blastgameshub.com Open in urlscan Pro
2606:4700:3032::ac43:91dc Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blastgameshub.com/auth.php
Submission: On October 23 via manual (October 23rd 2023, 3:34:18 am UTC) from IN — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::ac43:91dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is blastgameshub.com.
TLS certificate: Issued by E1 on October 20th 2023. Valid for: 3 months.

This is the only time blastgameshub.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::ac43:91dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:303... 2606:4700:3036::ac43:9122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	3

1 2606:4700:3032::ac43:91dc (United States)

ASN13335 (CLOUDFLARENET, US)

blastgameshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3036::ac43:9122 (United States)

ASN13335 (CLOUDFLARENET, US)

6jnfbgapi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	6jnfbgapi.ru 6jnfbgapi.ru	1 MB
1	blastgameshub.com blastgameshub.com	631 B
18	2

	Domain	Requested by
17	6jnfbgapi.ru	blastgameshub.com 6jnfbgapi.ru
1	blastgameshub.com
18	2

This site contains no links.

Subject Issuer	Validity	Valid
blastgameshub.com E1	`2023-10-20` - `2024-01-18`	3 months	crt.sh
6jnfbgapi.ru E1	`2023-10-02` - `2023-12-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://blastgameshub.com/auth.php
Frame ID: E38E2181A005187882478F0DC4E43EB5
Requests: 1 HTTP requests in this frame

Frame: https://6jnfbgapi.ru/91899
Frame ID: 8B256CFBB6C59D2966FF1119EDEF3506
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Steam Community

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1047 kB
Transfer

2126 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request auth.php Show response blastgameshub.com/	259 B 631 B	341ms 134ms	Document text/html	2606:4700:3032::ac43:91dc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blastgameshub.com/auth.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:91dc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `78eb54a3fffd812ff5c68a3ed55575cdef12ef6e69f9b4590e3d56dc340ea238` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81a6ec47cf9d37cc-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 23 Oct 2023 03:34:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdTSwaRy681F44RvT5jXvwsBdko7oxkreAedcWE3he%2BLOxITQ6T6%2BJNTJrZjiP8mkbH1Hnilk9BJtpaENr1RqDvOL1mCEiz2blyJPiu2HYYMfu4BqB5fzHqENhjpwn3xeYI9v1ci6l8XsaJEZzIdQQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	91899 Show response 6jnfbgapi.ru/ Frame 8B25	122 KB 11 KB	470ms 163ms	Document text/html	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/91899 Requested by Host: blastgameshub.com URL: https://blastgameshub.com/auth.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2da68bf50796f902bc52fa2b6ed44a7b0d02a12d56812c7f68ed9de0cb94b538` Request headers Referer https://blastgameshub.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81a6ec4a98e8bb61-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 23 Oct 2023 03:34:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoDtRcEajWjC%2Fu7vDj35%2BvLxgz9TJsb8I48PESjrSsNgw1Coaig54gH7UrhDrIAcVm%2Fgh4NQNnP8FaskjiHTA38Jc%2FDNkEp9i1trwyx1iUQjQzNrfOZAnMn1xAGpN8XTo9fu3PPzM0GCL4I%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	7d974f4.css 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	40 KB 13 KB	205ms 203ms	Stylesheet text/css	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fb3d3aa1d94e0c81e6fff56986333b1545a3b6bacb145f40ccbe53f7c0e78dd6` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 22 Oct 2023 13:26:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BlUjLXV%2BWCNVi%2B7ffWtxJQUinBLUQCb%2FM4aIjrmH8%2BKCB2ttDBZmW19J6lkEaVvymUrsghx2Lgz4n8hQtYVOfpGiN1ckCwfxRDXAHqQA9vs7tOEJg4uAXT3ZrQYPKjRWdyq3rdHWWGegIw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 81a6ec4ba992bb61-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ef559d5.js Show response 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	93 KB 34 KB	450ms 448ms	Script text/javascript	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/ef559d5.js?v=PvoHwnj3JVHo Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `225edf54855697e6207ba9bded4d041d824e44c7c842f2803ede51764a9e54ab` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 22 Oct 2023 13:26:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvbtENnN5RWKfABjA%2BGCzMwj9MWBM91jLVJSlvyJJuOXjBoO031ifjyR%2BYMW5eymtdiuE%2FRGDGbCEp7ZTGafdAeKaQHiWtUqFq%2Bym%2Bi0JgcXSxTy5Vq2F%2FXj2aSCFOUK1A0pVoIQlCo%2FJTo%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 81a6ec4ba994bb61-FRA alt-svc h3=":443"; ma=86400
GET H2	200	b363b5b.js Show response 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	1 MB 459 KB	406ms 405ms	Script text/javascript	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/b363b5b.js?v=PvoHwnj3JVHo Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7c1373f14e0aca9a79e610f87b32f0434c9571da0f008b23011a6aa45ad093ba` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT content-encoding br cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdaa4PlpWZEqvp8iS68h3ygvTNs9t1hDrxg44rN5EjNfoby6h1k0wX%2FOG9ePtzheGDxq1KEMraqlTrNVW94Hp0q%2FDU2sPuGe715Bhs0RU1Yxmrp4M34hASzTeKi%2FsMt8GsVJcOpmY0o%2BR30%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 81a6ec4ba995bb61-FRA alt-svc h3=":443"; ma=86400
GET H2	200	172b62f.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	974 B 1 KB	155ms 153ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/172b62f.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ea0186384ec8ab876871fef3805e93baf432e8a2b2d79e00a7b2b332debec8f8` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT cf-cache-status EXPIRED last-modified Sun, 22 Oct 2023 13:26:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RfqjdSfKrVdQL8m%2BpYjCIh%2FCnvAW01bzvpfVOwjSpc3hbkHbspiqNElHpiD7yMZMTCFywexKM9OY%2B2WRO%2FsdHqzMTMh5uu%2B0BMHZYw66FsML2eE%2BnHlFMEppKLeWvtmiZXGztOv8sZs8yI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec4ba996bb61-FRA alt-svc h3=":443"; ma=86400
GET H2	200	6baac23.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	4 KB 4 KB	361ms 360ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/6baac23.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `75528994af768f57e6c99b5f43ba77647728a4407b50d6f5bce2e294ad829af3` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT cf-cache-status EXPIRED last-modified Sun, 22 Oct 2023 13:26:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUfa9qL1fC0kcV5pQsLPFtJHEnT%2FT%2Ffaoep4fqIaFce%2Fk5pdul1lgSJloZUU2GQ0BDBaePGpvmu1o3oPZLYNadKFfLdixQbvgaL6nMn4vSIA7vAwlt%2F2Ri8Wyx5JxQvHDeP34KNSoW8MQxk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec4ba997bb61-FRA alt-svc h3=":443"; ma=86400
GET H3	200	9a9e374.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	8 KB 9 KB	136ms 135ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/9a9e374.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d61204a8cdb32d521dfacb832e1a94cc49fab44d480d8ddb6ea603c45ce3b1d5` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT8Sxzkkj8jxkNc60RvCvo%2Fzq75wo7%2BdAccdVOmB9QfNkUbHSLSlTRW9F969lNwmbeQSfOuxuao2GpAxCtj0gxF1%2BP7Ubl1Q02H2PxebXkfxyyrDnrsJx0mi9J%2F%2BgNih5edanc9OQcnbeew%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec4c9ab4bbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	3ffa708.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	8 KB 8 KB	139ms 139ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/3ffa708.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `abde59562fe962e46637e0b060bb219f2389910cb40d570424a3a779e0be5654` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG%2B%2BqUAfzLtkwgPYgrw5sHtnwSYp4XzRmAg2kZOj5M4RJw4orGuhYUjHYQUqJt2IGtfREmSGXEf7zXPMRQm9Gsp0PzmvJCmHc2cO9TkHSdIGjPz1Er6R80vZDDzOOkvukZfoLUvwHS4THhQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec4ebc5dbbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	c2c132c.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	33 KB 34 KB	169ms 169ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/c2c132c.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a058c4d21b7c62e48d8a53c38d325c759035d5627e8242c71a7648efb076b6af` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UMZxlutWbOHL994vWi7f0CDxCH28GMNagxuJjLqvkd2kz%2FhMDa%2B29Jcde2w%2BOffY5nwJ2YpeFCmaysSW1d1ixMRn4IpgPOloaWbciktW9hXr3hBEU%2Bqn6mEn7xD%2F3eudBCHhFi9GDKgyok%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec4d7b51bbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	4241c73.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	990 B 1 KB	146ms 146ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/4241c73.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/91899 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fee3eee4a7072d5f7963f6fbb2b08236ba5d0eacb85279dc32d58008a9a53cc3` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/91899 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:13 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fve0nrjZUszEFo5IxjP7dS0dIjf0iz0a4teJfs1zwPw1ujTc7F6C0YMDV%2FPY0aNCjSeJ9mBTgnWIxvuemGsr9KLv6QgZgNlCun4EA8ouPC9TuMSzwp8K8RHjjyej1sNab4RUxuu5zrxHgV8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec4ebc62bbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f41a996.png 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	297 B 736 B	137ms 136ms	Image image/png	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/f41a996.png Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `124c479a3806c3fbf4a5df0a333735ffeff57c345a249d15b11f0782f5774a53` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:14 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPq48APSSSb4UaSwQps5qSjAoiMZ4H2vipE56CC5jbiYAUmTxOg5MRQU9AQGp10%2BujQAAI9ku5ZbT7IvtYqN%2FsEptTrPmGXAGheceet3uvja9%2F3sF5LDY%2B6gxs762uL7BqydhUb%2FECGkeFo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 81a6ec51aea7bbfe-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 8B25	61 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	d680831.jpg 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	97 KB 98 KB	182ms 182ms	Image image/jpeg	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/d680831.jpg Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bad2dbf3a714236e07c539242de2705139df7cb683a8783a56ed502e0719cfc9` Request headers accept-language de-DE,de;q=0.9 Referer https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:14 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCiWOjATcTeK5VRgkys3xGyHATvohQShkKSi%2FVCN4n%2FBeJAwaKauYrDYp0vkpTJ5ysWSLxwhqq4dVRWn2%2B%2F42TxiRjUcr1s6p053GF5tyMgRtLPPZtCkWdA7L1Gma0JvpuW2gDWHOMyibZE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 81a6ec51aea9bbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	c8b0320.woff2 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	15 KB 15 KB	186ms 185ms	Font application/octet-stream	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/c8b0320.woff2 Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4675a8ce063f9f5885a692f7a273acf7eeb800abca14aac75b6707b689532f04` Request headers Referer https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Origin https://6jnfbgapi.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:14 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYfB0v68HtERxk7POs9s185F0UiDus%2FzFd5t6PvJ2PJ1WW%2BqmP1%2FCUn4R9bILpAI7nkmRL09moHHA8jtBXDWXIZkljNpw0dhPEr3GPnel%2FxekS6%2BMYV6MVc9%2BfIhmA%2B3cntmV3FFx4I1Gek%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 cf-ray 81a6ec51bebbbbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ce916c3.ttf 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	116 KB 116 KB	188ms 187ms	Font application/octet-stream	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/ce916c3.ttf Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6` Request headers Referer https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Origin https://6jnfbgapi.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:14 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPHPgPMnfxkn6WYL%2FjSfMoS15vmW0tEVcKzJZa48%2BFBPKNt0mOUFPaG8GP8FGgJdvx0DfB%2Bf1Ueacb6G4l9UA7QyK5mD%2BluRb1QsQn6wqe3vYglWmche%2F9iCJy8Tyz%2BIGU9ZqzzvrvXO03I%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 cf-ray 81a6ec51bebfbbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bbd30bd.ttf 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	120 KB 120 KB	391ms 390ms	Font application/octet-stream	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/bbd30bd.ttf Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14` Request headers Referer https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Origin https://6jnfbgapi.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:14 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfxdE2YqT7YXi8MR0IKx8hSjSAT2tEiX6Qt50ZRZr%2FvlTZyZe9CDG0tbX7f9gYsf2iE7MJQIajArXzipUxG7iXsKJoRzfmjltUjdPqo16V48ODn%2BLdh4TlFInfom8CNon6EV9nkN%2FjGWiOs%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 cf-ray 81a6ec51bec0bbfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bb4b739.ttf 6jnfbgapi.ru/a1c66dcd7/3b974/ Frame 8B25	121 KB 122 KB	208ms 207ms	Font application/octet-stream	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/a1c66dcd7/3b974/bb4b739.ttf Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f` Request headers Referer https://6jnfbgapi.ru/a1c66dcd7/3b974/7d974f4.css?v=PvoHwnj3JVHo Origin https://6jnfbgapi.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 23 Oct 2023 03:34:14 GMT cf-cache-status MISS last-modified Mon, 23 Oct 2023 03:34:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6RfDVVIvxA4JuLDvxDgSpE%2ByLi6edYWH2bOJJfVABZyo4kBYuiPS5LkOSvq0TcZNyZ58f%2B1TY4l%2BCXKUSQF2HiV1k0rpp3bQIJZX2XM7o8b3Bbwj%2F3hORWW6gqipNapCnr7AzwD8fbbpg0%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 cf-ray 81a6ec51bec1bbfe-FRA alt-svc h3=":443"; ma=86400
POST H3	200	91899 Show response 6jnfbgapi.ru/ Frame 8B25	74 B 478 B	1736ms 1735ms	XHR text/html	2606:4700:3036::ac43:9122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6jnfbgapi.ru/91899 Requested by Host: 6jnfbgapi.ru URL: https://6jnfbgapi.ru/a1c66dcd7/3b974/ef559d5.js?v=PvoHwnj3JVHo Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8bd8a4e42f3e6f318aff44ea7b5ed867e717afe17aaec366a0bc57f2563d4d1a` Request headers Accept / Referer https://6jnfbgapi.ru/91899 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 23 Oct 2023 03:34:16 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRxrr6vqLmiqa9j%2F68xkrwqdYxMreAOue0hpJ5GL7dhOEkB96UF3ZGMxv%2B5ijADleF7swTyuMbqRV5kRujdHOgtdjiRjop9NJ8%2BxTMUwFpdudTBnmhXUsEtW80BZjsqf1rntwyJmgtu5IUc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 81a6ec571b21bbfe-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 8B25	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated / Frame 8B25	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `cec10ca3dc92e17dc771c3fb6206615e4dcb3db74058edd838cad2ac575a431f` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 8B25	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `833d26db037cc79b894d9c54e92c8d28a618d94b962d585d95209f5e34c324da` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			6jnfbgapi.ru/	1970-01-20 16:23:44	Name: 836e307d Value: 77210fd73775

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6jnfbgapi.ru
blastgameshub.com
2606:4700:3032::ac43:91dc
2606:4700:3036::ac43:9122
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
124c479a3806c3fbf4a5df0a333735ffeff57c345a249d15b11f0782f5774a53
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
225edf54855697e6207ba9bded4d041d824e44c7c842f2803ede51764a9e54ab
2da68bf50796f902bc52fa2b6ed44a7b0d02a12d56812c7f68ed9de0cb94b538
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
4675a8ce063f9f5885a692f7a273acf7eeb800abca14aac75b6707b689532f04
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
75528994af768f57e6c99b5f43ba77647728a4407b50d6f5bce2e294ad829af3
78eb54a3fffd812ff5c68a3ed55575cdef12ef6e69f9b4590e3d56dc340ea238
7c1373f14e0aca9a79e610f87b32f0434c9571da0f008b23011a6aa45ad093ba
833d26db037cc79b894d9c54e92c8d28a618d94b962d585d95209f5e34c324da
8bd8a4e42f3e6f318aff44ea7b5ed867e717afe17aaec366a0bc57f2563d4d1a
a058c4d21b7c62e48d8a53c38d325c759035d5627e8242c71a7648efb076b6af
abde59562fe962e46637e0b060bb219f2389910cb40d570424a3a779e0be5654
bad2dbf3a714236e07c539242de2705139df7cb683a8783a56ed502e0719cfc9
cec10ca3dc92e17dc771c3fb6206615e4dcb3db74058edd838cad2ac575a431f
d61204a8cdb32d521dfacb832e1a94cc49fab44d480d8ddb6ea603c45ce3b1d5
ea0186384ec8ab876871fef3805e93baf432e8a2b2d79e00a7b2b332debec8f8
fb3d3aa1d94e0c81e6fff56986333b1545a3b6bacb145f40ccbe53f7c0e78dd6
fee3eee4a7072d5f7963f6fbb2b08236ba5d0eacb85279dc32d58008a9a53cc3

blastgameshub.com Open in urlscan Pro 2606:4700:3032::ac43:91dc Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1047 kBTransfer

2126 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

Indicators

blastgameshub.com Open in urlscan Pro
2606:4700:3032::ac43:91dc Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1047 kB
Transfer

2126 kB
Size

1
Cookies

18 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!