hxxp://steamcommuntity[.]com/activation=Tvc2Fh8mw1

Analysis

max time kernel
149s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
17/12/2024, 18:09 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommuntity.com/activation=Tvc2Fh8mw1

Score

7^/10

discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: react-dom@18.2.0
phishing
A potential corporate email address has been identified in the URL: react@18.2.0
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133789325737718733"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3896	chrome.exe
3896	chrome.exe
3556	chrome.exe
3556	chrome.exe
3556	chrome.exe
3556	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe
Token: SeShutdownPrivilege	3896	chrome.exe
Token: SeCreatePagefilePrivilege	3896	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe
3896	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3896 wrote to memory of 3824	3896	chrome.exe	83
PID 3896 wrote to memory of 3824	3896	chrome.exe	83
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 5032	3896	chrome.exe	84
PID 3896 wrote to memory of 220	3896	chrome.exe	85
PID 3896 wrote to memory of 220	3896	chrome.exe	85
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86
PID 3896 wrote to memory of 4848	3896	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://steamcommuntity.com/activation=Tvc2Fh8mw1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffaf219cc40,0x7ffaf219cc4c,0x7ffaf219cc58
  2⤵
  PID:3824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1880 /prefetch:2
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2164,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2432 /prefetch:8
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3044,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3060 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3048,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4508,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3872 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3744,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8
  2⤵
  PID:1168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4880,i,17870719096057108800,11881439200890993724,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=984 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3556

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5084

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3232

Network

DNS

steamcommuntity.com

chrome.exe

Remote address:

8.8.8.8:53

Request

steamcommuntity.com

IN A

Response

steamcommuntity.com

IN A

104.21.37.2

steamcommuntity.com

IN A

172.67.201.163
GET

https://steamcommuntity.com/activation=Tvc2Fh8mw1

chrome.exe

Remote address:

104.21.37.2:443

Request

GET /activation=Tvc2Fh8mw1 HTTP/2.0
host: steamcommuntity.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
set-cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.rRlZPGKzHDJpyKVdH1MLYyOjyz1FaLKh.dEKElUD8aK-rFS5I.PhR7i-cJMbGWeysYtCkFMtZqcw9QDxooQZc7aCaGKphZmkkxC6JvnMymdqDzslrJBE7Nt3Rjk_k5rdlK97-RSIg-F6A32RbduKaoG8rIgGTjGpj5EgXXoE5bri76vDtvJw2wtskVnM7QazOO4XH2GZHVYM6hQdZc2fbspau-x6c86OFJLc6T7L-y-RGx1XbqRDNvV3At6J8U_yt5volNaHL1SpPAFqWCXC1HdxRwnGxUfCOdStTZY400TAnaUIo.pBEzqHV92iBqoqOJ0dg8gg; Path=/; Expires=Tue, 17 Dec 2024 22:09:32 GMT; SameSite=Lax
set-cookie: token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6MjAxLCJzZWNyZXQiOiIyNzk1YWRlYzJmYTAxNjNjM2E2ODcwNDVhZmQ2ODFlZSIsInNlcnZpY2UiOiJTdGVhbSJ9.lR_FvGTDmTLAXf4_QHg47o1mUapL9c1z96iCNa95QCM; Path=/; Expires=Tue, 17 Dec 2024 22:09:32 GMT; SameSite=Lax
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2ghzaVrF%2Br7GvZC9OdlHcckqEh1DhHv4yw%2FjhaIv2vWME%2BIJKIladOZLZ%2Bmn2tUsShenVfWO7csU8RT2jDfOqoUnkVjLvFiMDOqh%2FvWKsB2CPEQQr8AccwTHHfGVzeH%2FYAtXYkS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f38dd5f189eef50-LHR
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=27149&min_rtt=26769&rtt_var=8225&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2954&recv_bytes=1216&delivery_rate=97618&cwnd=252&unsent_bytes=0&cid=bb5aef2f66a1ab66&ts=98&x=0"
POST

https://steamcommuntity.com/764e77542c5506025112084650425a0c5d44057c63465707270e5c5b4f00

chrome.exe

Remote address:

104.21.37.2:443

Request

POST /764e77542c5506025112084650425a0c5d44057c63465707270e5c5b4f00 HTTP/2.0
host: steamcommuntity.com
content-length: 72
cache-control: max-age=0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
origin: null
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.rRlZPGKzHDJpyKVdH1MLYyOjyz1FaLKh.dEKElUD8aK-rFS5I.PhR7i-cJMbGWeysYtCkFMtZqcw9QDxooQZc7aCaGKphZmkkxC6JvnMymdqDzslrJBE7Nt3Rjk_k5rdlK97-RSIg-F6A32RbduKaoG8rIgGTjGpj5EgXXoE5bri76vDtvJw2wtskVnM7QazOO4XH2GZHVYM6hQdZc2fbspau-x6c86OFJLc6T7L-y-RGx1XbqRDNvV3At6J8U_yt5volNaHL1SpPAFqWCXC1HdxRwnGxUfCOdStTZY400TAnaUIo.pBEzqHV92iBqoqOJ0dg8gg
cookie: token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6MjAxLCJzZWNyZXQiOiIyNzk1YWRlYzJmYTAxNjNjM2E2ODcwNDVhZmQ2ODFlZSIsInNlcnZpY2UiOiJTdGVhbSJ9.lR_FvGTDmTLAXf4_QHg47o1mUapL9c1z96iCNa95QCM

Response

HTTP/2.0 201

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YS9yrCaHdan9IdZML8V%2BrIF8eGk7qZnczee2ON1i2wnqXwkexWhZaPVFwm%2FRcqrempqVVRw%2BFIOqJPoU6xrNUn8KxQVZDyY0FEEOYALtT0qKqPpKVc3yKvsfT2xtOOQNDhxb0VFN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f38dd602c36ef50-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30742&min_rtt=26769&rtt_var=5091&sent=19&recv=17&lost=0&retrans=0&sent_bytes=11407&recv_bytes=1930&delivery_rate=296617&cwnd=257&unsent_bytes=0&cid=bb5aef2f66a1ab66&ts=251&x=0"
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

216.58.214.170

content-autofill.googleapis.com

IN A

142.250.201.170

content-autofill.googleapis.com

IN A

172.217.20.202

content-autofill.googleapis.com

IN A

142.250.179.106

content-autofill.googleapis.com

IN A

172.217.18.202

content-autofill.googleapis.com

IN A

172.217.20.170

content-autofill.googleapis.com

IN A

142.250.178.138

content-autofill.googleapis.com

IN A

216.58.215.42

content-autofill.googleapis.com

IN A

216.58.213.74

content-autofill.googleapis.com

IN A

142.250.75.234

content-autofill.googleapis.com

IN A

142.250.179.74

content-autofill.googleapis.com

IN A

216.58.214.74
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwniNdMRAushxhIFDcpVNukSBQ1nZ7P-EgUNccm79SEW0a8L4-LvxQ==?alt=proto

chrome.exe

Remote address:

216.58.214.170:443

Request

GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwniNdMRAushxhIFDcpVNukSBQ1nZ7P-EgUNccm79SEW0a8L4-LvxQ==?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CNeCywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSIAm3c38ll--OhRIFDZFhlU4SBQ01hlQcIXUDyyfQPQBN?alt=proto

chrome.exe

Remote address:

216.58.214.170:443

Request

GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSIAm3c38ll--OhRIFDZFhlU4SBQ01hlQcIXUDyyfQPQBN?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CNeCywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

store.cloudflare.steamstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

store.cloudflare.steamstatic.com

IN A

Response

store.cloudflare.steamstatic.com

IN A

172.64.145.151

store.cloudflare.steamstatic.com

IN A

104.18.42.105
DNS

cdnjs.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdnjs.cloudflare.com

IN A

Response

cdnjs.cloudflare.com

IN A

104.17.24.14

cdnjs.cloudflare.com

IN A

104.17.25.14
DNS

code.jquery.com

chrome.exe

Remote address:

8.8.8.8:53

Request

code.jquery.com

IN A

Response

code.jquery.com

IN A

151.101.194.137

code.jquery.com

IN A

151.101.130.137

code.jquery.com

IN A

151.101.2.137

code.jquery.com

IN A

151.101.66.137
GET

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

chrome.exe

Remote address:

104.17.24.14:443

Request

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 587625
expires: Sun, 07 Dec 2025 18:09:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXguSqQ9RIpGK%2BTChP6z9f8vETKyuKZribP4VEah25fYK6ssTnhixLOpSIst2RaChTnqDo6iACmWk1fpFKbE6S6NklKszhvUel2tm5jbCGNsX53RbJSKmEQ1f1qaEC2Q92bsjUtL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f38dd615bbe7723-LHR
alt-svc: h3=":443"; ma=86400
GET

https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 567
cache-control: public,max-age=15552000
expires: Fri, 28 Mar 2025 12:12:43 GMT
etag: "ZSVHTEnT3WNW"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 1735273
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617973891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 4229
cache-control: public,max-age=15552000
expires: Sat, 10 May 2025 03:21:18 GMT
etag: ".zYHOpI1L3Rt0"
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 3075776
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617979891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 790
cache-control: public,max-age=15552000
expires: Sat, 08 Mar 2025 19:28:03 GMT
etag: "T9HhtJ81mJgN"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 1443460
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61798d891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/css/v6/store.css?v=5_pmjscCAXNy&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/css/v6/store.css?v=5_pmjscCAXNy&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=10368000
x-cache: MISS
last-modified: Tue, 17 Dec 2024 16:01:02 GMT
cf-cache-status: HIT
age: 6682
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61797e891e-LHR
content-encoding: gzip
GET

https://store.cloudflare.steamstatic.com/public/css/promo/newstore2016.css?v=zveyQLrdu9JU&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/css/promo/newstore2016.css?v=zveyQLrdu9JU&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 1336
cache-control: public,max-age=15552000
expires: Mon, 09 Sep 2024 15:35:10 GMT
etag: "zveyQLrdu9JU"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 13679635
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617970891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/css/styles_about.css?v=KuY6YbIF4rkW&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/css/styles_about.css?v=KuY6YbIF4rkW&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 633
cache-control: public,max-age=15552000
expires: Sun, 20 Apr 2025 21:36:55 GMT
etag: "2C1Oh9QFVTyK"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: HIT
cf-cache-status: HIT
age: 4749759
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61796d891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=CG8Em6e-Ozq3&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/css/shared_responsive.css?v=CG8Em6e-Ozq3&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 21242
cache-control: public,max-age=15552000
expires: Wed, 30 Apr 2025 20:45:09 GMT
etag: "Me1IBxzktiwk"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 1810202
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617992891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/css/slick/slick.css?v=ZSVHTEnT3WNW&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/css/slick/slick.css?v=ZSVHTEnT3WNW&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 33382
cache-control: public,max-age=15552000
expires: Mon, 21 Apr 2025 15:04:55 GMT
etag: ".TZ2NKhB-nliU"
last-modified: Wed, 28 Jun 2023 04:07:11 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: HIT
cf-cache-status: HIT
age: 3933837
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61797a891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 5371
cache-control: public,max-age=15552000
expires: Sun, 30 Mar 2025 05:34:25 GMT
etag: "KuY6YbIF4rkW"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 1823034
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617971891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 37365
cache-control: public,max-age=15552000
expires: Mon, 21 Apr 2025 16:27:22 GMT
etag: ".a38iP7Khdmyy"
last-modified: Wed, 28 Jun 2023 04:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: HIT
cf-cache-status: HIT
age: 3255412
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617994891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/png
content-length: 3777
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-ec1"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 6890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61a9e4891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/png
content-length: 1846
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-736"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 2127
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61a9de891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=10368000
x-cache: MISS
last-modified: Tue, 17 Dec 2024 15:28:07 GMT
cf-cache-status: HIT
age: 6682
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617989891e-LHR
content-encoding: gzip
GET

https://store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/png
content-length: 10863
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-2a6f"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 1258
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd622ac4891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/rellax/rellax.min.js?v=.KbIxshHXB6Um&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/rellax/rellax.min.js?v=.KbIxshHXB6Um&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/png
content-length: 498627
last-modified: Wed, 28 Jun 2023 04:07:18 GMT
etag: "649bb1f6-79bc3"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 6056
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd622ac8891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/slick/slick.js?v=.UvbXNQdQm-AJ&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/slick/slick.js?v=.UvbXNQdQm-AJ&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 7037
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "OHdNdTEQflFo"
x-integrity: "sha384-5wJmM8faNzg6SLOISTO6iahH3Puy0RhF09qz9eu2aCDDH6zF6RiMyR1joGlLFB9+"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61797d891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 4143
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "zHbJC_Ap8iNW"
x-integrity: "sha384-yzRNAvQFX8YXWTr+vOE/XlTbzIxXMCLgRyTnOrm2MTY2UQ7Gcfbt4G4mtWvYM5Fy"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61796e891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 6190
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "jwLyzDJfX8Dw"
x-integrity: "sha384-Lb2gma3Nbwyr1uN7iJLyPgRVG2ZWtDBiP0ZoJUWnIOP7Fzeojzid9zovwDbZnAdW"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617972891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-9da"
cf-cache-status: HIT
age: 2019
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd62bb84891e-LHR
content-encoding: gzip
GET

https://store.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/responsive/logo_valve_footer.png HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 29407
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "kIy5tRldcNht"
x-integrity: "sha384-8KO8cfCxVl/JJZl8k9LujDTCJNS3c2vkZIq6Cb9stYMm8fCeE3VDs0vg7HeV0zdb"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd61796f891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 23487
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "M-Z87xERQLto"
x-integrity: "sha384-NaoDHbQF5FkzuDAcx8L1tvuC4q+GDvDjwXsgQbuHsOAN1OKn5boC8YhtJALy4DW0"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617975891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/responsive/header_logo.png HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/css;charset=UTF-8
content-length: 22680
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "N2azlGvNsh0Y"
x-integrity: "sha384-Y3C801sXeHwg0NoSyuWRKbDPeIkv8b3NhFdwuAeERRtNq+9w5Q+FkeB59tl8mfWS"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd616967891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/images/gift/steamcards_cards_02.png

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/images/gift/steamcards_cards_02.png HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 43238
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "_7cV63789cvh"
x-integrity: "sha384-iidEEIZnR8+G8A+sNGYOu8jY0PB6Pwc72InTvWKTAs24tjw8O+9ym6uwa3iRvLNQ"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617976891e-LHR
GET

https://cdn.cloudflare.steamstatic.com/store//about/logo_steam.svg

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /store//about/logo_steam.svg HTTP/2.0
host: cdn.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: text/javascript;charset=UTF-8
content-length: 23663
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "snM8UYxzKWTX"
x-integrity: "sha384-jti3NUdKRUUNbwzGNZqv9d4QtHg7TtuUgrsWdXo4Ph5SgHIAmBKk3N+H9JNK0SxB"
last-modified: Mon, 20 Apr 1970 00:30:05 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd617974891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/header/logo_steam.svg?t=962016 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 00:18:58 GMT
etag: W/"673541f2-e3e"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 485
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd63ed71891e-LHR
content-encoding: gzip
GET

https://cdn.cloudflare.steamstatic.com/store/about/icon-macos.svg

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /store/about/icon-macos.svg HTTP/2.0
host: cdn.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-4ac"
cf-cache-status: HIT
age: 175
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd643de2891e-LHR
content-encoding: gzip
GET

https://cdn.cloudflare.steamstatic.com/store/about/icon-steamos.svg

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /store/about/icon-steamos.svg HTTP/2.0
host: cdn.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-4c7"
cf-cache-status: HIT
age: 2443
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd649e61891e-LHR
content-encoding: gzip
GET

https://cdn.cloudflare.steamstatic.com/store/about/icon-chromeos.svg

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /store/about/icon-chromeos.svg HTTP/2.0
host: cdn.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:32 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-39a"
cf-cache-status: HIT
age: 175
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd64ced7891e-LHR
content-encoding: gzip
GET

https://store.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: image/png
content-length: 291
last-modified: Wed, 28 Jun 2023 04:07:11 GMT
etag: "649bb1ef-123"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 2123
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd653fa8891e-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/images/popups/btn_arrow_down_padded.png

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/popups/btn_arrow_down_padded.png HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: image/png
content-length: 161
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-a1"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 1785
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd653faf891e-LHR
GET

https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/header/logo_steam.svg HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:10:17 GMT
content-type: image/png
content-length: 3737
last-modified: Fri, 22 Nov 2024 18:31:38 GMT
etag: "6740ce0a-e99"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38de7ddefa891e-LHR
GET

https://community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:10:17 GMT
content-type: image/png
content-length: 291
last-modified: Fri, 22 Nov 2024 18:31:38 GMT
etag: "6740ce0a-123"
x-cache: MISS
cf-cache-status: HIT
age: 7113
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38de7ddef8891e-LHR
GET

https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/images/skin_1/footerLogo_valve.png?v=1 HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:10:17 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Nov 2024 18:31:38 GMT
etag: W/"6740ce0a-e3e"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38de7ddef4891e-LHR
content-encoding: gzip
GET

https://code.jquery.com/ui/1.11.3/jquery-ui.js

chrome.exe

Remote address:

151.101.194.137:443

Request

GET /ui/1.11.3/jquery-ui.js HTTP/2.0
host: code.jquery.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Dec 2024 18:09:32 GMT
age: 3665984
x-served-by: cache-lga21958-LGA, cache-lon420103-LON
x-cache: HIT, HIT
x-cache-hits: 1659, 26
x-timer: S1734458972.388997,VS0,VE0
vary: Accept-Encoding
content-length: 113814
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

83.210.23.2.in-addr.arpa

IN PTR

a2-23-210-83deploystaticakamaitechnologiescom
DNS

2.37.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.37.21.104.in-addr.arpa

IN PTR

Response
DNS

202.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.20.217.172.in-addr.arpa

IN PTR

Response

202.20.217.172.in-addr.arpa

IN PTR

waw02s08-in-f101e100net

202.20.217.172.in-addr.arpa

IN PTR

waw02s08-in-f202�I

202.20.217.172.in-addr.arpa

IN PTR

par10s50-in-f10�I
DNS

170.214.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.214.58.216.in-addr.arpa

IN PTR

Response

170.214.58.216.in-addr.arpa

IN PTR

par10s42-in-f101e100net

170.214.58.216.in-addr.arpa

IN PTR

mad01s26-in-f10�I

170.214.58.216.in-addr.arpa

IN PTR

mad01s26-in-f170�I
DNS

14.24.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.24.17.104.in-addr.arpa

IN PTR

Response
DNS

151.145.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

151.145.64.172.in-addr.arpa

IN PTR

Response
DNS

137.194.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.194.101.151.in-addr.arpa

IN PTR

Response
DNS

cdn.cloudflare.steamstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.cloudflare.steamstatic.com

IN A

Response

cdn.cloudflare.steamstatic.com

IN A

104.18.42.105

cdn.cloudflare.steamstatic.com

IN A

172.64.145.151
DNS

store.steampowered.com

chrome.exe

Remote address:

8.8.8.8:53

Request

store.steampowered.com

IN A

Response

store.steampowered.com

IN A

95.100.245.51
DNS

kartinki.pics

chrome.exe

Remote address:

8.8.8.8:53

Request

kartinki.pics

IN A

Response

kartinki.pics

IN A

37.59.196.79
GET

https://store.steampowered.com/dynamicstore/saledata/?cc=BY

chrome.exe

Remote address:

95.100.245.51:443

Request

GET /dynamicstore/saledata/?cc=BY HTTP/1.1
Host: store.steampowered.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: */*
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Origin: https://steamcommuntity.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/json; charset=utf-8
X-Frame-Options: DENY
Vary: Accept-Encoding, Origin
Cache-Control: public,max-age=300
Expires: Tue, 17 Dec 2024 18:10:41 GMT
Last-Modified: Tue, 17 Dec 2024 18:05:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=10368000
Content-Length: 49
Date: Tue, 17 Dec 2024 18:09:33 GMT
Connection: keep-alive
GET

https://kartinki.pics/pics/uploads/posts/2022-08/1661266219_32-kartinkin-net-p-zimnii-fon-v-stime-krasivo-34.jpg

chrome.exe

Remote address:

37.59.196.79:443

Request

GET /pics/uploads/posts/2022-08/1661266219_32-kartinkin-net-p-zimnii-fon-v-stime-krasivo-34.jpg HTTP/2.0
host: kartinki.pics
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamcommuntity.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: image/jpeg
content-length: 195683
last-modified: Tue, 23 Aug 2022 14:50:02 GMT
etag: "6304e91a-2fc63"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
GET

https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: application/octet-stream
content-length: 122660
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1df24"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd65d935bd6f-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/fonts/MotivaSans-Light.ttf?v=4.015 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: application/octet-stream
content-length: 118736
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1cfd0"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd65d943bd6f-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: application/octet-stream
content-length: 124048
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1e490"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd65c92fbd6f-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Bold.ttf?v=4.015

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/fonts/MotivaSans-Bold.ttf?v=4.015 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: application/octet-stream
content-length: 122684
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1df3c"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd65d93dbd6f-LHR
GET

https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015

chrome.exe

Remote address:

172.64.145.151:443

Request

GET /public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 HTTP/2.0
host: store.cloudflare.steamstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:09:33 GMT
content-type: application/octet-stream
content-length: 123884
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1e3ec"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f38dd65d941bd6f-LHR
DNS

steamcommunity.com

chrome.exe

Remote address:

8.8.8.8:53

Request

steamcommunity.com

IN A

Response

steamcommunity.com

IN A

2.22.99.85
GET

https://steamcommunity.com/favicon.ico

chrome.exe

Remote address:

2.22.99.85:443

Request

GET /favicon.ico HTTP/1.1
Host: steamcommunity.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: image/x-icon
Cache-Control: public,max-age=86400
Expires: Sun, 24 Nov 2024 04:35:34 GMT
Last-Modified: Fri, 22 Nov 2024 18:31:38 GMT
Content-Length: 38554
Date: Tue, 17 Dec 2024 18:09:33 GMT
Connection: keep-alive
DNS

76.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.32.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

51.245.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.245.100.95.in-addr.arpa

IN PTR

Response

51.245.100.95.in-addr.arpa

IN PTR

a95-100-245-51deploystaticakamaitechnologiescom
DNS

79.196.59.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.196.59.37.in-addr.arpa

IN PTR

Response

79.196.59.37.in-addr.arpa

IN PTR

ip79ip-37-59-196eu
DNS

85.99.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

85.99.22.2.in-addr.arpa

IN PTR

Response

85.99.22.2.in-addr.arpa

IN PTR

a2-22-99-85deploystaticakamaitechnologiescom
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR

Response
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR
DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

56.163.245.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.163.245.4.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

181.129.81.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.129.81.91.in-addr.arpa

IN PTR

Response
DNS

cdn.jsdelivr.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.193.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.1.229
GET

https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

chrome.exe

Remote address:

151.101.193.229:443

Request

GET /npm/react-dom@18.2.0/umd/react-dom.production.min.js HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 18.2.0
x-jsd-version-type: version
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
content-encoding: br
accept-ranges: bytes
date: Tue, 17 Dec 2024 18:10:17 GMT
age: 3590287
x-served-by: cache-fra-etou8220058-FRA, cache-lon4238-LON
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44592
GET

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

chrome.exe

Remote address:

151.101.193.229:443

Request

GET /npm/react@18.2.0/umd/react.production.min.js HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://steamcommuntity.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 18.2.0
x-jsd-version-type: version
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
content-encoding: br
accept-ranges: bytes
date: Tue, 17 Dec 2024 18:10:17 GMT
age: 2967808
x-served-by: cache-fra-eddf8230159-FRA, cache-lon4238-LON
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4465
DNS

fonts.cdnfonts.com

chrome.exe

Remote address:

8.8.8.8:53

Request

fonts.cdnfonts.com

IN A

Response

fonts.cdnfonts.com

IN A

172.67.184.158

fonts.cdnfonts.com

IN A

104.21.72.124
GET

https://fonts.cdnfonts.com/css/motiva-sans?styles=101373,102902,102901,103845

chrome.exe

Remote address:

172.67.184.158:443

Request

GET /css/motiva-sans?styles=101373,102902,102901,103845 HTTP/2.0
host: fonts.cdnfonts.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 17 Dec 2024 18:10:17 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 37503
last-modified: Tue, 17 Dec 2024 07:45:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfevcmzoLq9634AF4%2FDxnMg4XNfSwnU3jfeOeqgGL4BsXqHDrwDXdnUXaD%2BNZJVf8gxqMHDE306Ml6uPAxxkIZ48tYr6crIzjFJfd8hnuFjsq74%2FnbCQwe2VMTtHH0BivYnJ3Jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8f38de7c7d1163e1-LHR
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=27324&min_rtt=26946&rtt_var=10374&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2894&recv_bytes=1146&delivery_rate=100719&cwnd=251&unsent_bytes=0&cid=e7d1e2861e1d6f59&ts=58&x=0"
DNS

community.cloudflare.steamstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

community.cloudflare.steamstatic.com

IN A

Response

community.cloudflare.steamstatic.com

IN A

104.18.42.105

community.cloudflare.steamstatic.com

IN A

172.64.145.151
DNS

community.akamai.steamstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

community.akamai.steamstatic.com

IN A

Response

community.akamai.steamstatic.com

IN A

88.221.134.240

community.akamai.steamstatic.com

IN A

88.221.134.216
GET

https://community.akamai.steamstatic.com/public/shared/images/joinsteam/new_login_bg_strong_mask.jpg

chrome.exe

Remote address:

88.221.134.240:443

Request

GET /public/shared/images/joinsteam/new_login_bg_strong_mask.jpg HTTP/1.1
Host: community.akamai.steamstatic.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: image/jpeg
Content-Length: 124529
Last-Modified: Wed, 24 Aug 2022 00:07:59 GMT
ETag: "63056bdf-1e671"
Accept-Ranges: bytes
Date: Tue, 17 Dec 2024 18:10:17 GMT
Connection: keep-alive
GET

https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png

chrome.exe

Remote address:

88.221.134.240:443

Request

GET /public/shared/images/responsive/header_logo.png HTTP/1.1
Host: community.akamai.steamstatic.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: image/png
Content-Length: 10863
Last-Modified: Fri, 05 Jan 2018 01:35:16 GMT
ETag: "5a4ed654-2a6f"
Accept-Ranges: bytes
Date: Tue, 17 Dec 2024 18:10:17 GMT
Connection: keep-alive
GET

https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

chrome.exe

Remote address:

88.221.134.240:443

Request

GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1
Host: community.akamai.steamstatic.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: image/png
Content-Length: 3777
Last-Modified: Fri, 22 Nov 2024 18:31:38 GMT
ETag: "6740ce0a-ec1"
Accept-Ranges: bytes
Date: Tue, 17 Dec 2024 18:10:17 GMT
Connection: keep-alive
DNS

229.193.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.193.101.151.in-addr.arpa

IN PTR

Response
DNS

158.184.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.184.67.172.in-addr.arpa

IN PTR

Response
DNS

240.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.134.221.88.in-addr.arpa

IN PTR

Response

240.134.221.88.in-addr.arpa

IN PTR

a88-221-134-240deploystaticakamaitechnologiescom
DNS

a.nel.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
DNS

a.nel.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY

chrome.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY HTTP/2.0
host: a.nel.cloudflare.com
origin: https://steamcommuntity.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://a.nel.cloudflare.com/report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY

chrome.exe

Remote address:

35.190.80.1:443

Request

POST /report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY HTTP/2.0
host: a.nel.cloudflare.com
content-length: 951
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

31.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

31.243.111.52.in-addr.arpa

IN PTR

Response
DNS

31.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

31.243.111.52.in-addr.arpa

IN PTR

Response
DNS

27.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.73.42.20.in-addr.arpa

IN PTR

Response

104.21.37.2:80

steamcommuntity.com

chrome.exe

190 B
132 B
4
3
104.21.37.2:80

steamcommuntity.com

chrome.exe

190 B
132 B
4
3
104.21.37.2:443

https://steamcommuntity.com/764e77542c5506025112084650425a0c5d44057c63465707270e5c5b4f00

tls, http2

chrome.exe

3.4kB
40.0kB
33
48

HTTP Request

GET https://steamcommuntity.com/activation=Tvc2Fh8mw1

HTTP Response

200

HTTP Request

POST https://steamcommuntity.com/764e77542c5506025112084650425a0c5d44057c63465707270e5c5b4f00

HTTP Response

201
216.58.214.170:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSIAm3c38ll--OhRIFDZFhlU4SBQ01hlQcIXUDyyfQPQBN?alt=proto

tls, http2

chrome.exe

2.4kB
7.2kB
20
21

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwniNdMRAushxhIFDcpVNukSBQ1nZ7P-EgUNccm79SEW0a8L4-LvxQ==?alt=proto

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSIAm3c38ll--OhRIFDZFhlU4SBQ01hlQcIXUDyyfQPQBN?alt=proto
104.17.24.14:443

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

tls, http2

chrome.exe

2.7kB
33.4kB
34
38

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

HTTP Response

200
172.64.145.151:443

store.cloudflare.steamstatic.com

tls

chrome.exe

892 B
2.7kB
6
4
172.64.145.151:443

store.cloudflare.steamstatic.com

tls

chrome.exe

938 B
2.8kB
7
5
172.64.145.151:443

https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1

tls, http2

chrome.exe

24.6kB
843.0kB
442
681

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/css/v6/store.css?v=5_pmjscCAXNy&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/css/promo/newstore2016.css?v=zveyQLrdu9JU&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/css/styles_about.css?v=KuY6YbIF4rkW&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=CG8Em6e-Ozq3&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/css/slick/slick.css?v=ZSVHTEnT3WNW&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/rellax/rellax.min.js?v=.KbIxshHXB6Um&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/slick/slick.js?v=.UvbXNQdQm-AJ&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/images/gift/steamcards_cards_02.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn.cloudflare.steamstatic.com/store//about/logo_steam.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016

HTTP Response

200

HTTP Request

GET https://cdn.cloudflare.steamstatic.com/store/about/icon-macos.svg

HTTP Response

200

HTTP Request

GET https://cdn.cloudflare.steamstatic.com/store/about/icon-steamos.svg

HTTP Request

GET https://cdn.cloudflare.steamstatic.com/store/about/icon-chromeos.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/images/popups/btn_arrow_down_padded.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg

HTTP Request

GET https://community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

HTTP Request

GET https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1

HTTP Response

200

HTTP Response

200

HTTP Response

200
172.64.145.151:443

store.cloudflare.steamstatic.com

tls, http2

chrome.exe

1.0kB
3.3kB
8
6
172.64.145.151:443

store.cloudflare.steamstatic.com

tls, http2

chrome.exe

1.0kB
3.3kB
8
6
172.64.145.151:443

store.cloudflare.steamstatic.com

tls, http2

chrome.exe

978 B
3.3kB
8
6
151.101.194.137:443

https://code.jquery.com/ui/1.11.3/jquery-ui.js

tls, http2

chrome.exe

4.2kB
122.4kB
69
97

HTTP Request

GET https://code.jquery.com/ui/1.11.3/jquery-ui.js

HTTP Response

200
95.100.245.51:443

https://store.steampowered.com/dynamicstore/saledata/?cc=BY

tls, http

chrome.exe

1.8kB
5.5kB
12
13

HTTP Request

GET https://store.steampowered.com/dynamicstore/saledata/?cc=BY

HTTP Response

200
37.59.196.79:443

https://kartinki.pics/pics/uploads/posts/2022-08/1661266219_32-kartinkin-net-p-zimnii-fon-v-stime-krasivo-34.jpg

tls, http2

chrome.exe

5.4kB
206.0kB
91
157

HTTP Request

GET https://kartinki.pics/pics/uploads/posts/2022-08/1661266219_32-kartinkin-net-p-zimnii-fon-v-stime-krasivo-34.jpg

HTTP Response

200
172.64.145.151:443

https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015

tls, http2

chrome.exe

12.8kB
637.5kB
245
470

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Bold.ttf?v=4.015

HTTP Request

GET https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
2.22.99.85:443

https://steamcommunity.com/favicon.ico

tls, http

chrome.exe

2.4kB
45.1kB
26
40

HTTP Request

GET https://steamcommunity.com/favicon.ico

HTTP Response

200
151.101.193.229:443

cdn.jsdelivr.net

tls

chrome.exe

1.0kB
5.5kB
9
10
151.101.193.229:443

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

tls, http2

chrome.exe

3.4kB
57.7kB
48
52

HTTP Request

GET https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

HTTP Request

GET https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

HTTP Response

200

HTTP Response

200
172.67.184.158:443

https://fonts.cdnfonts.com/css/motiva-sans?styles=101373,102902,102901,103845

tls, http2

chrome.exe

1.7kB
4.3kB
12
12

HTTP Request

GET https://fonts.cdnfonts.com/css/motiva-sans?styles=101373,102902,102901,103845

HTTP Response

200
88.221.134.240:443

https://community.akamai.steamstatic.com/public/shared/images/joinsteam/new_login_bg_strong_mask.jpg

tls, http

chrome.exe

3.9kB
133.6kB
56
103

HTTP Request

GET https://community.akamai.steamstatic.com/public/shared/images/joinsteam/new_login_bg_strong_mask.jpg

HTTP Response

200
88.221.134.240:443

https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png

tls, http

chrome.exe

1.9kB
16.4kB
14
20

HTTP Request

GET https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png

HTTP Response

200
88.221.134.240:443

https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

tls, http

chrome.exe

1.7kB
9.0kB
11
13

HTTP Request

GET https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

HTTP Response

200
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY

tls, http2

chrome.exe

3.2kB
4.8kB
16
17

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY

HTTP Request

POST https://a.nel.cloudflare.com/report/v4?s=kUpJcLyuEGy7gM1gY%2FYT4bweo5YfNpALu9pBdcAFkAjnOLEKxrrevShjDBDM1KJHlBgs1FvFxCfrGpVcHi6znEU9l0YXIfiv3hLACcxTglQd3%2BUbr5M0QAOaIu9GNAwxr2jHeeFY

8.8.8.8:53

steamcommuntity.com

dns

chrome.exe

65 B
97 B
1
1

DNS Request

steamcommuntity.com

DNS Response

104.21.37.2

172.67.201.163
104.21.37.2:443

steamcommuntity.com

https

chrome.exe

8.8kB
57.3kB
35
57
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
269 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

216.58.214.170

142.250.201.170

172.217.20.202

142.250.179.106

172.217.18.202

172.217.20.170

142.250.178.138

216.58.215.42

216.58.213.74

142.250.75.234

142.250.179.74

216.58.214.74
8.8.8.8:53

store.cloudflare.steamstatic.com

dns

chrome.exe

78 B
110 B
1
1

DNS Request

store.cloudflare.steamstatic.com

DNS Response

172.64.145.151

104.18.42.105
8.8.8.8:53

cdnjs.cloudflare.com

dns

chrome.exe

66 B
98 B
1
1

DNS Request

cdnjs.cloudflare.com

DNS Response

104.17.24.14

104.17.25.14
8.8.8.8:53

code.jquery.com

dns

chrome.exe

61 B
125 B
1
1

DNS Request

code.jquery.com

DNS Response

151.101.194.137

151.101.130.137

151.101.2.137

151.101.66.137
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

83.210.23.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

83.210.23.2.in-addr.arpa
8.8.8.8:53

2.37.21.104.in-addr.arpa

dns

70 B
132 B
1
1

DNS Request

2.37.21.104.in-addr.arpa
8.8.8.8:53

202.20.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

202.20.217.172.in-addr.arpa
8.8.8.8:53

170.214.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

170.214.58.216.in-addr.arpa
8.8.8.8:53

14.24.17.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

14.24.17.104.in-addr.arpa
8.8.8.8:53

151.145.64.172.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

151.145.64.172.in-addr.arpa
8.8.8.8:53

137.194.101.151.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

137.194.101.151.in-addr.arpa
8.8.8.8:53

cdn.cloudflare.steamstatic.com

dns

chrome.exe

76 B
108 B
1
1

DNS Request

cdn.cloudflare.steamstatic.com

DNS Response

104.18.42.105

172.64.145.151
8.8.8.8:53

store.steampowered.com

dns

chrome.exe

68 B
84 B
1
1

DNS Request

store.steampowered.com

DNS Response

95.100.245.51
8.8.8.8:53

kartinki.pics

dns

chrome.exe

59 B
75 B
1
1

DNS Request

kartinki.pics

DNS Response

37.59.196.79
8.8.8.8:53

steamcommunity.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

steamcommunity.com

DNS Response

2.22.99.85
8.8.8.8:53

76.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

76.32.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

51.245.100.95.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

51.245.100.95.in-addr.arpa
8.8.8.8:53

79.196.59.37.in-addr.arpa

dns

71 B
105 B
1
1

DNS Request

79.196.59.37.in-addr.arpa
8.8.8.8:53

85.99.22.2.in-addr.arpa

dns

69 B
131 B
1
1

DNS Request

85.99.22.2.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

196.249.167.52.in-addr.arpa

dns

146 B
147 B
2
1

DNS Request

196.249.167.52.in-addr.arpa

DNS Request

196.249.167.52.in-addr.arpa
8.8.8.8:53

228.249.119.40.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.249.119.40.in-addr.arpa
8.8.8.8:53

56.163.245.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

56.163.245.4.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

181.129.81.91.in-addr.arpa

dns

72 B
147 B
1
1

DNS Request

181.129.81.91.in-addr.arpa
104.21.37.2:443

steamcommuntity.com

https

chrome.exe

8.7kB
63.2kB
38
65
8.8.8.8:53

cdn.jsdelivr.net

dns

chrome.exe

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.193.229

151.101.65.229

151.101.129.229

151.101.1.229
8.8.8.8:53

fonts.cdnfonts.com

dns

chrome.exe

64 B
96 B
1
1

DNS Request

fonts.cdnfonts.com

DNS Response

172.67.184.158

104.21.72.124
8.8.8.8:53

community.cloudflare.steamstatic.com

dns

chrome.exe

82 B
114 B
1
1

DNS Request

community.cloudflare.steamstatic.com

DNS Response

104.18.42.105

172.64.145.151
8.8.8.8:53

community.akamai.steamstatic.com

dns

chrome.exe

78 B
110 B
1
1

DNS Request

community.akamai.steamstatic.com

DNS Response

88.221.134.240

88.221.134.216
172.67.184.158:443

fonts.cdnfonts.com

https

chrome.exe

7.0kB
159.8kB
62
139
8.8.8.8:53

229.193.101.151.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

229.193.101.151.in-addr.arpa
8.8.8.8:53

158.184.67.172.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

158.184.67.172.in-addr.arpa
216.58.214.170:443

content-autofill.googleapis.com

https

chrome.exe

2.9kB
6.5kB
5
8
8.8.8.8:53

240.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

240.134.221.88.in-addr.arpa
8.8.8.8:53

a.nel.cloudflare.com

dns

chrome.exe

132 B
164 B
2
2

DNS Request

a.nel.cloudflare.com

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1

DNS Response

35.190.80.1
35.190.80.1:443

a.nel.cloudflare.com

https

chrome.exe

1.6kB
3.9kB
4
6
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

148 B
256 B
2
2

DNS Request

172.210.232.199.in-addr.arpa

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

31.243.111.52.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

31.243.111.52.in-addr.arpa

DNS Request

31.243.111.52.in-addr.arpa
8.8.8.8:53

27.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

27.73.42.20.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d42b734320c1d84b5d10926b92ed6ae0

SHA1
223f47f99d200ee2cab2680d791e013d44cdd392

SHA256
0d69d11b2c337b436a6843f5efa5ccc15ce2a573f378b4fa8749918ca50ee380

SHA512
21fac17f92801c0d8926c754df356109a9203782b99e41d885e4b718a06efe21a477e117a22a99be4996573fed96c02237d5e6a71636c4e211aa9acae19649b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
c0ba2b4f61f9c039b11c061797ec2872

SHA1
4d8d6b9a61ecbd27237938726fd4578f92e3a150

SHA256
a973043cc425485ac18555ca3a48b4c9a727de987b3bc05c5c3537da1cf2445a

SHA512
54e7266929616ebc182bb4bee24305742fd46c377d803311733e780866cb5292725db3d6a2a4d92481ceb7a30196748694deea7d03cf3a99c0933faa8d3e088f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
3c2338d39c2206ed9bdfee76fcdba543

SHA1
6d43a28318a881114576dd0a833fc9388fc42967

SHA256
7c62e1e777b85980e1a1a5fe0ede41b2120bc5f0208ab1ae828a4ad19f89b563

SHA512
10210ca94d0dc1747be65dd52f06a1d8d5be9e688f335508f1192e2b34981cdebd2f26469fba04bd927b4e565df6f71da51a33f78ac54fdafad84ecfd37e2abf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7779ef2a21967c41945ad3727a7a55c3

SHA1
7509a2f90d5663d7b9d4e00b49c3bbf3cb98195b

SHA256
80d5402b3d43e58f811bf2ae23504fe0a5d5eb9e7092e651ea364b2ee1c392b3

SHA512
9d40cdefe84b93783168f309729313e7bb2e139647a3d9b29b194f80566c2550b0f5a04800de729823d9d1a9f359b19743432e1c1dc4aa0105633282bc61f8a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c44756c77f31a4f3c57dee52d1975d23

SHA1
243aa1b7972767a5cb53f9b373d4ed02571baa8f

SHA256
330091bc9caaaa5c6edb7de5f746e0e0e27f92135af5d77ad3b915e03510e2f3

SHA512
9053212b83148b52b90d6ccb5d35297ad9cb7995391b511b28b6456786021c34a1772c87480473927ac84d799743fcf26b048c17f4ca4d65bb85f521ad8a46ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
083e46c1cfa7455d2e0ea0fbba6d9e83

SHA1
5413443e2c288814358e351159d6f8dabeefeb67

SHA256
8f69b23aa1aae83c868ecca9ae0fbcb358667f6c8f44aa6e98888ef88d04de01

SHA512
ace06e044d83b529557ee6bfa13bfc6421a8e2bb5ab53e5235acc97f4209634e46743f49ff26fbdeeaa2fcb4cfb9a05eb540cdc31ee7f99141374417cb52773b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4a0be3991b432bffccaefe98dec63282

SHA1
a5ae8d974d150809be2b5cb61accbee7c5bae001

SHA256
48ce719394c840f501eb26f60a57fdc2dd689a8e1a6488810df0a9d3c1e2e9e1

SHA512
e5063129cdeb1f85a849530c50791abd0682ace19089619b133771584a7df58aad2791ce461f5d3d156c42ec5e8c602d021cd23de3e8762dfec97aafd259c31b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0d4889cdda525505baf8400c207ebcd1

SHA1
05d01b71b7abf4c13685849165e74db4093eec85

SHA256
0757dac00560af4454a2dc5aa14d5f03862531a34edfcbb1d715c77d341da685

SHA512
c2eb5764aa2d8e477d77430219159abe6b3485b94849734c8f46e585ca155bf44cf4a008849d534d90966fdd88bb45d336fde9609e731e3b1c4183da75f2cc6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6f9a84f773b17f054023daf359a631c0

SHA1
03c1ae88e0ffb0b84617a8920192dcb296022c54

SHA256
25ede4faf1a223813a99390c7739365d696aac25822e4fcbf564b21603c60789

SHA512
9510daa47de6249b707e550169a2c441acf3f44b6d58aa40bbe081413d40f1dbb05a0d2968626cd9b2b9e279e5b919931ec8b5d1049f4815a73ceb4209e44894

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
55ea68d7956cab0c39cff7ac4ea82254

SHA1
af9d5c15ea9f98411b7432b50a93cb53c5998714

SHA256
29d4830c25407d36fa4250868ba4e66aab717ff4a9e77a18ed151da951c14c4c

SHA512
52bd464ab02d5f6d0478373250a0528d7ff363c86a93a1e9792ba2464b3a99f4ba49ad41902ac03d3b4b7018a5e5e02410c16acc8dfd03c943ec99f311f8346c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7aa681054ee1d8eb6c6296d1733c24c8

SHA1
e78882d4eda27c688f233bae461003835ca8da7d

SHA256
db7c63c3cc8aa95a44570809f95917844d78c176f250baf7a3a4370947adda1b

SHA512
e082ba5509908b9cafbac9a7e5f3eedcd8d9aefb1fad0aff672a3ed3829135a35d33663a31202dd7e39c120e252f6ae4e0c2987cc6691d22fd2f41dd3e939ba0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c283bcbc028f3b0843464dc77b2fcc7b

SHA1
a1ca5a8ddeec3608c04c27ad24375829d538269a

SHA256
16271d4a0113a62f95632a62d4e2c74fc9865fcdde40d6a8caac25e4a2bdc40b

SHA512
4b3279f1231370fdb719e455b2eed89e73d552d92e4c927c29490fbc2140f2beb9092e601dc84f67d4ad225007acf0f9316bd326c09ccf53d3b88295dfcb79b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0feea7522f6d66a636ca837fa9b7d3b6

SHA1
465fb7b369aede6c4e09316c1d74d9a91a61eb16

SHA256
82fb10830c20036832751c637a8f7ba0d04d0f677c2f1c3466bcfe807ebfb797

SHA512
c4fd036b2a00da6049cb6094e42fec745985241ced22b2075340b6613d807161f7c148adbbd0f21fd97ccec4236218354ef62396102cb36128af5d499a6ed823

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
731b88b09408664805e729e47aa7eed3

SHA1
e1e7dcb789feb7a97a7700515c115e34ef5e3269

SHA256
91eb56830da87caf763d936506915170011fa1b35e7700d9bc15cb6f1763b406

SHA512
766c6ffd9c05a47f232869d85258bf53c4de5ae76f16d70fc9af65973e1a8005fb149b0fe3e536e7db2ccad58ccfc1c28bd9ea8cdd9136d21bc2c8228dcfbe46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
911da972f80d5d546739d7304e998b1e

SHA1
eeef77af4ae36ed1c9925701efb11a8e339d5913

SHA256
a05f7fa5f545b26d282a62040e44728602263241178658be6685fd79b70e19a1

SHA512
f7430bd9fab6a15b8ca9cadfc4b4c39e70f8917a8c8e39ea05f40fb9a3b8d5e0d45e119d75f95be714d3a0488051f1ef6d74c12ee3f9c26c3479be2946c17bd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
4a5729fcac28a3c8268dc3d537ff828c

SHA1
bafdf15f4e3f890081eb48d8655281910f3c6cf1

SHA256
7450dc33668cd7913652aa08b53313d2aa5ea7ac24c7dcc63a772555c334e977

SHA512
a8fde4ef8fa2d23877040560985509eaa89ab05fa5ac7d90861359168efbaee8ca61f34a24f8accee490b49270e84099c2433cd01843f7bde5898d18ebdc38f3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response