csgotrade-skinmarkets.buzz Open in urlscan Pro
185.235.129.139 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://csgotrade-skinmarkets.buzz/auth.php
Submission: On June 25 via manual (June 25th 2023, 1:06:47 pm UTC) from SK — Scanned from NL

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 30 HTTP transactions. The main IP is 185.235.129.139, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is csgotrade-skinmarkets.buzz.
TLS certificate: Issued by R3 on June 25th 2023. Valid for: 3 months.

This is the only time csgotrade-skinmarkets.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1	185.235.129.139 185.235.129.139	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
29	2606:4700:303... 2606:4700:3033::6815:f44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	3

1 185.235.129.139 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm4429622.1nvme.had.wf

csgotrade-skinmarkets.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3033::6815:f44 (United States)

ASN13335 (CLOUDFLARENET, US)

13kgrehbsgh.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	13kgrehbsgh.ru 13kgrehbsgh.ru	934 KB
1	csgotrade-skinmarkets.buzz csgotrade-skinmarkets.buzz	438 B
30	2

	Domain	Requested by
29	13kgrehbsgh.ru	csgotrade-skinmarkets.buzz 13kgrehbsgh.ru
1	csgotrade-skinmarkets.buzz
30	2

This site contains no links.

Subject Issuer	Validity	Valid
csgotrade-skinmarkets.buzz R3	`2023-06-25` - `2023-09-23`	3 months	crt.sh
13kgrehbsgh.ru GTS CA 1P5	`2023-05-13` - `2023-08-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://csgotrade-skinmarkets.buzz/auth.php
Frame ID: 50852D4AE75D68A23F86FBDB91AD5B41
Requests: 1 HTTP requests in this frame

Frame: https://13kgrehbsgh.ru/9fed46034
Frame ID: 73FDCE7D18C3402AEA5FFD0FC77AE2A2
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Steam Community

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

934 kB
Transfer

1803 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request auth.php Show response csgotrade-skinmarkets.buzz/	265 B 438 B	115ms 37ms	Document text/html	185.235.129.139 Netherlands
General Check archive.org Show headers Download Go to Full URL https://csgotrade-skinmarkets.buzz/auth.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.235.129.139 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm4429622.1nvme.had.wf Software nginx/1.18.0 (Ubuntu) / Resource Hash `39c34f0e5d6703f82924d2444aeb97e762a368e94b5f8887f396033c7b5851ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 25 Jun 2023 13:06:41 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	9fed46034 Show response 13kgrehbsgh.ru/ Frame 73FD	90 KB 18 KB	314ms 161ms	Document text/html	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/9fed46034 Requested by Host: csgotrade-skinmarkets.buzz URL: https://csgotrade-skinmarkets.buzz/auth.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca8c2696348986986ff76261ae8d4a99e778297b5298f7e9c248d4c3fbdb22de` Request headers Referer https://csgotrade-skinmarkets.buzz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7dcd6de53d930bce-AMS content-encoding br content-type text/html; charset=UTF-8 date Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS1h5b%2FBl4tPwo68P0k9xBHvih2RwJoJb366NsK81DgZEEjsdIy92tBwNwx95jOQIvGxBoSQL4xv6d%2FJM1qkOiSvTqT2hu21Ve0Hpyn%2BJsqM8uvVdBPlVXAAFj0M%2F%2ByME6zg8Sfsd3WfjejEDw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	motiva_sans.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	2 KB 893 B	472ms 469ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2822d5208a21a68f3a577cd904a613b086512cd806afb7acba0d2c6854759c5b` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIAUDeAR7J4%2F7wPr6Z57VlbFgiMG3YOrjcnNpKR7wtFt%2FHbqsC1kKy7HdopM6NV1n6T3yCm0jQNSt71SchDBipanyxpjV7wNgcqf0bZAyi1rN3AYAZhjVFPcF6a9%2Fo9MEkSoFBgsjfg3G9fBvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de63f290bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	buttons.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	32 KB 4 KB	330ms 327ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/buttons.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb332e178e87df7e4516752fbe14c8a798c06d7420b07b52cfa441059be9a085` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:34:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbLZ4XJQbsNj11hX9WDYQdO8e9HDir0QVTtol2vG9tR7OOlPMiL8IUvw7XSJ620WsBl6hs09sTErPr5jX8s%2FH3Wm85zIe9NzOgiK3NcN75jykC0C1SJPRGzZ9ehAUu8295Oe%2F2wjRDHm6rdqOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f2c0bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	shared_global.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	76 KB 20 KB	383ms 380ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/shared_global.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bd01838b2bd861555c775690d19fd86bac999b200b775afab36a4da3ebd61be` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:34:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2B9stp7w8f%2FpqayUSRH4OtrDr1clkgRgA%2BLdP753XykcXOgZWCX1IwRkm5VxmENxybs8H%2B5N7W%2Bdhhq%2BJOI8W%2BJeacg1JYqc4wpJ652Hk1aVYhM2gCNPECUuCLTTnjIW0Ezhad8jmC9zXyb4fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f2d0bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	globalv2.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	36 KB 12 KB	337ms 334ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/globalv2.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `32ba5a08099027e62edce1b2a686be778390af47a560fceada705ca68f30e666` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:34:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO1uUnJf68%2BAA2AGGvBgafezGxqQL0oA6hcnD097kfOLUtvf%2FJ%2F8Pi5HKy%2BeNYp%2ByJ8U%2FFIYbut8uPs16nzobq7V9%2F6XsXs6cexq9x7eWXvpfTHY9b3V8nEEv90gDDl1qvFmWJj%2BcscU9xkz5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f2e0bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	login.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	16 KB 4 KB	348ms 346ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/login.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d87a4c12aabb81160fe53de20e16d63e9a100f5f39e0271622406f96edf7dab` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7mPo2q7G3AuYpTLB598Qsw%2FhpeOSlx9RZy9e7c%2F5XsiLXwTcBWvvRbcSUCz0c9DctMYHB6TVFa3UV3lz7eJosULMeP6uyOZ74WRK0hRAf53F%2BxJwytnhZZOwXphyGxywCAA1Pep5oF2GTp2mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f2f0bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	home.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	13 KB 3 KB	306ms 304ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/home.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `85749d6c6eebb5e9e57f96d7d730ca0c851e809a2e2e8182c09b386311656e38` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:34:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v2phx9AlHkAVLcMCAEJDx9hhRpEw9I9dNyLebYSdyW2v8aE5CE%2BV7xqHUgnJlrm8L4nGpYBJJ24sr9CJjG3%2FKAVpFErIbXsl3hl6019Wpj49Re9zIyn%2FAwGTl5Tbv0weYc2CTownTRExNDYhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f300bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	shared_responsive.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	18 KB 6 KB	496ms 493ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/shared_responsive.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b475e4d0f692f7e197af1347bc2d12f1568d7ac53355c3948dbd9f739632616` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5T%2BBOrcAmvIp7%2FLcsSkg07eO9ZcQlPvOWDJ0GO8wbDrWk%2BSXQj5xMZRqMhT1GvW2WRQXdEb9feA6VlV4q3n%2FhAhxqdu%2BHKxNdoS3YJJQVQiNeOxwCQQsxk8OdsMrpG0SobisqUFZikhsencVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f310bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	header.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	12 KB 4 KB	297ms 295ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/header.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `034af5e81a3eeb8d958215710c7289262bcc1c3bddab068a7004e282196184b4` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:34:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A172sEA9PoqOE94J%2FVyvmzlWqZfjTj%2BtUhg2XHnHLtWSeMgy67PrPOI2vhIW3kBeU7lohFDN2gifxJ8x9Nwv3Hl3aFlwjNeYOF5l1a%2FcW8gjFCa5atl8XcP6756hpVw80aZ8IIC1C5ebXZFlNw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de64f320bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	jquery-1.11.1.min.js Show response 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	94 KB 34 KB	374ms 372ms	Script text/javascript	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/jquery-1.11.1.min.js Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRlCljo0NsJJfvlBscqF0SoB%2BbA%2FN3WQuDA%2B0Q74VeAACO8hFxRrqU2bFwHz5Ig7pRKkneTTjWWe8FYR9Oxp%2B2Mxp9fN9KerlkMyZ7bofcSSbrqhZt72vYxh1ytGLFYmfDNoUfhMU2ga%2Bl0cGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7dcd6de64f350bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	global.js Show response 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	552 KB 202 KB	484ms 482ms	Script text/javascript	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/global.js Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f185ed6b2a0d41ef9fc7dc594ed73f50a0142c279c103772a169d5bbd122b275` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0hR3fv7OfDGGfgx6ulNVSjCNGqA9fPVyqlrGGkWqoelwxOyp%2Fk4jwtvO7nCbDZJ3rs3PQhH2qzt9ZKvb5vENjVVUj7RJrJfPadpbL30RnS%2BCiYoWDDsxyK2wG0jCA9qh379Ev3swc8YIQjoaw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7dcd6de64f360bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	tooltip.js Show response 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	15 KB 5 KB	360ms 358ms	Script text/javascript	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/tooltip.js Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fff60b03eee68665bbea99748e01971b5dbf59bc249435f03291105adf03e632` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6GUy6i%2FRj5vkD9xM9vggudcU4I2NXka9mDS5uIDMvLj1IeXB4V63ee8rXMeMlcV8Nkkm9xT8ya4GaHt1ls97awoBfcJIjmD%2FsJSw7emZop%2FwQ2nLpuXlcO5LY3dBGm1%2FcZd5b7g%2Fg5PO1BfPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7dcd6de66f7f0bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	shared_global.js Show response 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	146 KB 38 KB	462ms 460ms	Script text/javascript	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/shared_global.js Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3d99a99d702a955b3bb9cbfae89744b8739d85ab92e40c04d15e98f17a009a6a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOsTDlolNqxphRkYhvEbXFR%2BIzca3lqBFSqeC8XeVy8etEcL99WlAtyGxz16RngL2DLon%2B3UZ2lZioLAWVudqozQQgKloR9WlkSFF9873A4%2B%2FISGCt%2FINopaMeiJQQNNMm77WXJf4R9phtaj6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7dcd6de66f830bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	shared_responsive_adapter.js Show response 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	23 KB 6 KB	357ms 356ms	Script text/javascript	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/shared_responsive_adapter.js Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc8518d23c89256140a70f4087805c084f87fc08d84fe9ab07c277310a44a514` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFtQqeR8AsPV0%2BotdwCCdtmdmdk%2BXfQFrhemTt3kcxuh85Ut7RhHNjYbThBPYvlyOziquJvvDKySoZu963%2FhbnJYYz%2BYEd2dmreF%2Fl3ENVDaoNVgfnIDfQf4av%2FHEyn7XeBqgmAmjSgNtkHW1A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7dcd6de66f860bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	chunk~f036ce556.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	34 KB 6 KB	324ms 324ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/chunk~f036ce556.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d6d5621752a45076c660584464c1c1f289ab9f2fa17caa604b6a95e4283cc9b` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:34:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnzUsxpC%2F4tJoNViCUZsEdY4TcZwGU9vf81o4huaiREhDTJqjhtQHCIKyI0yOa9H%2BLFaiD309hgm5dqjZorwm%2FrL6yQ67O5rmSaPhOw%2BUg6RpAxIuBoGK5Q%2F9ID0%2FhITNkVI2mAB9SNKZRz6ug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de68fb30bce-AMS alt-svc h3=":443"; ma=86400
GET H2	200	login2.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	234 B 447 B	276ms 276ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/login2.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d9b628b640598953d3013f91058a2b24011bcfe28426e394d665f74e3bbdd8bd` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Eu%2F%2BBx8rPnejnaE0iTOlRWN1kKnzIErwBPQwgqysGba0UM8ajYE0mRYI4EBCAm8PnzhwlDHd1p24lneY1ySDQaqY6BBS%2Bcs7Sm0G6pR4Ps75LLo2vQMMkVJ2CwmVpC3f2m5MX%2BVWjmR9Nv8Yw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de68fb50bce-AMS alt-svc h3=":443"; ma=86400
GET H3	200	logo_valve_footer.png 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	2 KB 2 KB	280ms 280ms	Image image/png	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/logo_valve_footer.png Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvIoAqsc9llQF1LvghrjjskUPUAXgNOq9aK%2Bx1dMC1LabFK7X1zLbzGaoKvWnPQOiqkNxc1CvtC6d%2FjTShPnPAI2Z8upGSUXBkL8MKantWGhCL9s%2B8kp7XdfN%2Bo3kCV5bBCGmaGVY14ZD96gRQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 7dcd6de9ab881ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	header_menu_hamburger.png 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	4 KB 4 KB	223ms 223ms	Image image/png	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/header_menu_hamburger.png Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status EXPIRED last-modified Sun, 25 Jun 2023 03:33:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZvPw6q5O%2BgJizXLz3QA%2F7XmQQMWWMtPGfD6XAx3EKlBD3hGB8Shn8r5SPeOPiN%2FEpXgFapFF6ERDYlLHKKjZaDdr8eBWXy1aHSMXyDHp0pqe2BedlG9Y3UCbZPpDzCRt1muwjuG1Z0DVY0jyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 7dcd6deaed5d1ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	header_logo.png 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	11 KB 11 KB	258ms 257ms	Image image/png	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/header_logo.png Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8jAFjSjGCDUkeUY8mOGqevRp4h9sYLfSP4wvNxKDYJVuXGhBAqRxK29E3OOQEfQmAWNrZ%2BaE%2BXN7yUsf6ARjli8TmrpGvGHFZa%2BjtrvSxRg1hxmV748zdxCGiOfdz88SkMVOjelzrKxFKdr0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 7dcd6deaed5f1ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	logo_steam.svg 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	4 KB 2 KB	243ms 242ms	Image image/svg+xml	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/logo_steam.svg Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a4d08139646d567a612f75b8179641c570d490f8013478d131266ed21f3d453` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpIgt22nzBlE0%2FkW6587kvRnQXPgJKYmnkTrgyS8MlbcrKtDZm8IAb0F%2FV6H7Uc5zpLraiKfhdC34BitxUEsUuZCiDxkei8qE9R4HtGsoXkN4pXFZBijxMS3q0t3eQOoNXBn1wv80Yajl1Dx9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7dcd6deaed611ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	main.css 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	95 KB 18 KB	382ms 381ms	Stylesheet text/css	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/main.css Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae98b667caf00c3e1825e938039949fa044ff85fc00c1844a1381b48f3d39276` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C0gT2YRos%2FyZD2CoKLO9DgSrmFDtBf9sE6Mw3FTLuFVwePyqhZLR%2BuFmerEd0Uk86ciV3gyevwH%2Bd60Insyy8B8mbZZmV8LObDGnbSmuQEj9CkfifNFhhnAQNWdjXIrPaZJL39w2xNzIjKnZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7dcd6de96b341ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	join_pc.png 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	33 KB 33 KB	484ms 484ms	Image image/png	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/join_pc.png Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmQr5xZxb77lcD%2B3Uh%2Fkn1BXRo1izuDlNK8zYDKxCFJNgXQF4VDLoaSeVzvlf%2BD0zlXiGfWRMk2StzvUQJb5oyljyL1%2BRzJ%2FkC%2BIEmSZmf3h4JLWoBgR4KchyS0cvlsGNyMN16g1IG%2BpgotE3Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 7dcd6deaed621ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	footerLogo_valve.png 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	4 KB 4 KB	638ms 637ms	Image image/png	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/footerLogo_valve.png Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/9fed46034 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BiG%2FqXNcyX3WOYc0s7VQ8mGb71i7dQWfAH47Why60Okw7QtmVU8i6NT6niX8rDlGmdkyBI7KpbVTYNuDGcB8WIq%2FGqaR3TJs0Ag7YHjXyslTqdjEktFu%2FBTf1YwaMrxEWlxGEiWawAMngCAqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 7dcd6deaed631ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	btn_header_installsteam_download.png 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	291 B 735 B	244ms 244ms	Image image/png	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/btn_header_installsteam_download.png Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/a804583c2/dfed9/shared_global.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/a804583c2/dfed9/shared_global.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j75zapuuiI1RSOUmRMGGVolniTDED6X9byaqwVB35TlxsPHAvlLTJXQ%2FQgK4ANbIsivh0eq2fJVE6gyI0HsKSOE8qgMQts4o8o48aVCDVJvdWHh4WWLGftzz%2BLo4VQPHLOmTh1A23Y%2F4Ah4CqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 7dcd6deb1d971ca4-AMS alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 73FD	61 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	MotivaSans-Thin.ttf 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	116 KB 116 KB	310ms 310ms	Font application/x-font-ttf	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/MotivaSans-Thin.ttf Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6` Request headers Referer https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Origin https://13kgrehbsgh.ru accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKrzdX5gl8%2B45kx%2Fikl%2BeBqib3CCAhWMQSqGHFrns2RrPv3p9jYDKfs6WPgzn%2F7TepQGolTYXXTmmYYG27evCjoHtneaxkToURRs0xJK2nvBJofkXFwHOZ77k3ieysFq%2BKk9Hq0SPxgSEOT0YA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 cf-ray 7dcd6deb1d991ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	MotivaSans-Regular.ttf 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	120 KB 120 KB	336ms 336ms	Font application/x-font-ttf	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/MotivaSans-Regular.ttf Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14` Request headers Referer https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Origin https://13kgrehbsgh.ru accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2v2c77Mp2M6koQzFrNrgLuskOGMk0Z43Gfzg%2FzT4i4AOl1T98Mh%2BxxksBhxC9PFe0PjD5M3Y1otv9EOTPgJWPIIdMLVjmTFzV%2FREOXMDgBEuzaiMd1Sa6NyglJoJMcTG9xdYCFySd2nwL0J3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 cf-ray 7dcd6deb1d9b1ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	new_login_bg_strong_mask.jpg 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	122 KB 122 KB	295ms 294ms	Image image/jpeg	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/new_login_bg_strong_mask.jpg Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/a804583c2/dfed9/login.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954` Request headers accept-language nl-NL,nl;q=0.9 Referer https://13kgrehbsgh.ru/a804583c2/dfed9/login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4k1PYBhmE8fMTGusuHj8HNzaS%2BxzOEr1tzlfJyzrK8ahTp3%2BgeQ1JRQwdsH%2BfK4oSFaHKaS9JRaY78DXKnxXQpQdDQIJDo1YJZLRs1e4P%2FY9f93jnvy1dTD5LkTPl7XlhrJQqhWBKME9Mp7Nw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 7dcd6dec0ee01ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	fonth.woff2 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	15 KB 15 KB	492ms 492ms	Font text/html	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/fonth.woff2 Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/9fed46034 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `acd221864d6fef58ce76c88f6e155e26a3def8bcc5bfd3676d86809278b3208d` Request headers Referer https://13kgrehbsgh.ru/9fed46034 Origin https://13kgrehbsgh.ru accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT content-encoding br cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqZ3tHjfYzDqKwMqBvoypRWuxt%2FogStHqeBg8O8ewe0lXaSKvj8K1FvK0c3KOKmqW0GnFloA2fCwmM5l5IBtXzhG1eU2s1wlUe8xXspO69UAKHeQWCVvWA9i%2Fo%2FwB5ZTp%2FrsQtJ7r%2FAjdJml5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 7dcd6dec0ee41ca4-AMS alt-svc h3=":443"; ma=86400
GET H3	200	MotivaSans-Medium.ttf 13kgrehbsgh.ru/a804583c2/dfed9/ Frame 73FD	121 KB 122 KB	273ms 272ms	Font application/x-font-ttf	2606:4700:3033::6815:f44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://13kgrehbsgh.ru/a804583c2/dfed9/MotivaSans-Medium.ttf Requested by Host: 13kgrehbsgh.ru URL: https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f` Request headers Referer https://13kgrehbsgh.ru/a804583c2/dfed9/motiva_sans.css Origin https://13kgrehbsgh.ru accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sun, 25 Jun 2023 13:06:43 GMT cf-cache-status MISS last-modified Sun, 25 Jun 2023 13:06:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjtpI1OZUS2t0nkb9YRLoyt5ttSx5Ad8xD9%2BnZfwYPhVrg0YwI7cl%2FLPGRTeS3hCvGe9RnbGgvXFuBXquk8k4wlfzoQHnxtHJ5EbXZ%2F4EhUXo0WqOhPpib2Uiy30jXk0XZvbE%2BYYWGOLYmshHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 cf-ray 7dcd6dec0eed1ca4-AMS alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13kgrehbsgh.ru
csgotrade-skinmarkets.buzz
185.235.129.139
2606:4700:3033::6815:f44
034af5e81a3eeb8d958215710c7289262bcc1c3bddab068a7004e282196184b4
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
1b475e4d0f692f7e197af1347bc2d12f1568d7ac53355c3948dbd9f739632616
1d6d5621752a45076c660584464c1c1f289ab9f2fa17caa604b6a95e4283cc9b
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
2822d5208a21a68f3a577cd904a613b086512cd806afb7acba0d2c6854759c5b
32ba5a08099027e62edce1b2a686be778390af47a560fceada705ca68f30e666
39c34f0e5d6703f82924d2444aeb97e762a368e94b5f8887f396033c7b5851ad
3a4d08139646d567a612f75b8179641c570d490f8013478d131266ed21f3d453
3bd01838b2bd861555c775690d19fd86bac999b200b775afab36a4da3ebd61be
3d99a99d702a955b3bb9cbfae89744b8739d85ab92e40c04d15e98f17a009a6a
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5d87a4c12aabb81160fe53de20e16d63e9a100f5f39e0271622406f96edf7dab
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
85749d6c6eebb5e9e57f96d7d730ca0c851e809a2e2e8182c09b386311656e38
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
acd221864d6fef58ce76c88f6e155e26a3def8bcc5bfd3676d86809278b3208d
ae98b667caf00c3e1825e938039949fa044ff85fc00c1844a1381b48f3d39276
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
ca8c2696348986986ff76261ae8d4a99e778297b5298f7e9c248d4c3fbdb22de
cb332e178e87df7e4516752fbe14c8a798c06d7420b07b52cfa441059be9a085
cc8518d23c89256140a70f4087805c084f87fc08d84fe9ab07c277310a44a514
d9b628b640598953d3013f91058a2b24011bcfe28426e394d665f74e3bbdd8bd
f185ed6b2a0d41ef9fc7dc594ed73f50a0142c279c103772a169d5bbd122b275
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
fff60b03eee68665bbea99748e01971b5dbf59bc249435f03291105adf03e632

csgotrade-skinmarkets.buzz Open in urlscan Pro 185.235.129.139 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

934 kBTransfer

1803 kBSize

0 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

csgotrade-skinmarkets.buzz Open in urlscan Pro
185.235.129.139 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

934 kB
Transfer

1803 kB
Size

0
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!