1 Hash e8be3615aea20b65a22fd3b6c2c98da0 bdae65f6234d0d8c67c005a19ebc53b156fb6cbb 75007d3141f9591bf9488bf848e59d5ab4cdc84231ed9a49e571c9c7f497f497 Loading...

	steamcommulnilty.com/manifest.js	1.5 kB	2023-06-30	2024-04-18
Pretty URL steamcommulnilty.com/manifest.js IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 16:30:07 Last Seen2024-04-18 16:44:51 Times Seen62 Hash 56fae0bac568b483dcc2660d398b0b81 902169633beb01d2e915f79328081486bdf2ab5e f8a7d2f73688a635d781a4cc3fc37cf79753eea9e0104c1830cd01d258b58b9a Loading...

	steamcommulnilty.com/head-scripts.js	85 kB	2023-06-30	2024-04-18
Pretty URL steamcommulnilty.com/head-scripts.js IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 16:30:07 Last Seen2024-04-18 16:44:51 Times Seen62 Hash 5a6e9207c5d4a3135403c4dcc3b16e0e c93c41491ff002c7ba01a85c03c78f45a8862915 7ca848a15a928e2eee8be707fbdbe88b0f4f9ac2f513f92d78d255f331b500eb Loading...

	steamcommulnilty.com/	929 B	2024-04-18	2024-04-18
Pretty URL steamcommulnilty.com/ IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 16:44:50 Last Seen2024-04-18 16:44:50 Times Seen1 Hash 8a5e801b2c31b5784e9ad99265e08a01 649b1d16cad2d699c5b9bf8a09d8403c09d9c4b0 4f8498105430570ef24b3bd77933ba73a90bb06253a65f54196918a9cd19fdde Loading...

	steamcommulnilty.com/	160 B	2023-07-14	2024-04-18
Pretty URL steamcommulnilty.com/ IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-14 11:50:54 Last Seen2024-04-18 16:44:50 Times Seen23 Hash 8003291bf8929bfb8db5919fd152bc4f 08ca35a263b834bedefa0bff274f0ce1798ba570 ca035b885cd77c5d7406bfa44a9ba6039ce96d0cc4f156053330dca49a0dc9ee Loading...

	steamcommulnilty.com/parking-rdap-auto.js	15 kB	2023-06-30	2024-04-18
Pretty URL steamcommulnilty.com/parking-rdap-auto.js IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 16:30:07 Last Seen2024-04-18 16:44:51 Times Seen46 Hash daacb0eadbbe89b15a54f55858a487ee 871c07c2fc8fed3b0d3e9484b829e87c25c87a49 48883fa5b4644faa17ff9ff6d093f8712df13bf9ec08fe8d707b7fe1355ab4b6 Loading...

	unknown	46 B	2023-04-18	2024-04-18
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-18 10:46:20 Last Seen2024-04-18 16:44:50 Times Seen36 Hash c49d56f44059c342bf0c1861ae3b6904 9778326eb13bb7caf7272efb71d0e3262676326f 466c504ae63ff78f98f291ab8d7fcc10a1e10b29c22251ba746e326d27fee79f Loading...

	steamcommulnilty.com/	0 B	2023-03-07	2024-05-01
Pretty URL steamcommulnilty.com/ IP 194.58.112.174 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 18:50:41 Times Seen37251336 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-01 18:36:15 Times Seen343288 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	parking.reg.ru/script/get_domain_data?domain_name=steamcommulnilty.com&rand=0.9200378858864183&callback=ondata	84 B	2024-04-18	2024-04-18
Pretty URL parking.reg.ru/script/get_domain_data?domain_name=steamcommulnilty.com&rand=0.9200378858864183&callback=ondata IP 194.58.112.166 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 16:44:50 Last Seen2024-04-18 16:44:51 Times Seen2 Hash f87e12ac14ab6e6556c20af188a4c14c c6ff79c0ba59d9a0495425304eb12b8a2b6c87dd 816d41533185bb356de99e0041ed96a30fc5fbc7ea76490e7ec50298f7393712 Loading...

	www.googletagmanager.com/gtag/js?id=G-45HVCLV3W6&l=dataLayer&cx=c	249 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-45HVCLV3W6&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 16:44:50 Last Seen2024-04-18 16:44:51 Times Seen2 Hash 305e3ecfece59dfb1d0cd6abc523b74d 83b5bd09161f77ce09e75931722086f5f7028272 508b4be0f99028bd48b9288ea717915a180fffc60c7bba1df4877c8f64b5e3f0 Loading...

HTTP Transactions (12)

URL IP Response Size

steamcommulnilty.com/

194.58.112.174

3.6 kB

URL User Request GET
steamcommulnilty.com/
IP
194.58.112.174:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6542)
Size
3.6 kB (3637 bytes)
Hash
6994aeb1d5754e3d7a2939c2a24e652f
f1afe1285afe196484ab0494ae801f97dab82827
99d5468108de0afe41d687c7a5693e361f33382ada16ed96262a4779925078f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 27 Oct 2023 07:37:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip

steamcommulnilty.com/

194.58.112.174

3.6 kB

URL User Request GET
steamcommulnilty.com/
IP
194.58.112.174:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6542)
Size
3.6 kB (3637 bytes)
Hash
6994aeb1d5754e3d7a2939c2a24e652f
f1afe1285afe196484ab0494ae801f97dab82827
99d5468108de0afe41d687c7a5693e361f33382ada16ed96262a4779925078f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 27 Oct 2023 07:37:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip

steamcommulnilty.com/parking-rdap-auto.css

194.58.112.174

200 OK

19 kB

URL GET HTTP/1.1
steamcommulnilty.com/parking-rdap-auto.css
IP
194.58.112.174:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/

File type
ASCII text, with very long lines (25481)
Size
19 kB (19019 bytes)
Hash
5cb7ab916f23ded6d433fd258bd397e9
fb2b82b8540817622e029dbd09043482b482aa8d
027a4d5ef25ed6d3cadeb7b2a3f2916602e33b6cf514e5b682d47d9e5fce2f64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /parking-rdap-auto.css HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: text/css
Content-Length: 19019
Last-Modified: Thu, 26 Oct 2023 07:37:01 GMT
Connection: keep-alive
ETag: "653a171d-4a4b"
Content-Encoding: gzip
Expires: Fri, 27 Oct 2023 07:37:01 GMT
Cache-Control: no-cache

steamcommulnilty.com/parking-rdap-auto.js

194.58.112.174

200 OK

4.3 kB

URL GET HTTP/1.1
steamcommulnilty.com/parking-rdap-auto.js
IP
194.58.112.174:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/

File type
JavaScript source, ASCII text, with very long lines (3635)
Size
4.3 kB (4278 bytes)
Hash
daacb0eadbbe89b15a54f55858a487ee
871c07c2fc8fed3b0d3e9484b829e87c25c87a49
48883fa5b4644faa17ff9ff6d093f8712df13bf9ec08fe8d707b7fe1355ab4b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /parking-rdap-auto.js HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: application/javascript
Content-Length: 4278
Last-Modified: Wed, 21 Jun 2023 10:27:34 GMT
Connection: keep-alive
ETag: "6492d096-10b6"
Content-Encoding: gzip
Expires: Thu, 22 Jun 2023 10:27:34 GMT
Cache-Control: no-cache

steamcommulnilty.com/manifest.js

194.58.112.174

200 OK

1.5 kB

URL GET HTTP/1.1
steamcommulnilty.com/manifest.js
IP
194.58.112.174:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/

File type
JavaScript source, ASCII text, with very long lines (1482), with no line terminators
Size
1.5 kB (1482 bytes)
Hash
56fae0bac568b483dcc2660d398b0b81
902169633beb01d2e915f79328081486bdf2ab5e
f8a7d2f73688a635d781a4cc3fc37cf79753eea9e0104c1830cd01d258b58b9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /manifest.js HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: application/javascript
Content-Length: 1482
Last-Modified: Wed, 21 Jun 2023 10:27:34 GMT
Connection: keep-alive
ETag: "6492d096-5ca"
Expires: Thu, 22 Jun 2023 10:27:34 GMT
Cache-Control: no-cache
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=UA-3380909-25

142.250.74.72

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-3380909-25
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://steamcommulnilty.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (72937 bytes)
Hash
4d679f0cd83b0433676ea3bc686e73d9
b83470255be0d7d1fcdf077b997c0afdf334603a
b47de625cde32e716b6c5c8096082008188ddb390fcd51cebdbe5859ca27d2c5

HTTP Headers

GET /gtag/js?id=UA-3380909-25 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 14:44:27 GMT
expires: Thu, 18 Apr 2024 14:44:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

steamcommulnilty.com/head-scripts.js

194.58.112.174

200 OK

19 kB

URL GET HTTP/1.1
steamcommulnilty.com/head-scripts.js
IP
194.58.112.174:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1406)
Size
19 kB (19126 bytes)
Hash
5a6e9207c5d4a3135403c4dcc3b16e0e
c93c41491ff002c7ba01a85c03c78f45a8862915
7ca848a15a928e2eee8be707fbdbe88b0f4f9ac2f513f92d78d255f331b500eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /head-scripts.js HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: application/javascript
Content-Length: 19126
Last-Modified: Wed, 21 Jun 2023 10:27:34 GMT
Connection: keep-alive
ETag: "6492d096-4ab6"
Content-Encoding: gzip
Expires: Thu, 22 Jun 2023 10:27:34 GMT
Cache-Control: no-cache

www.googletagmanager.com/gtag/js?id=G-45HVCLV3W6&l=dataLayer&cx=c

142.250.74.72

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-45HVCLV3W6&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://steamcommulnilty.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (88122 bytes)
Hash
305e3ecfece59dfb1d0cd6abc523b74d
83b5bd09161f77ce09e75931722086f5f7028272
508b4be0f99028bd48b9288ea717915a180fffc60c7bba1df4877c8f64b5e3f0

HTTP Headers

GET /gtag/js?id=G-45HVCLV3W6&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 14:44:27 GMT
expires: Thu, 18 Apr 2024 14:44:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

parking.reg.ru/script/get_domain_data?domain_name=steamcommulnilty.com&rand=0.9200378858864183&callback=ondata

194.58.112.166

200 OK

96 B

URL GET HTTP/1.1
parking.reg.ru/script/get_domain_data?domain_name=steamcommulnilty.com&rand=0.9200378858864183&callback=ondata
IP
194.58.112.166:443
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.reg.ru
Fingerprint33:E4:2B:56:55:E7:18:C3:BE:B7:69:ED:B2:D4:B8:9D:29:F1:A3:23
ValidityThu, 29 Feb 2024 06:29:54 GMT - Tue, 01 Apr 2025 06:29:53 GMT

File type
ASCII text, with no line terminators
Size
96 B (96 bytes)
Hash
f87e12ac14ab6e6556c20af188a4c14c
c6ff79c0ba59d9a0495425304eb12b8a2b6c87dd
816d41533185bb356de99e0041ed96a30fc5fbc7ea76490e7ec50298f7393712

HTTP Headers

GET /script/get_domain_data?domain_name=steamcommulnilty.com&rand=0.9200378858864183&callback=ondata HTTP/1.1
Host: parking.reg.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=86400
Expires: Fri, 19 Apr 2024 14:44:27 GMT
Content-Encoding: gzip

files.reg.ru/fonts/inter/Inter-SemiBold.woff2

194.67.72.33

200 OK

106 kB

URL GET HTTP/2
files.reg.ru/fonts/inter/Inter-SemiBold.woff2
IP
194.67.72.33:443
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.reg.ru
Fingerprint33:E4:2B:56:55:E7:18:C3:BE:B7:69:ED:B2:D4:B8:9D:29:F1:A3:23
ValidityThu, 29 Feb 2024 06:29:54 GMT - Tue, 01 Apr 2025 06:29:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 105804, version 1.0
Size
106 kB (105804 bytes)
Hash
007ad31a53f4ab3f58ee74f2308482ce
dfa9f8f3d79bf8a0001fe72eeadad0490cba59cc
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

HTTP Headers

GET /fonts/inter/Inter-SemiBold.woff2 HTTP/1.1
Host: files.reg.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://steamcommulnilty.com
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 14:44:27 GMT
content-length: 105804
access-control-allow-credentials: true
access-control-allow-origin: http://steamcommulnilty.com
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "007ad31a53f4ab3f58ee74f2308482ce"
last-modified: Tue, 25 Oct 2022 11:42:32 GMT
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-amz-meta-mtime: 1666084006
expires: Wed, 09 Apr 2025 14:44:27 GMT
cache-control: max-age=30758400
content-type: font/woff2
accept-ranges: bytes
X-Firefox-Spdy: h2

files.reg.ru/fonts/inter/Inter-Regular.woff2

194.67.72.33

200 OK

99 kB

URL GET HTTP/2
files.reg.ru/fonts/inter/Inter-Regular.woff2
IP
194.67.72.33:443
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.reg.ru
Fingerprint33:E4:2B:56:55:E7:18:C3:BE:B7:69:ED:B2:D4:B8:9D:29:F1:A3:23
ValidityThu, 29 Feb 2024 06:29:54 GMT - Tue, 01 Apr 2025 06:29:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 98868, version 1.0
Size
99 kB (98868 bytes)
Hash
dc131113894217b5031000575d9de002
f96348260751ea78b1d23e9557db297290bdaf28
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

HTTP Headers

GET /fonts/inter/Inter-Regular.woff2 HTTP/1.1
Host: files.reg.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://steamcommulnilty.com
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 14:44:27 GMT
content-length: 98868
access-control-allow-credentials: true
access-control-allow-origin: http://steamcommulnilty.com
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "dc131113894217b5031000575d9de002"
last-modified: Tue, 25 Oct 2022 11:42:32 GMT
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-amz-meta-mtime: 1666084006
expires: Wed, 09 Apr 2025 14:44:27 GMT
cache-control: max-age=30758400
content-type: font/woff2
accept-ranges: bytes
X-Firefox-Spdy: h2

steamcommulnilty.com/favicon.ico?1

194.58.112.174

200 OK

14 kB

URL GET HTTP/1.1
steamcommulnilty.com/favicon.ico?1
IP
194.58.112.174:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://steamcommulnilty.com/

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
14 kB (14134 bytes)
Hash
c79cecb75624b00f9e69b603e79bb4bd
7f68e4de425b71357d0c569a44cd2848754bb8f8
7fccb84339fd382be7267a5cf90e04e8fb96c99c82fecaa4a0ccbb36686bf5bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico?1 HTTP/1.1
Host: steamcommulnilty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://steamcommulnilty.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 14:44:27 GMT
Content-Type: image/x-icon
Content-Length: 14134
Last-Modified: Thu, 26 Oct 2023 07:37:01 GMT
Connection: keep-alive
ETag: "653a171d-3736"
Expires: Fri, 27 Oct 2023 07:37:01 GMT
Cache-Control: no-cache
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by