marketskins-d.buzz Open in urlscan Pro
94.130.167.163  Malicious Activity! Public Scan

URL: https://marketskins-d.buzz/login.php
Submission: On June 25 via manual from SK — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 30 HTTP transactions. The main IP is 94.130.167.163, located in Germany and belongs to HETZNER-AS, DE. The main domain is marketskins-d.buzz.
TLS certificate: Issued by R3 on June 24th 2023. Valid for: 3 months.
This is the only time marketskins-d.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 94.130.167.163 24940 (HETZNER-AS)
29 2606:4700:303... 13335 (CLOUDFLAR...)
30 3
Apex Domain
Subdomains
Transfer
29 14gkhwbgmhs.ru
14gkhwbgmhs.ru
934 KB
1 marketskins-d.buzz
marketskins-d.buzz
390 B
30 2
Domain Requested by
29 14gkhwbgmhs.ru marketskins-d.buzz
14gkhwbgmhs.ru
1 marketskins-d.buzz
30 2

This site contains no links.

Subject Issuer Validity Valid
marketskins-d.buzz
R3
2023-06-24 -
2023-09-22
3 months crt.sh
14gkhwbgmhs.ru
E1
2023-05-13 -
2023-08-11
3 months crt.sh

This page contains 2 frames:

Primary Page: https://marketskins-d.buzz/login.php
Frame ID: EC29756DB40776198B029B210C71BEA0
Requests: 1 HTTP requests in this frame

Frame: https://14gkhwbgmhs.ru/08276
Frame ID: 1F18B826A9F4F10586F24F0D305C2CFC
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Steam Community

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

935 kB
Transfer

1803 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
marketskins-d.buzz/
261 B
390 B
Document
General
Full URL
https://marketskins-d.buzz/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.167.163 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s12.link-host.net
Software
nginx/1.20.2 / PHP/7.4.33
Resource Hash
ddb8a68215dad4c3a0b92e193707058b653f6605843682e51839f1c3d11f8bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 25 Jun 2023 13:30:56 GMT
server
nginx/1.20.2
strict-transport-security
max-age=31536000;
x-powered-by
PHP/7.4.33
08276
14gkhwbgmhs.ru/ Frame 1F18
90 KB
18 KB
Document
General
Full URL
https://14gkhwbgmhs.ru/08276
Requested by
Host: marketskins-d.buzz
URL: https://marketskins-d.buzz/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d2eb76400266f5a55a58f4224f63f0cdaaf2aac09bf5b296b024b1f43d3b6d

Request headers

Referer
https://marketskins-d.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7dcd916629091951-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 25 Jun 2023 13:30:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmcoVvupD29hP7rfgLyBbqZGerLMYqFqI9SUeKdfHvGByu2iJ1tgFNUh4SlI%2FwG3QcjlhDwjcMs2KoLQRjbvoSRRtX%2Fydqg6a9NRPW6yFBJTmbctUOATo%2FxvTqLVachFFhV7r82A4PQIIvuc1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
motiva_sans.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
2 KB
925 B
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e038728c16c39311ef42413bc577b5a175b5ec9544b729a1bd61e4c127c432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLdytVownorWuuEC%2BTMsoFl0b701Yx5dEWbHVVAMNhG776j1fxie1SvKpEVoWSdc11k09b2itigfZYjdhqBjKVbkKQxrGM7zU59aiMx9xt7nbbajReRquZjyx7vgxg0poGkDyaTG794K3hzt5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b501951-FRA
alt-svc
h3=":443"; ma=86400
buttons.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
32 KB
4 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/buttons.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443235cf75ded360a1e8835d7fd7d34570ebdbd7022d5aa5ed2bfd723435785

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUj1oMvklH1TV0MRmNXaeo8nMvvjU71yEN2ya%2B3V9noBJXWtUyo5EYCBrWmKC6QsncPw9A1I75JwXBkKBjUFLaCBIu2fZhRBS%2BFBtNOooyiE5x74q9ky6jvpeTRuUi9QXNjkDwAudyrm4jrqOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b5c1951-FRA
alt-svc
h3=":443"; ma=86400
shared_global.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
76 KB
20 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/shared_global.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20dc5413af582553e31c5581ebcf6d2f63e45f24140d6d340f50d9d33acec5a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBXD1nSSM5bsPi5%2BPiCc4eXaQUglA8gJpQvRarEqzfqqL2%2F6wEP2bSZvQOhcw9uHK6t2BHdEzptZm14udIUuel0ikRFRXnmGjRbYKi0JWCthc3xyRz1FoLRdg0pQksCKUuYaKyy0W%2FNM9n2Q9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b621951-FRA
alt-svc
h3=":443"; ma=86400
globalv2.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
36 KB
12 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/globalv2.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f01cd4ad929623e2539b2b704840f2b67f069fdb5730641b9f5236825386eaa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
256
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6h6Z8e5nC7OHQyhByqh9bl%2FXrIRn8zzhzBkJ9k0V%2FcKEI815BVZAR0Mf6Qs9GsYYnq3dvlIV%2FLSbCKOWLHWY9%2FJmCVbQPHff5rB%2F5pKrNlmE7exvPtpVYKcWmzUjMQVtIWB2%2Fc7E8BioOdbOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b641951-FRA
alt-svc
h3=":443"; ma=86400
login.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
16 KB
4 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/login.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa33b0bad6e90d8750583f752e345326b6f00dd5f2f95602f9a39e379956fccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJjrt5XDiWWaxkYCiNZcnU8TMd%2BZ8kY3iDS%2F7VCuMD24Aq%2BvhqCxFDsDXr4yON8%2F2zW1CHXoE5fwFweAs7UqsUzV6rakcfoR4nDAKHb8me5CSzGArKbMpphl%2BhgiXRKkIWvbB%2BbT2wEP%2FdLV4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b681951-FRA
alt-svc
h3=":443"; ma=86400
home.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
13 KB
3 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/home.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c075c46d39207e76b0b4f7b77257512e356b1ead11b436527c1fbb1a33e33e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch0PGpqN9nzMhJZXwel8qVssPKdYh6uVmizIuhs%2F5Rj31TIw0nofeheHSVls0OaxX72gV1PJ5GSwVLcMvP%2Bn2Ol7g9sAfnkCU1PvMhkwttg7Iyu3%2FhEHmcjczCPj4TaSyx8kTRq1wNuvcCLhsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b6b1951-FRA
alt-svc
h3=":443"; ma=86400
shared_responsive.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
18 KB
6 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/shared_responsive.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc046a362798a630669fccfc06d4c61ac6f4521dda657cd98827cdc5b01c6a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IbBdcKqsC6viQlfCwGGa9eNece0AL%2FvwEqQ9biTsjJ63%2BXwnkJ8QIkLsyOa0Me22FMAFq4ZaX1IYv1bW%2FEv9R3UvlHSqnn06HiDO2HWJfJZnPHDsFGfbnnw95jru2OwuT5359AVMc8SadqzXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b6d1951-FRA
alt-svc
h3=":443"; ma=86400
header.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
12 KB
4 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/header.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3239ecee89ad37a7f4d9949db9481d8489d7f3483abd086e7f2a38b3e36623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FADxT25dtrLy75qamZ2PTroogPyp5MkEpQ472swa%2FDagPbn5g63q615OgZp%2Fq6odky3MY0Xf%2BRzKwmJJxREZaoIJWj7Mcty0D0Ihc9er8f6VdNy%2BIejZ6WJPl21Ak70MlYMDLfib1ZSdoSsyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91674b6f1951-FRA
alt-svc
h3=":443"; ma=86400
jquery-1.11.1.min.js
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
94 KB
34 KB
Script
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/jquery-1.11.1.min.js
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
256
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZxMiD5IX8%2B0nplqfImfBNxk6jV7OLP0k%2FcQjBawDQJ5DDS8Q4vhfIVzeNKHdoZE0hkcBV15KXK9NOmFRGi3F8spzboSlagpPO2z%2BZ5oMm2SvOZRfA5o%2Br4kZY9nJxeZyU1lcnONBW9iZxaxYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7dcd91674b701951-FRA
alt-svc
h3=":443"; ma=86400
global.js
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
552 KB
202 KB
Script
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/global.js
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f185ed6b2a0d41ef9fc7dc594ed73f50a0142c279c103772a169d5bbd122b275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
256
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAvw%2BxgvcAe34l1U2Rta57pZ57UIhLyYq7cSGtlexibonqESBytgD%2FngxUDZe2eR6HljQFA8%2BLSjk6E96UtBkAONj8%2B2pEJkIrjr9NSJ3M7qE3GUUCNSPPNCxHWtCyTsLv%2FGB0HedWTI6CFY%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7dcd91674b721951-FRA
alt-svc
h3=":443"; ma=86400
tooltip.js
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
15 KB
5 KB
Script
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/tooltip.js
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff60b03eee68665bbea99748e01971b5dbf59bc249435f03291105adf03e632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
256
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT1cAkP34owuZ6pm3JG3ZsDWO0r0DZM93Dcs2qgLJ7yLKA9WVbg6FyV1JykC%2B7Abx3Eej%2FAErRsnYEehxmB2vvo7W2hefXCAW%2BGyOaQ%2F0uGeFtENKOQp3XHlK2aUgwAOAQzu4w2oOPxvNI%2FaLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7dcd91674b7b1951-FRA
alt-svc
h3=":443"; ma=86400
shared_global.js
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
146 KB
38 KB
Script
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/shared_global.js
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d99a99d702a955b3bb9cbfae89744b8739d85ab92e40c04d15e98f17a009a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RehAzlx0eieNriyzrKEiP2KeGWav2RpYQJBJbcbpYaZlfwYVREHi0yBKmEtniAaaOIijEGMXJ8fV3cUpJAWatnnVVZGEIX5AE5JXIoIzNQ5dMQS1%2BSz0FG%2BuVsr1Yyod4csKTLL8sG2oHVjaSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7dcd91674b7e1951-FRA
alt-svc
h3=":443"; ma=86400
shared_responsive_adapter.js
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
23 KB
6 KB
Script
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/shared_responsive_adapter.js
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8518d23c89256140a70f4087805c084f87fc08d84fe9ab07c277310a44a514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 25 Jun 2023 13:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7YnnEf%2FHeQWQfHjjduZcUo09Htxf70MIkBRYLj2ku3zjZqAKWzk3oAKgJ5GR6AnpIW6L02v0fvziZmwaQ%2F6uKCt5uppul9auiq2KWuUtlL3bloojEO4CZlzXUF1MDgI5wcrW9e9dMtpez2sEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7dcd91674b801951-FRA
alt-svc
h3=":443"; ma=86400
chunk~f036ce556.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
34 KB
6 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/chunk~f036ce556.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6d5621752a45076c660584464c1c1f289ab9f2fa17caa604b6a95e4283cc9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EywGXc3nRLTlhak2QmHjSNXM0jofi1HjbCR7EOG%2FK1LHlCm3uz2HKHIkvQ6QpS450KOV58vTqIQogufPu3vh5mHKN3TcxyfRIyhaSGk8RIISou3R9FvDkVca2wEAZej5emGVWZa4M6x%2BDLCJiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91678c990408-FRA
alt-svc
h3=":443"; ma=86400
login2.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
234 B
617 B
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/login2.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b628b640598953d3013f91058a2b24011bcfe28426e394d665f74e3bbdd8bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpUcIlZrHZPVqwFpukH2CJZf4c%2FUsXxeobc1X%2BaE0YgeSX28u9o6Qx94prExFNMp2NUixKnNckDhcaQMB9xB%2FFGItNOMegtmHfoGK%2FIMDObXop4on89QnbBtOddmyQCi0d110dQ%2BXW69iw3KKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91678c9c0408-FRA
alt-svc
h3=":443"; ma=86400
logo_valve_footer.png
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
2 KB
2 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/logo_valve_footer.png
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV3RSmHQQNRxQYgdWTWBA%2BrXdIMvR%2BII%2BeyUiuJSP04%2BruBmN1K1rQ%2B4K%2F%2FzFg09dNDQYx0dbH%2BPCGUYZMv4STBiLkh7nOZbUAxDlgu7I18CtiM9SFI2W%2Fx5UFaprIdlB7IRufQiWAM%2BFiqz5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7dcd91695f290408-FRA
alt-svc
h3=":443"; ma=86400
header_menu_hamburger.png
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
4 KB
4 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/header_menu_hamburger.png
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JchJusOAMKyozaGbiW%2FconIPIWxCBOIFS5KfWgnT3WZOrkiA9V%2BKEFa8Pl3RafhYYEiDhMBKmK%2Fj2cHnPCOgykbeagccp0oxQLdUXU4XsieUXIiiqa7X6kXIAVeReZ%2FSnyoGaCylebjFAFcAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7dcd91695f2b0408-FRA
alt-svc
h3=":443"; ma=86400
header_logo.png
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
11 KB
11 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/header_logo.png
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHrbFeZ6%2Bh7sNeQjluO1cAbsXHtxZLcWmKmVrufmkIPFtB99%2Bv8PVQB88iQnkrVhgvqhN2B6QgWUXoOaH%2B4BMbFgifwB2Zzm%2BdU7q65dwe16LvU%2FON1EspjoQf5B3vWP4yvrQ6YFm00EyS6XUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7dcd91695f2d0408-FRA
alt-svc
h3=":443"; ma=86400
logo_steam.svg
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
4 KB
2 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/logo_steam.svg
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4d08139646d567a612f75b8179641c570d490f8013478d131266ed21f3d453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oYA3sSADMk%2BeyXuhiGuQqJE%2Fg%2FD6Juh6F%2F4fZGxiJqQW%2FmYjOHUQOGFh1bdqLjRiBVkhIeyP64gkwAkxBlxsqenWTiNDUEG53T5%2BVqwF1IfT2f%2F%2BjTRsAZlTnjvzfGmqoTwTKPBVQQ4v82%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7dcd91695f2e0408-FRA
alt-svc
h3=":443"; ma=86400
main.css
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
95 KB
18 KB
Stylesheet
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/main.css
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae98b667caf00c3e1825e938039949fa044ff85fc00c1844a1381b48f3d39276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbyYf3CzzXf2IwXlNvZrswUco9ndYVxjxaEYXD8y0Tnn48CYclhPzcpmv5t1dpNT7q%2B5jPDx%2FlogW34A0vdXDdpF0GcUa1jRqUPKIA87LGgMtCialt4lFIMwGl11tGH17ZVBN8UsCOObBZoOog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7dcd91695f270408-FRA
alt-svc
h3=":443"; ma=86400
join_pc.png
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
33 KB
33 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/join_pc.png
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9R7Tx%2Fxp%2FuReoIYqnnac8XxrI0%2BCMs0BBSSLd7%2B2Ze%2BG7hKWQkHOAn34TRaBEF0agC7fDAVfZWLozaPZ7yiTNiRKkSdDdQ7R0eXSeAYs82faAsbOVHPA2zdbBH8hM%2BPNpFsrF8oDGZyvai1eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7dcd91697f4f0408-FRA
alt-svc
h3=":443"; ma=86400
footerLogo_valve.png
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
4 KB
4 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/footerLogo_valve.png
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/08276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ1ksHO%2BsxoIyDu2KuEtijXaKERbmoNooIn7Dj3gBU%2F3b8pkLsj8QiTR0AVlDxwN%2BUp8wFtgmqAt28IjQWsQ75HiuobstwGdr67XWg%2FMuewAfo5jyeC4Mg8N0SWc8R3EixbtgafrpGrNdlEokw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7dcd91697f510408-FRA
alt-svc
h3=":443"; ma=86400
btn_header_installsteam_download.png
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
291 B
732 B
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/btn_header_installsteam_download.png
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/5b43eb247/42d40/shared_global.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/5b43eb247/42d40/shared_global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GY9K30C4TfRfvqParRzn5dUSMSGcR9euYPik%2FryifUdp43DIFF1gm8C2akyyxJShkMuLTuIaSRaFmKLgLcjn5ZOfzOiscy7WPnyjT2mpPCE8M1PDTZYZhtc2qkqBapiXYTNCAkXVic9iJZlIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7dcd91697f590408-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ Frame 1F18
61 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
MotivaSans-Thin.ttf
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
116 KB
116 KB
Font
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/MotivaSans-Thin.ttf
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

Request headers

Referer
https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Origin
https://14gkhwbgmhs.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2laLtlN6Y3b3MZyCJKU%2B3d3GZlPyx0jqZ8paJmfw4EIjh9McO9LSC2cNh1MsPwoYMhSUX2r13MN%2Bz%2F1zaPJdlrxOn%2BayfzTKqb3VkM2nHDGPZlccNgHhqYAJr%2FW6h0Z3XkNuD0kqIcWYRSheBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=14400
cf-ray
7dcd91697f5a0408-FRA
alt-svc
h3=":443"; ma=86400
MotivaSans-Regular.ttf
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
120 KB
120 KB
Font
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/MotivaSans-Regular.ttf
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

Referer
https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Origin
https://14gkhwbgmhs.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNqgniAWiAuQpjKDPl%2BrhTVHo%2B7gCEQpRpI90RfHLgXI0CRwASbsDL8dT7Ic3Po1cfLp48i%2B6%2FxpiV39rnfwaF2iEFJOeCotS9YlxpYdSJpUg3zhRzyHRVN0%2FczyWaknb8TEffVD5TNuWV%2BQtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=14400
cf-ray
7dcd91697f5c0408-FRA
alt-svc
h3=":443"; ma=86400
new_login_bg_strong_mask.jpg
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
122 KB
122 KB
Image
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/new_login_bg_strong_mask.jpg
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/5b43eb247/42d40/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://14gkhwbgmhs.ru/5b43eb247/42d40/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT9AE7IOKW6JPzlIsE828gAzAokcbdr36CMncX61K74DamhnIOvMOkKScU%2F6XQ5LBe0k1l6zoM9QMxtFoDC%2FyUulDxsExPWjpJuVhEpcbAf4uxCXXCcxHEYoxWVcXzsz9Iv5mOhU0xCpEoTcGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
7dcd916cdcf50408-FRA
alt-svc
h3=":443"; ma=86400
fonth.woff2
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
15 KB
15 KB
Font
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/fonth.woff2
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/08276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd221864d6fef58ce76c88f6e155e26a3def8bcc5bfd3676d86809278b3208d

Request headers

Referer
https://14gkhwbgmhs.ru/08276
Origin
https://14gkhwbgmhs.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn5TVljwF1LH9JA3MgJOUdi%2FStzFnvC2bKBdcdC56Y7K9tKC2fREZcIxsXPJTTsTbhGqqqSwqVSLi4K3c3OOV7Th8vg9F%2B1mWsc0jFGSOcCg6Df6OU6BPWZyQFtThk9fIRvQpEZBv1HYSSjUTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
7dcd916cdcf80408-FRA
alt-svc
h3=":443"; ma=86400
MotivaSans-Medium.ttf
14gkhwbgmhs.ru/5b43eb247/42d40/ Frame 1F18
121 KB
122 KB
Font
General
Full URL
https://14gkhwbgmhs.ru/5b43eb247/42d40/MotivaSans-Medium.ttf
Requested by
Host: 14gkhwbgmhs.ru
URL: https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

Request headers

Referer
https://14gkhwbgmhs.ru/5b43eb247/42d40/motiva_sans.css
Origin
https://14gkhwbgmhs.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 13:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Jun 2023 13:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIMslLlcDwgVenSMSVKXRlmv7%2FAJMnGLLPdhLu7u0lOoao5QQkLZddqGTvvCbipV27zMnePOcfSMpLRB%2BG3lY2t4EpvfrEle5OpvihNx6Qu0qdgL1ot50VdK8DUE%2F1qElG0uiyp7TP6VkfUV5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=14400
cf-ray
7dcd916cecfa0408-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14gkhwbgmhs.ru
marketskins-d.buzz
2606:4700:3035::ac43:b308
94.130.167.163
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
1d6d5621752a45076c660584464c1c1f289ab9f2fa17caa604b6a95e4283cc9b
20dc5413af582553e31c5581ebcf6d2f63e45f24140d6d340f50d9d33acec5a3
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
3a4d08139646d567a612f75b8179641c570d490f8013478d131266ed21f3d453
3d99a99d702a955b3bb9cbfae89744b8739d85ab92e40c04d15e98f17a009a6a
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
4443235cf75ded360a1e8835d7fd7d34570ebdbd7022d5aa5ed2bfd723435785
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
7d3239ecee89ad37a7f4d9949db9481d8489d7f3483abd086e7f2a38b3e36623
88d2eb76400266f5a55a58f4224f63f0cdaaf2aac09bf5b296b024b1f43d3b6d
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
8c075c46d39207e76b0b4f7b77257512e356b1ead11b436527c1fbb1a33e33e6
9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
acd221864d6fef58ce76c88f6e155e26a3def8bcc5bfd3676d86809278b3208d
ae98b667caf00c3e1825e938039949fa044ff85fc00c1844a1381b48f3d39276
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
bc046a362798a630669fccfc06d4c61ac6f4521dda657cd98827cdc5b01c6a1d
cc8518d23c89256140a70f4087805c084f87fc08d84fe9ab07c277310a44a514
d9b628b640598953d3013f91058a2b24011bcfe28426e394d665f74e3bbdd8bd
ddb8a68215dad4c3a0b92e193707058b653f6605843682e51839f1c3d11f8bcd
f01cd4ad929623e2539b2b704840f2b67f069fdb5730641b9f5236825386eaa9
f185ed6b2a0d41ef9fc7dc594ed73f50a0142c279c103772a169d5bbd122b275
f1e038728c16c39311ef42413bc577b5a175b5ec9544b729a1bd61e4c127c432
fa33b0bad6e90d8750583f752e345326b6f00dd5f2f95602f9a39e379956fccc
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
fff60b03eee68665bbea99748e01971b5dbf59bc249435f03291105adf03e632