Report - steam-gifts.cfd/id=478419359

Report Overview

Visited public
2025-04-25 09:49:48
Tags
URL
steam-gifts.cfd/id=478419359
Finishing URL
steam-gifts.cfd/id=478419359
IP / ASN
172.67.222.231
#13335 CLOUDFLARENET
Title
Steam Gift Activation

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

106

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
store.cloudflare.steamstatic.com	28379	2013-11-07	2020-06-20	2025-04-23	15 kB	1.7 MB	104.18.42.105
code.jquery.com	634	2005-12-10	2012-05-21	2025-04-23	6.1 kB	7.5 MB	151.101.66.137
cdn.cloudflare.steamstatic.com	9505	2013-11-07	2020-06-12	2025-04-24	1.7 kB	7.1 kB	104.18.42.105
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-04-23	6.4 kB	1.4 MB	104.17.25.14
cdn.akamai.steamstatic.com	8614	2013-11-07	2014-04-02	2025-04-19	482 B	504 kB	95.101.10.59
i.imgur.com	5110	2009-01-09	2012-05-21	2025-04-24	385 B	3.4 MB	199.232.192.193
store.steampowered.com	6378	2000-08-09	2012-05-22	2025-04-22	421 B	452 B	184.24.45.71
steam-gifts.cfd	unknown	2025-04-19	2025-04-23	2025-04-23	52 kB	212 kB	104.21.46.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-04-23	medium	steam-gifts.cfd/id=478419359	Steam

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed
2025-04-25	medium	steam-gifts.cfd	Sinkholed

ThreatFox

No alerts detected

JavaScript (45)

	URL	From	Size	First Seen	Last Seen
	store.cloudflare.steamstatic.com/public/javascript/rellax/rellax.min.js?v=.KbIxshHXB6Um&_cdn=cloudflare	ScriptElement	3.5 kB	2023-03-09	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/javascript/rellax/rellax.min.js?v=.KbIxshHXB6Um&_cdn=cloudflare IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:37 Last Seen2025-05-05 16:02 Times Seen973 Hash fc9959a1d329e83b76f447a817e2d974 8cd3b4f592057f4999e325aae48b48ce6ac72e05 5617dae33f066bd9a2bc7f8567481e69fa5b4cec817975e2477db0354d3109ca Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare	ScriptElement	90 kB	2025-03-26	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-26 19:01 Last Seen2025-05-05 16:02 Times Seen289 Hash a7fe9657cb2146ae9baa78e057565188 156dd1e295e0edc29e5dd29a88072837e4e5e836 c09162ea223934810c124eae0509a55055554a9874c1cbf3b93f62fee76112d4 Loading...

	store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare	ScriptElement	24 kB	2025-04-23	2025-05-06
Pretty URL store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 11:43 Last Seen2025-05-06 12:24 Times Seen49 Hash 92802728fc7ba467219c7249515c6e01 fdacaaecc8518d17cfde0bf866a0b7d1644123f4 85d3eba59839e1a2eaa49a39d6a0bc8f01f4a1cac8bcc909484a0247d01539b6 Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	store.cloudflare.steamstatic.com/public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare	ScriptElement	2.1 kB	2024-11-25	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-25 11:09 Last Seen2025-05-05 16:02 Times Seen345 Hash 6103fe77a3657bf73d7c44a0fff4051f de925abaab475be75a8ab890d686c81cf687b7bc dd87178fa21a4c30e10603dcefc64b59b69a709baa707c25b24179ef7201a5ce Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	steam-gifts.cfd/id=478419359	ScriptElement	19 kB	2025-04-01	2025-04-26
Pretty URL steam-gifts.cfd/id=478419359 IP 104.21.46.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-01 11:06 Last Seen2025-04-26 13:37 Times Seen334 Hash deceb32e81b6831364d45089222af024 dac04f1f27cd89de5971f357e04bcc66d2e18b0c 10e5527f5fb515a4e685d988625f5fbb6d0064fcc3451fc642c619e494ad2c7c Loading...

	store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare	ScriptElement	94 kB	2023-03-07	2025-05-07
Pretty URL store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:13 Times Seen15888 Hash e1288116312e4728f98923c79b034b67 8b6babff47b8a9793f37036fd1b1a3ad41d38423 ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	steam-gifts.cfd/27417c007455500d5e515c19.js	ScriptElement	53 kB	2025-04-01	2025-04-26
Pretty URL steam-gifts.cfd/27417c007455500d5e515c19.js IP 104.21.46.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 11:06 Last Seen2025-04-26 17:18 Times Seen310 Hash 92f164c88165af00e4db19d115595bc3 d5e35fa24e72bc5aa9c9da8d104c8dc57407fd21 71485d337610ba7c2481c2bb24bff97c51746fb81ea21dd10574769f248ea66d Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare	ScriptElement	155 kB	2025-04-23	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 11:43 Last Seen2025-05-05 16:02 Times Seen43 Hash 63a0c713fc8e628a11e146e171d35342 c79ef49feb5e30a4243fc095d08efdb9ffb63c1c 4bdb9821d8b625312013e322ab4d68023c7dca3b62c1213d3da792baae6545b3 Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	store.cloudflare.steamstatic.com/public/javascript/slick/slick.js?v=.UvbXNQdQm-AJ&_cdn=cloudflare	ScriptElement	70 kB	2023-06-11	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/javascript/slick/slick.js?v=.UvbXNQdQm-AJ&_cdn=cloudflare IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-11 05:59 Last Seen2025-05-05 16:02 Times Seen981 Hash 9003ce006332652ca6790949af7c4c9d a7a2fe3a7f0064ba259862d9a5aa0907a7babd23 57d77c8ca1ef7313363b200848555760678e8e85cf356248f5c67180212022c5 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	store.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare	ScriptElement	163 kB	2023-10-31	2025-05-06
Pretty URL store.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 01:09 Last Seen2025-05-06 12:24 Times Seen347 Hash 9e92449419eb10ee96c56d803d2baa43 5a2be7055866b8f35bd852d466ff590251a56d89 a655fc19da796630bcf37112ccf749898e98c99e1b25bccef0bf3573665195e5 Loading...

	store.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider	ScriptElement	87 kB	2024-12-13	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 15:16 Last Seen2025-05-05 16:02 Times Seen919 Hash 973ffdf6f722db9bb1e350b4c673f365 a6c7d4331056cd37569fac3ee5f4b4e0e09b38cb 658b209483f3b09ceabfab105ce9f15078138d646ca0e9abee2033606c852b19 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	store.cloudflare.steamstatic.com/public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare	ScriptElement	88 kB	2025-03-26	2025-05-05
Pretty URL store.cloudflare.steamstatic.com/public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-26 19:01 Last Seen2025-05-05 16:02 Times Seen308 Hash 6dfb6ecb91dc490d3825a1368562c673 c682c47d5eadbc9aa5f47d0b20811abf8ccc3ca6 d79540eba04cc756955bf834f3fa3442fbd07f0d74dd10f1e46d192c2555424e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare	ScriptElement	16 kB	2023-06-14	2025-05-06
Pretty URL store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare IP 104.18.42.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 14:53 Last Seen2025-05-06 12:24 Times Seen1048 Hash 418913e1e4b999b4cd1bea5e58a936b9 bc993c5681e7cb1c8cdc7c0197a2773dc65dae34 fff60b03eee68665bbea99748e01971b5dbf59bc249435f03291105adf03e632 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 03:58 Times Seen67924 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	ScriptElement	470 kB	2023-03-07	2025-05-05
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-05 16:50 Times Seen2478 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

HTTP Transactions (123)

URL IP Response Size

steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d

104.21.46.25

201 Created

53 kB

URL POST
steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/id=478419359
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (344)
Size
53 kB (52940 bytes)
Hash
bf5c89c323dc37f8044d743b0fcce60f
183d48eabd5e5ca856163e8a74c0c58152683422
975c32049bfd7d561e483ab13b3441034d712a0175d12419c3999ac73c688696

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /27417c007455500d54100a2504060901085f04505d HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 59
Origin: null
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 201 Created
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-ray: 935cee0f2f31eb55-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/9dcb280aa613cb7d8b7552195a95650023da51deadaa.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/9dcb280aa613cb7d8b7552195a95650023da51deadaa.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d326356900e57e356e160780b677a415223cd6872be/9dcb280aa613cb7d8b7552195a95650023da51deadaa.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5usZ%2BX7HEZ7g7CewwIGCVQbjB4MNsswnuHmtd3LX6gZ6SUHG42qmpFhvW%2Bcyfb2x45P74uW8ml9pZbR2Mvrfsynyun5jLF7SnQ6J4VSbg%2BfvIxQFxXkEFDT69BeOpVV6hyI%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11ac1eebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34335&min_rtt=25624&rtt_var=10248&sent=134&recv=71&lost=0&retrans=0&sent_bytes=53727&recv_bytes=33340&delivery_rate=240565&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=861&x=16"

store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare

104.18.42.105

200 OK

94 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (65482), with CRLF line terminators
Size
94 kB (93637 bytes)
Hash
e1288116312e4728f98923c79b034b67
8b6babff47b8a9793f37036fd1b1a3ad41d38423
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

HTTP Headers

GET /public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 33382
cf-ray: 935cee1228f0b4ed-OSL
server: cloudflare
cache-control: public,max-age=15552000
expires: Mon, 21 Apr 2025 15:04:55 GMT
etag: ".TZ2NKhB-nliU"
last-modified: Wed, 28 Jun 2023 04:07:11 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: HIT
cf-cache-status: HIT
age: 15491067
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

2.1 kB

URL GET
store.cloudflare.steamstatic.com/public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text
Size
2.1 kB (2097 bytes)
Hash
6103fe77a3657bf73d7c44a0fff4051f
de925abaab475be75a8ab890d686c81cf687b7bc
dd87178fa21a4c30e10603dcefc64b59b69a709baa707c25b24179ef7201a5ce

HTTP Headers

GET /public/javascript/about.js?v=T9HhtJ81mJgN&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 815
cf-ray: 935cee123908b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "YQP-d6Nle_c9"
x-integrity: "sha384-6iKZQfIqMwlFilSrpE9FQ/C37ngUlZaj5K+wixaU9hXEtTILpMq3ypp4/8Gyx9E1"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571468
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1435
x-timer: S1745574564.350701,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/b13812e68b72bf91c05ce98f28d46706f895d8159611.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/b13812e68b72bf91c05ce98f28d46706f895d8159611.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f308b840ae623441b7e93535ba86d8bee0a743878f79/b13812e68b72bf91c05ce98f28d46706f895d8159611.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ox0odOAaSBRrWGwlvvlBelaTCrjTLIdIWoyZs7PUiIVl8hMEmfRBaQN7V25w1p1RJToNPmqEWQM%2FtOX90lHLbaa3UaeLPmh6MtWoTT9UYgec9zedfNDk7iN9nx7vGpw%2Fgsc%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: STALE
age: 718
cf-ray: 935cee115beaebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34003&min_rtt=27642&rtt_var=7643&sent=101&recv=68&lost=0&retrans=0&sent_bytes=37692&recv_bytes=33203&delivery_rate=306706&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=819&x=16"

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:23 GMT
age: 2571468
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1431
x-timer: S1745574564.699666,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/1ea95b1955f23776a837464caf842f6ea21a73b5a0df.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/1ea95b1955f23776a837464caf842f6ea21a73b5a0df.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/1ea95b1955f23776a837464caf842f6ea21a73b5a0df.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LoMjfb%2Bs9OKnb%2F6HgTdpmSv6qCnJ947LINXAyamVSt810JTeIatHGiZcZtCNv1qIh0cdYvXcWn7wP%2F%2BgvevEaHiF%2FLN753SsCAFURUxuk988cjw3eUoNi%2BENpB2RhG0zwnA%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee116bf5ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34003&min_rtt=27642&rtt_var=7643&sent=106&recv=68&lost=0&retrans=0&sent_bytes=40441&recv_bytes=33203&delivery_rate=306706&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=826&x=16"

store.cloudflare.steamstatic.com/public/css/slick/slick.css?v=ZSVHTEnT3WNW&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

1.7 kB

URL GET
store.cloudflare.steamstatic.com/public/css/slick/slick.css?v=ZSVHTEnT3WNW&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text
Size
1.7 kB (1724 bytes)
Hash
baa886765d74b8c259e6519baead32bd
be439b85f12aa93d268e41622abbf3cbe57c22b7
56aa5c51f7c443f6655da210f0264c48772661d4527a873608324585483a7075

HTTP Headers

GET /public/css/slick/slick.css?v=ZSVHTEnT3WNW&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:22 GMT
content-type: text/css;charset=UTF-8
content-length: 594
cf-ray: 935cee1228eab4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "uqiGdl10uMJZ"
x-integrity: "sha384-r2s/exMbJhA9azjy5zpNyjK0NrIbLCgbdH4OqRFHdi3+iOxt/48h3T22CHRln6Ix"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

90 kB

URL GET
store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
90 kB (90332 bytes)
Hash
a7fe9657cb2146ae9baa78e057565188
156dd1e295e0edc29e5dd29a88072837e4e5e836
c09162ea223934810c124eae0509a55055554a9874c1cbf3b93f62fee76112d4

HTTP Headers

GET /public/javascript/dynamicstore.js?v=OzwSXx1UJWs8&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 23886
cf-ray: 935cee1228ffb4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "p_6WV8shRq6b"
x-integrity: "sha384-eAXVC2lfQvv+58wRUmjA0t0qd1NVJbXr3Mv8QthCHePdoxi0o1SYYL2F6BfWblzz"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/store/about/icon-steamos.svg

104.18.42.105

200 OK

1.2 kB

URL GET
cdn.cloudflare.steamstatic.com/store/about/icon-steamos.svg
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1223 bytes)
Hash
f40a10b31b66814a8310af480adcf798
966e6c5b4f9c1eb8dc6c2554491e0dc574c70687
461851729579abba20d60c33530d3d03ab7b2ea28d532af6df09a91e15ff52cf

HTTP Headers

GET /store/about/icon-steamos.svg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 935cee12a9e6b4ed-OSL
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-4c7"
cf-cache-status: HIT
age: 5694
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015

104.18.42.105

200 OK

119 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansThin4.015;Plau;MotivaSans-T
Size
119 kB (118736 bytes)
Hash
ce6bda6643b662a41b9fb570bdf72f83
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

HTTP Headers

GET /public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam-gifts.cfd
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: application/octet-stream
content-length: 118736
cf-ray: 935cee28dc47b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1cfd0"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/1e6007a432299bbd75e40c29c8d15ec01302da2bfc77.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/1e6007a432299bbd75e40c29c8d15ec01302da2bfc77.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/1e6007a432299bbd75e40c29c8d15ec01302da2bfc77.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFszucucmV2Z37c%2FECiennA76weuR8wlmgjRTia5SclgkgRP4xigKRpBoSxCLpEibgNpLgo5i%2Fpx2dcplgrcYdjFNBhl2uvNRmZsZCEzEGmpRS6WTGdy%2BG1E2mjheNqvVOw%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
age: 717
cache-control: max-age=14400
cf-cache-status: STALE
cf-ray: 935cee112bd0ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=80&recv=66&lost=0&retrans=0&sent_bytes=18405&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=783&x=16"

steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/60624dc019a4f57056bdb6788ff2b9fed015045227dc.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/60624dc019a4f57056bdb6788ff2b9fed015045227dc.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f308b840ae623441b7e93535ba86d8bee0a743878f79/60624dc019a4f57056bdb6788ff2b9fed015045227dc.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cpRxmMIqQ%2BoTnVcQ06YuFLAqk8wDaVgcf%2BJdqKwnXd%2Fe9dwyfWjaFVA9tDiMFXmTRqWc4maYR%2FH2DFDBjc2GYH0Sa1rkTrDTPra4DnoMnNhwmlrf01jwVWbgdDOzu%2FYXEE%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee114bdeebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=75&recv=66&lost=0&retrans=0&sent_bytes=15655&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=775&x=16"

steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/692c24f8aec0ac70bd519fa51c61cb381499d5073919.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/692c24f8aec0ac70bd519fa51c61cb381499d5073919.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/692c24f8aec0ac70bd519fa51c61cb381499d5073919.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3gmBqySuSMiNjX3hEIgBsUzXaH7sDmLZQxm9K72NEoTwmOev%2BeRKEGQJ8CinRPG0Lf5u%2BnFhwzs0kiHo5pGvev0HOSkoYZmj3%2FbQYtb%2BJ%2FqpWMK1Y7%2Bz%2BUDcb1K0rlLxsE%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11ac23ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34335&min_rtt=25624&rtt_var=10248&sent=131&recv=71&lost=0&retrans=0&sent_bytes=52118&recv_bytes=33340&delivery_rate=240565&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=859&x=16"

store.cloudflare.steamstatic.com/public/images/footerLogo_valve_new.png

104.18.42.105

200 OK

2.6 kB

URL GET
store.cloudflare.steamstatic.com/public/images/footerLogo_valve_new.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2584 bytes)
Hash
86a9ccc0b872f22006a48bc6c2500f4e
0edccf2cbc869816135c6ff4c3eee0c49d0f41c1
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc

HTTP Headers

GET /public/images/footerLogo_valve_new.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 2584
cf-ray: 935cee124947b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:18 GMT
etag: "649bb1f6-a18"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 5894
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee1ecb740b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYZLJcz1cMMedEQd6%2FDqyDE7aQwpsBa1p5PQdj6IF%2F%2FYF1LRQczxd5ZvDQgrsQXqIV3Bw8cRKBlTMuWWVpG3Pu36GXWwH%2FhypofEKrNPX2eAvhmsJDwG0DL2k3y%2BtvNSkOICXMb3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/0fb4b83e318d364bee7ca5f4289f9aab836890698b15.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/0fb4b83e318d364bee7ca5f4289f9aab836890698b15.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/0fb4b83e318d364bee7ca5f4289f9aab836890698b15.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozZy9qOxrcbNbTXFsg7awkLHXKP3mM%2BrkeYjzts2H1Ps9y%2BQRucbDF%2FgjNmhD70EieaXUodxWaldrnaDOpdyfk3wLhP4ejDy64RCETwbsPTMsY%2BfTOF7QYyM8wNCsU5gaJg%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee118c09ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36684&min_rtt=27642&rtt_var=11094&sent=107&recv=69&lost=0&retrans=0&sent_bytes=41233&recv_bytes=33248&delivery_rate=390633&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=829&x=16"

store.cloudflare.steamstatic.com/public/images/ico/ico_twitter.png

104.18.42.105

200 OK

1.4 kB

URL GET
store.cloudflare.steamstatic.com/public/images/ico/ico_twitter.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1430 bytes)
Hash
afc159fe5f0f26fa7282505da9887cc3
c1cd55380c2af435876989f94e8b0715042c2ade
4be942a34871dd6f8f14b43d27c31b049be7f6544c05685d4f35abdd329de176

HTTP Headers

GET /public/images/ico/ico_twitter.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 1430
cf-ray: 935cee1289b2b4ed-OSL
server: cloudflare
last-modified: Wed, 06 Dec 2023 00:00:29 GMT
etag: "656fb99d-596"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/bf46a5696d2e42abba3747503ffc32ab2c8bfa48dbaf/05ff1b818f92d0bc1c8ff2529fe2d5d6fbe530cbe14d.js

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/bf46a5696d2e42abba3747503ffc32ab2c8bfa48dbaf/05ff1b818f92d0bc1c8ff2529fe2d5d6fbe530cbe14d.js
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bf46a5696d2e42abba3747503ffc32ab2c8bfa48dbaf/05ff1b818f92d0bc1c8ff2529fe2d5d6fbe530cbe14d.js HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvn9OIZ9Y5XQDCPX7XCp5Lat9JV8xHfUHfXh%2Fn04lfKhsFHO%2FIOEI8O2Rd1Pulyng1HqPvfyR9diVSN9aYkzqSwCl7osKmx2%2FmM8GiTeSCUl0wqtoyPuHMEDszyc1gV7xtk%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee1bf97bebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27690&min_rtt=22645&rtt_var=5373&sent=156&recv=86&lost=0&retrans=0&sent_bytes=60719&recv_bytes=36011&delivery_rate=35988&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=2510&x=16"

steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/558e884b5aaec2f05f70622f00d7aca85777388b931e.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/558e884b5aaec2f05f70622f00d7aca85777388b931e.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f308b840ae623441b7e93535ba86d8bee0a743878f79/558e884b5aaec2f05f70622f00d7aca85777388b931e.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt8lXaAAsQ3xwcSqwKCG9YRxfyZv3ZWWJ9HSGVyCDJ3HlQALOgBhA5bZ2XoZlk%2Bu28RC83%2B4OJkia%2FjrruO2GuVnaI9a3aOzYYbs4bpuoJ3F9ZvRUT2w4kKvQH8piaVRUkc%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: STALE
age: 718
cf-ray: 935cee114bd8ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33693&min_rtt=27642&rtt_var=9364&sent=91&recv=67&lost=0&retrans=0&sent_bytes=29239&recv_bytes=33157&delivery_rate=56725&cwnd=14400&unsent_bytes=0&cid=0fe395943a681c51&ts=800&x=16"

store.cloudflare.steamstatic.com/public/css/v6/store.css?v=5_pmjscCAXNy&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

129 kB

URL GET
store.cloudflare.steamstatic.com/public/css/v6/store.css?v=5_pmjscCAXNy&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text, with very long lines (391)
Size
129 kB (129395 bytes)
Hash
d1dcf7a26bb9f96d26d5550a9c1e5184
b019d0455ceac7ed2c27b14b6913063bbdf32989
03a6ce811e8486d31d315c663b9774bfe13e0fcb323a3a04671538cbc5a778bb

HTTP Headers

GET /public/css/v6/store.css?v=5_pmjscCAXNy&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:22 GMT
content-type: text/css;charset=UTF-8
content-length: 30051
cf-ray: 935cee125952b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "0dz3omu5-W0m"
x-integrity: "sha384-gcSRgbRl/W5mK+RS82Bifs1PALqSRkPWqzrX/1MVgxm8iPbL9Y74UV+4C4didgvg"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4d78b8124b3d69904910ac3446cb82a448401ca76375.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4d78b8124b3d69904910ac3446cb82a448401ca76375.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /33c3b641d00426137cb389ab0ecb86a62a596a227020/4d78b8124b3d69904910ac3446cb82a448401ca76375.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylF1m98r2f5ws216aTtppFN615fifz1EZ2n%2BimtxEamoiwtS%2Fk0M9FMJa3UjA4qs%2FLWD2Sq1hsUP7si4Ika1oBeVj1oGo%2FqL%2BJ3P8yhS166%2FPpL6tkJST1oKkCl%2FZOC0zJY%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee10dba6ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31030&min_rtt=27642&rtt_var=11365&sent=65&recv=63&lost=0&retrans=0&sent_bytes=9120&recv_bytes=32978&delivery_rate=185&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=725&x=16"

steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/aa06ed99258189bc25a5f06589f6cd8cd349b2a7698b.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/aa06ed99258189bc25a5f06589f6cd8cd349b2a7698b.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /33c3b641d00426137cb389ab0ecb86a62a596a227020/aa06ed99258189bc25a5f06589f6cd8cd349b2a7698b.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbWzbcdm9yb6I82X4Xeo4el9WVke1VUEW5LVj5zXtkbUHsvrOrbJaGDLz6aQck5NqUU6il7P4ggYJuF5jdAxvJKLXtIqX25EUnp9WKSBmvzknJrJjWjJ5GR6zfcalKYDICw%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee10fbb7ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32177&min_rtt=27642&rtt_var=8264&sent=68&recv=65&lost=0&retrans=0&sent_bytes=11952&recv_bytes=33067&delivery_rate=72315&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=755&x=16"

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:23 GMT
age: 2571468
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1432
x-timer: S1745574564.874859,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571469
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1439
x-timer: S1745574565.964458,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

88 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text, with very long lines (1819)
Size
88 kB (88162 bytes)
Hash
60923cf3e9d6939285a441252888ee50
1a73e20979967a195297e374d3cac53d09656263
a7d6bba4b46a63b2143e6859964ed98a0aadbe119beefe9e2933c6d195071f02

HTTP Headers

GET /public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:22 GMT
content-type: text/css;charset=UTF-8
content-length: 22681
cf-ray: 935cee124944b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "YJI88-nWk5KF"
x-integrity: "sha384-a/TVvvtx0PrHcUSWtiQmMdUcn+gQFqkVaXK0ttoavoqscWgjZogQO2TaB4AKuyZm"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee12c8f95697-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66393
expires: Wed, 15 Apr 2026 09:49:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7RsGPlUzECLEAh9lto5qTAQCdutCYq55Ut%2FEZ%2BOzgJYiSrXVkcoSMghCPPidoJAZb5EtdxlHOxcrriB5KtdXOWgmQr18EbsHn18VgLGS%2BKsh00dwg9EqStYfoibFmGHANNK%2BT9f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/store/about/icon-chromeos.svg

104.18.42.105

200 OK

922 B

URL GET
cdn.cloudflare.steamstatic.com/store/about/icon-chromeos.svg
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
SVG Scalable Vector Graphics image
Size
922 B (922 bytes)
Hash
a206062481949321a8191bcefc62c1cd
afe5a283be63c9bd124af1bb9d88a3328759cbe3
f4e1aa6e2128b6ea4609d99e768454da845a41a838da677a9fa4b4410d296cbf

HTTP Headers

GET /store/about/icon-chromeos.svg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 935cee12a9e4b4ed-OSL
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-39a"
cf-cache-status: HIT
age: 5694
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571469
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1438
x-timer: S1745574565.814838,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee2799bf0b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66397
expires: Wed, 15 Apr 2026 09:49:25 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FECJ2o4IcJOHFVeZxVObiwRP7TVCyBzcrGS2OM%2B3F7GsbWieH2i0jnN1G4jwIuP0mlf4M3Tz4rUfa2YooR%2FDbn%2B8VSTIkCaWSoZcL9YlEKHmU1B7fDX00SdZoMZhQHgHyoPtUahb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/27417c00745550025f5b4d12150377664c167a212807.woff2

104.21.46.25

200 OK

29 kB

URL GET
steam-gifts.cfd/27417c00745550025f5b4d12150377664c167a212807.woff2
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29104, version 0.0
Size
29 kB (29104 bytes)
Hash
38a35c7070979fb4c845de40cada43c5
b0f804f348b746449e6589b92dff685509737dad
fcff4301dc083af2be2b990bb6485e9e06ce9d2b373a7acf8a74f61ea69d861a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27417c00745550025f5b4d12150377664c167a212807.woff2 HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; timezoneOffset=0,0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: font/woff2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3i1V%2B5ravltTbXCZz40sIghVyqqO3t38m8fuJOYzM1D%2FMgvb0Q3Uq9kZjhMnRRPTWii4fQwB8PQcR5mc%2BroT%2BkHsGP8que%2F4jnBWPaamgMlHyRIEPbV5H8rz0LjEUpwcNI%3D"}],"group":"cf-nel","max_age":604800}
content-disposition: inline
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
last-modified: Tue, 01 Apr 2025 09:36:17 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee29f848ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28117&min_rtt=22645&rtt_var=6820&sent=163&recv=92&lost=0&retrans=0&sent_bytes=63672&recv_bytes=38340&delivery_rate=5364&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=4835&x=16"

steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/e880501f476f5849c40acbd72c7366f982f4db8e5b16.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/e880501f476f5849c40acbd72c7366f982f4db8e5b16.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/e880501f476f5849c40acbd72c7366f982f4db8e5b16.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgLvvRrMFasBEhJVLLF9Bbx7sFd4XWu0UomhtBAuaT%2B3xJcsFHRXFupmTMN20e0%2FMz27qYv6270tb0KexCXZf9IBVYsLYYhpGqv%2FspX3Q0%2B03TIGuBQSRHY8%2Bq3JyJ67Amw%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee10fbbeebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31030&min_rtt=27642&rtt_var=11365&sent=56&recv=59&lost=0&retrans=0&sent_bytes=5175&recv_bytes=30047&delivery_rate=185&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=679&x=16"

steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/4a82fac29d9d124a36a8d5b3dbe51409e7dcbfe47434.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/4a82fac29d9d124a36a8d5b3dbe51409e7dcbfe47434.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/4a82fac29d9d124a36a8d5b3dbe51409e7dcbfe47434.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItH5BYKws8xoLoeAAVhxJ3dh%2FgqqX2RuqbEWUH%2FQMw%2Fp7tRdwQSfJuFGJl26r4i4WPx1SHUUCMFJDesqh1lmVKONAYIQdDhjDOwhbt5H5ozscBjPsZ3Ha67UaYzSKOTNtGQ%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee118c03ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=111&recv=70&lost=0&retrans=0&sent_bytes=42865&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=838&x=16"

steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/2cec953b20e0d87ddf9618850dcb345668d14746160c.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/2cec953b20e0d87ddf9618850dcb345668d14746160c.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d326356900e57e356e160780b677a415223cd6872be/2cec953b20e0d87ddf9618850dcb345668d14746160c.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KovHAcWKZPpRdnL96aVYOoE%2Bu01qQl%2Fa5Bp0RmZnPJ6QyerW%2BD851jJTAssZ3zE8AdooIaBcleVBcJAGKxeKi16Ns4uCPKhsas8unNhHKnHpVcEZa1tBX742xiWIiq3Krgs%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11ac25ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33351&min_rtt=25624&rtt_var=5726&sent=138&recv=74&lost=0&retrans=0&sent_bytes=55363&recv_bytes=33476&delivery_rate=351663&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=879&x=16"

steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/73ff031341b7e5322e6b21a1ada3e65a7509080afa29.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/73ff031341b7e5322e6b21a1ada3e65a7509080afa29.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/73ff031341b7e5322e6b21a1ada3e65a7509080afa29.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewzM%2F%2F2MabATNSG9nIqNuSIB9AO4mTA7xUDpnO5RkPqs5STDzEuqwWvHvp2FJteIiDkWAlVZjcY7occh7yo5kXLEusFwIMEwOIIa8ioxwJ1NFCfazoOPeO%2F46PwWSMfYVWo%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11cc56ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33665&min_rtt=25624&rtt_var=4923&sent=145&recv=75&lost=0&retrans=0&sent_bytes=57849&recv_bytes=33522&delivery_rate=423569&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=884&x=16"

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:23 GMT
age: 2571467
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1428
x-timer: S1745574563.237531,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee20ce940b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBezGewRjVsQ3TMDYACC%2FILTjddKxu2DHZ6TUROiiXnvKlN1rOcOvMhkfkXgB7d8ef0wTfsiHDs7toM5sdOsYrKZEgcShV1rkcqH1zrgVaM51WlJQ6JV6xf5Le19s7wWo%2FFO1CRM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee22c98f0b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66396
expires: Wed, 15 Apr 2026 09:49:24 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3u6yOliHlZb4AT2T7BJmRm%2BRYmQfbxKGrwdUk%2FmIosK2zqRSfGBqewYx74V6Cy3NBDF%2BkD8To%2FPYWPHSXQFBA3f0RjJHNJIE28GiB8EU0PfdPEKPz7PHFEYUiNdJ8ebyJqUQWFp7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/c6219c54c01085c851a30c0b32ea3769a3cc6ddb2d69.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/c6219c54c01085c851a30c0b32ea3769a3cc6ddb2d69.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /33c3b641d00426137cb389ab0ecb86a62a596a227020/c6219c54c01085c851a30c0b32ea3769a3cc6ddb2d69.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38DALx2GGBokgjo7Kl6SJAGQsVpF6%2BAJ0YmaHAk0PSoTXwYdPN33ZzfhbQeoPAJt7ihfXMnMCOTOHXB%2F0japmi0ZvBIonU9i2zOOFJra9P3jVb168vbY0mnLx6alDgNk3nI%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-ray: 935cee10dbabebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31030&min_rtt=27642&rtt_var=11365&sent=64&recv=63&lost=0&retrans=0&sent_bytes=8177&recv_bytes=32978&delivery_rate=185&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=721&x=16"

steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/5cfc058abb60c01ae4c9c129362903003628a845a086.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/5cfc058abb60c01ae4c9c129362903003628a845a086.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/5cfc058abb60c01ae4c9c129362903003628a845a086.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7lo4PE95lkf%2FpJAc6b48NR7Hes%2Fe2WZ7J5fydIXqraeiE3rOpv4PyT4yS4w%2FiF88n3sr9WjwqVmPmYD%2BkcZqjXH3Bg%2BTG4rIZ3yEeyt9mknegsvlOQIPVEckJ8N%2FhAbylg%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee111bc9ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=73&recv=66&lost=0&retrans=0&sent_bytes=14839&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=773&x=16"

steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/87a6eac108be36dba37d834917341681742be5d99f9f.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/87a6eac108be36dba37d834917341681742be5d99f9f.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/87a6eac108be36dba37d834917341681742be5d99f9f.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6Pu2LHWS2W%2BOtfPg6O3fu%2FM%2FfBOy%2Bg%2BiL%2FDYS%2BPuCtLwazO9mpJF0jDDiOVo0m61EuMp9PBRBmqNsI3Fz%2BWC4xl98asD4nRwp%2B%2Bt3xF1SSaBKh8JPcJBKojRj%2FXDt1thz4%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11bc36ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33351&min_rtt=25624&rtt_var=5726&sent=142&recv=74&lost=0&retrans=0&sent_bytes=56992&recv_bytes=33476&delivery_rate=351663&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=879&x=16"

store.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare

104.18.42.105

200 OK

163 kB

URL GET
store.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, ASCII text
Size
163 kB (163315 bytes)
Hash
9e92449419eb10ee96c56d803d2baa43
5a2be7055866b8f35bd852d466ff590251a56d89
a655fc19da796630bcf37112ccf749898e98c99e1b25bccef0bf3573665195e5

HTTP Headers

GET /public/javascript/prototype-1.7.js?v=.a38iP7Khdmyy&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 42857
cf-ray: 935cee122902b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "npJElBnrEO6W"
x-integrity: "sha384-YAoVVYkeHRpvvpvjRNZKi3AQxIO+hBZtpxGVOlZ4znfcRalb6uUpKX7XvCg9FgiS"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4f9aa504e931e8cc56bcd8337a24bec128c42018ecd1.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4f9aa504e931e8cc56bcd8337a24bec128c42018ecd1.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /33c3b641d00426137cb389ab0ecb86a62a596a227020/4f9aa504e931e8cc56bcd8337a24bec128c42018ecd1.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIkzcdro3KDhgPJvWenhWywvfbMmwumc2cBxh8FokVucHg3wVO7IGL3ei%2BW33rDfYaHgzz5L89DEHZg%2FdarPPiSfJzydQIskN%2F%2B2cVPZBNtAqoVw9dCJ36TWLOXXyQP3e7E%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-ray: 935cee10cba1ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31030&min_rtt=27642&rtt_var=11365&sent=61&recv=63&lost=0&retrans=0&sent_bytes=6260&recv_bytes=32978&delivery_rate=185&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=715&x=16"

steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/64402686e6ffe93666f930a4033a8e901f663bece333.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/64402686e6ffe93666f930a4033a8e901f663bece333.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/64402686e6ffe93666f930a4033a8e901f663bece333.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lTbAPT5tZG4lE7gclE%2B5wybW6Gp0dgCUd4ImV7jAK1MyBGTcxf04AspvCEKIoQRmuEc24uCrP%2FKL79XNc0TxDnAwfcfI6x1LPljZu%2BbQMOk2GUL7cY%2FFUwGTwOanP6cKsWo%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: STALE
age: 717
cf-ray: 935cee117bf7ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34003&min_rtt=27642&rtt_var=7643&sent=105&recv=68&lost=0&retrans=0&sent_bytes=39487&recv_bytes=33203&delivery_rate=306706&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=824&x=16"

cdn.akamai.steamstatic.com/steam/clusters/about_i18n_assets/about_i18n_assets_0/wallet_card_img_english.png?t=1636143670

95.101.10.59

200 OK

503 kB

URL GET
cdn.akamai.steamstatic.com/steam/clusters/about_i18n_assets/about_i18n_assets_0/wallet_card_img_english.png?t=1636143670
IP
95.101.10.59:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcdn.akamai.steamstatic.com
Fingerprint18:76:06:F8:E7:51:B2:70:40:AB:4E:8D:48:05:F3:D7:F8:71:5A:10
ValidityThu, 20 Feb 2025 21:10:02 GMT - Wed, 21 May 2025 21:10:01 GMT

File type
PNG image data, 406 x 719, 8-bit/color RGBA, non-interlaced
Size
503 kB (503402 bytes)
Hash
eaa918479400786006bc5a37e77075a2
cb892a61d8643b235ac589d9e0fd7a4a97ce56a9
69a47ea33e7fa0226b9f23b5837a9075f36a0ffc2e7adc2f5b30f564e1dad09c

HTTP Headers

GET /steam/clusters/about_i18n_assets/about_i18n_assets_0/wallet_card_img_english.png?t=1636143670 HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/png
Content-Length: 503402
Last-Modified: Wed, 24 Sep 2014 18:08:02 GMT
ETag: "54230882-7ae6a"
Accept-Ranges: bytes
Date: Fri, 25 Apr 2025 09:49:22 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee1afd120b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEmxJD6XX0Q5X72s0KGf9GsZbUYxnVYZx4URqUc%2FXfPSGW0hcMbCWK%2FON4d7gietivVEZalEJNm4eR3Q%2FvjEL1dHEFDirjK%2FV4yp0Z%2Fp%2BdZKoG2OQhbgOg3H%2F23Plrekvvs5%2FAur"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

store.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png

104.18.42.105

200 OK

11 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced
Size
11 kB (10863 bytes)
Hash
a4e79c73ee13cb25b60fc4b0ba1f690c
b690c31b2eb1b0eb085e91aaae7e79f03debe7c1
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

HTTP Headers

GET /public/shared/images/responsive/header_logo.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 10863
cf-ray: 935cee12493db4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-2a6f"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 234
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee1face20b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SoPZLGdCiWYCfpXxx2d4BKa%2Fd9Gs%2FncBMU8vZiYygXg1an4pWrG35XjqMksEKc2jDJ13AT14mL8vD%2F8G0Bd5OlQ1shMSVCDetbTExRFqV%2B5eVWuotqHsalw67trgckSzC2Dm8txb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:25 GMT
age: 2571469
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1440
x-timer: S1745574565.112050,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/9b44d1f4bd62f968ee2d4ca26da86eed10223dccb8dd.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/9b44d1f4bd62f968ee2d4ca26da86eed10223dccb8dd.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/9b44d1f4bd62f968ee2d4ca26da86eed10223dccb8dd.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpbjduB0BAqs2AMKHxle12LklDtF8LR81%2FIANJzuXkGpisuCVlZ0K1%2BbTMakI74E6xzfJSUWCXUoCcT8MZPGYJY6z6rp1BBukTyi%2Ftv00ssTtN%2FVyAsEc9Dwh97noBB0JF4%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11cc57ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33351&min_rtt=25624&rtt_var=5726&sent=138&recv=74&lost=0&retrans=0&sent_bytes=55363&recv_bytes=33476&delivery_rate=351663&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=879&x=16"

store.cloudflare.steamstatic.com/public/images/v6/logo_steam_footer.png

104.18.42.105

200 OK

2.8 kB

URL GET
store.cloudflare.steamstatic.com/public/images/v6/logo_steam_footer.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2843 bytes)
Hash
41e851f8e42b6bf3414278871e93e8a2
a3811c7e1157f77950ec1f0558293bc90e432e82
399f74c4e69eac8b59b149293f9a573955fef0a62b242cfa70346070013e0966

HTTP Headers

GET /public/images/v6/logo_steam_footer.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 2843
cf-ray: 935cee124946b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:22 GMT
etag: "649bb1fa-b1b"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4254
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/27417c007455500355416a084454725a57005e02

104.21.46.25

200 OK

286 B

URL GET
steam-gifts.cfd/27417c007455500355416a084454725a57005e02
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
JSON text data
Size
286 B (286 bytes)
Hash
809d90a15d9c770487eb5f8de306ae43
7d81e00aba4da983a30b191ee9b1f3b3d4dc7695
2acf8f3e26509efe8ecf2b599ebb09d8f4af65a0d7d38d6a4651abf9f665259a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27417c007455500355416a084454725a57005e02 HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; timezoneOffset=0,0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:22 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fp8Oa18HXk5LUkYZu0BSwZRG7EzmUTze9q6Fd%2Fhs0wO9cqEdmI5NDVgsQPxSsREnnhNsIbGU%2FpVVuKelxSqpUpc%2BsOwC8dV9%2Bqgh%2B%2BHyylTqzaA4PXSG8BY4uNKoBuARQ6o%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"11e-fYHgCrpNqYOjCxke6bHzs9TcdpU"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-ray: 935cee195856ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29789&min_rtt=23420&rtt_var=5114&sent=150&recv=82&lost=0&retrans=0&sent_bytes=58745&recv_bytes=35157&delivery_rate=127298&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=2009&x=16"

steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/3dbbedb79df27663753777929c237e76b23e1fba921e.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/3dbbedb79df27663753777929c237e76b23e1fba921e.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/3dbbedb79df27663753777929c237e76b23e1fba921e.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYzmg8pwovT5Dg%2Bp2wOEadss5L5tbgowGf8yU1QLaclEfz80g1nB86H1jTFSY%2FNw4jkaFJg%2FqVwRR85kkWJIYEOQRdBgHJpDhCJI%2FIOpr6%2FLJD3pZsE3JTW0A52PXdbQ2uY%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee111bc7ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31874&min_rtt=27642&rtt_var=10213&sent=66&recv=64&lost=0&retrans=0&sent_bytes=10064&recv_bytes=33022&delivery_rate=14825&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=743&x=16"

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee26b8240b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66396
expires: Wed, 15 Apr 2026 09:49:24 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8POfa6ELfT5fAyyiwNjrH1dYr%2FkCf0rOeDZAXT0W5OYnbWAJ63LBafrQY2JhZyZD%2BOF8gA1iWw3XBvIMf2vQuFF6Cr3c8o9GWSaAIDoWd6xJ%2FdXZXgLU%2FIWTxdNtpwp4xlDdRLzN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare

104.18.42.105

200 OK

16 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, ASCII text
Size
16 kB (15588 bytes)
Hash
418913e1e4b999b4cd1bea5e58a936b9
bc993c5681e7cb1c8cdc7c0197a2773dc65dae34
fff60b03eee68665bbea99748e01971b5dbf59bc249435f03291105adf03e632

HTTP Headers

GET /public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 4661
cf-ray: 935cee1228f4b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "QYkT4eS5mbTN"
x-integrity: "sha384-9OKBQPmBdENKPUAcLb4ACEhVuLu4340DOclXlsdtZl51Fp1lvqwJQXRNsMAi/B8Q"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:23 GMT
age: 2571467
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1429
x-timer: S1745574563.380287,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee23cb1e0b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66396
expires: Wed, 15 Apr 2026 09:49:24 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RPgLI%2F%2FPzJWcRqacShnMyEyTqC27U%2F2lgOFUYkJeG9VKZbj%2FwwO0M5AL%2FyOKqyaiB8ss%2FStbCv3kiya0uCdpUC9brQiwZtkwG5kGkAOx1cttuK5eXVvk1JVWHyrvfSIaP86%2Bikhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/2b9636ebd4881503fe0feb7521ca9184d669153f0cc9.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/2b9636ebd4881503fe0feb7521ca9184d669153f0cc9.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/2b9636ebd4881503fe0feb7521ca9184d669153f0cc9.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLnd8w8%2BM9K%2Ft%2BJ3f7q%2F%2Fsw1im%2BsRw4XWMvTtW4mUiGbhX4aC%2BuPkDCYiMhSuS738%2Bf%2F%2BTc40rnCzvz%2FciTVWU22MakFxho3cM3Df7pc1RPi0vaN2MEJQuRITVHPzcs1CC8%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee116bf4ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33693&min_rtt=27642&rtt_var=9364&sent=91&recv=67&lost=0&retrans=0&sent_bytes=29239&recv_bytes=33157&delivery_rate=56725&cwnd=14400&unsent_bytes=0&cid=0fe395943a681c51&ts=803&x=16"

store.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=CG8Em6e-Ozq3&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

18 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=CG8Em6e-Ozq3&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text, with very long lines (1667)
Size
18 kB (18266 bytes)
Hash
8f02f2cc325f5fc0f058b59c2dd76a13
f2efa26cd913b23fff0945bd061b16243a56fe35
86f92f513c4197f3cd8f3bcc101eb46c8345b4dbcc53d4d3897d49425012f30b

HTTP Headers

GET /public/shared/css/shared_responsive.css?v=CG8Em6e-Ozq3&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/css;charset=UTF-8
content-length: 6190
cf-ray: 935cee1228eeb4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "jwLyzDJfX8Dw"
x-integrity: "sha384-Lb2gma3Nbwyr1uN7iJLyPgRVG2ZWtDBiP0ZoJUWnIOP7Fzeojzid9zovwDbZnAdW"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016

104.18.42.105

200 OK

3.6 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
SVG Scalable Vector Graphics image
Size
3.6 kB (3646 bytes)
Hash
31aabe1e01f27b3b9b47d7265807afc2
a430f5a8a81145215c41c3ba80929627e570d81e
3a4d08139646d567a612f75b8179641c570d490f8013478d131266ed21f3d453

HTTP Headers

GET /public/shared/images/header/logo_steam.svg?t=962016 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 935cee12493fb4ed-OSL
last-modified: Thu, 14 Nov 2024 00:18:58 GMT
etag: W/"673541f2-e3e"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 2355
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee21e8200b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66396
expires: Wed, 15 Apr 2026 09:49:24 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxhelSV0cCXyUkOhka6JqmJlSbyN8IlAiS4p8%2FeS52GbL56rb4qVz6sY5CtjRoBsBOtsyNzfdFWk3aw%2FX2aUrKCaRujrP7nLF0xakl4wajjxi1q%2F64mAJWRZh8%2F9PRinFqsLF1fY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4432e65627c08771821b56a937ca65c8d98f3ee2ca25.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4432e65627c08771821b56a937ca65c8d98f3ee2ca25.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /33c3b641d00426137cb389ab0ecb86a62a596a227020/4432e65627c08771821b56a937ca65c8d98f3ee2ca25.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqGU5ytzo5hPcW3fdBtbvjxm9Ekb31FNFDPkbhWjKKA6MqD%2FoWLDRnq5G21OpyrkAbEB2nnC7OmoSsjpEngGmonb%2FRO7UNAttwfbWI80CYBJ1RCIVd8VqYzfBF6b00oHmmU%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee10dba9ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31874&min_rtt=27642&rtt_var=10213&sent=67&recv=64&lost=0&retrans=0&sent_bytes=11011&recv_bytes=33022&delivery_rate=14825&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=748&x=16"

steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/98878f496c2623ef053eb2a14718284a6b0162a4ca0b.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/98878f496c2623ef053eb2a14718284a6b0162a4ca0b.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/98878f496c2623ef053eb2a14718284a6b0162a4ca0b.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0S8xsnJ1g7KCEvxGqp0OhozpdD0wmCq7tSTBHjOtsVVB%2Bqn3np4cOVM5HfNcxmruPlax%2Bn961Fpevzr0KEh%2B0dqhH9NiLnQ1z4vtbZYj0pB6kyrZF4wrzODrgSe6lcJvxI%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11bc38ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=125&recv=70&lost=0&retrans=0&sent_bytes=49669&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=854&x=16"

store.cloudflare.steamstatic.com/public/css/styles_about.css?v=KuY6YbIF4rkW&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

32 kB

URL GET
store.cloudflare.steamstatic.com/public/css/styles_about.css?v=KuY6YbIF4rkW&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
32 kB (32222 bytes)
Hash
2ae63a61b205e2b91662db381b68e79f
5c217e7480b9b3825f5367536ca949fb668e4c83
c5262d351b071f637d56c9d81ad7b341c2c69bcf7716f88909d703203278a8e3

HTTP Headers

GET /public/css/styles_about.css?v=KuY6YbIF4rkW&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/css;charset=UTF-8
content-length: 5371
cf-ray: 935cee12a9e7b4ed-OSL
server: cloudflare
cache-control: public,max-age=15552000
expires: Sun, 30 Mar 2025 05:34:25 GMT
etag: "KuY6YbIF4rkW"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 11718136
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png

104.18.42.105

200 OK

1.8 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1846 bytes)
Hash
574c350c7b23ae794d5276f8580e0838
235c7b35c3468f8915eca01f7abdb43d34079609
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

HTTP Headers

GET /public/shared/images/responsive/logo_valve_footer.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 1846
cf-ray: 935cee124934b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-736"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 2355
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:23 GMT
age: 2571467
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1427
x-timer: S1745574563.090517,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee1beeb20b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxW1RlYgvCfLT3ZviRUWuNsNm1cSaSlTB6gD8JX5PwBWYcbvP46kCpAyY8rUf7NgGJMy6445Q11NCjVa1U4AYv860jHLj5EqzVsRu3tJxvPUV%2ByC71eiVzXVhpCZzGmRlMxjjY9I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

2.7 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2682 bytes)
Hash
d82d4e87d405553c8aa398e16659fbf8
6d046f98095ef625e5c81545e4b4faeaf1f2a45d
afb487cb0927509900a94f5fe65e9fa66c264a1524d21dd7afaa4c75386e2dd2

HTTP Headers

GET /public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/css;charset=UTF-8
content-length: 633
cf-ray: 935cee1228e3b4ed-OSL
server: cloudflare
cache-control: public,max-age=15552000
expires: Mon, 24 Mar 2025 00:00:26 GMT
etag: "2C1Oh9QFVTyK"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 11287749
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

155 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4310)
Size
155 kB (155042 bytes)
Hash
63a0c713fc8e628a11e146e171d35342
c79ef49feb5e30a4243fc095d08efdb9ffb63c1c
4bdb9821d8b625312013e322ab4d68023c7dca3b62c1213d3da792baae6545b3

HTTP Headers

GET /public/shared/javascript/shared_global.js?v=tbaNc6xLj9BJ&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:22 GMT
content-type: text/javascript;charset=UTF-8
content-length: 43598
cf-ray: 935cee1228f9b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "Y6DHE_yOYooR"
x-integrity: "sha384-fSjepMhIepcqQ+zJBsNUaTMTG8nrcoFfFuKkjducCMSFCApBqjK7w5gkgypV2xrQ"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/72114c67fb4dd9988997fb8e626fe449d12720756187/2053d30d68c40a00747dbd864577471cca3e42bea850.js

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/72114c67fb4dd9988997fb8e626fe449d12720756187/2053d30d68c40a00747dbd864577471cca3e42bea850.js
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /72114c67fb4dd9988997fb8e626fe449d12720756187/2053d30d68c40a00747dbd864577471cca3e42bea850.js HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5s7epLStEJO8zervzbvnbPNsQuY4mTTWG8wyI%2Bu%2ByXzssFwvNYGLIL5o8rn%2FnQPf7PoAkZXblTEdbAZRQWNsZXXMCEPi98gkMf8w7CFDWBBF9dDE7KfbUWdY7amqWhQCg0%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee21ec43ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28771&min_rtt=22645&rtt_var=7349&sent=161&recv=90&lost=0&retrans=0&sent_bytes=62698&recv_bytes=37538&delivery_rate=4376&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=3406&x=16"

steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/ef4c70a94ed7ed04615105565ba32e76cdf2321db4d6.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/ef4c70a94ed7ed04615105565ba32e76cdf2321db4d6.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/ef4c70a94ed7ed04615105565ba32e76cdf2321db4d6.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qh0iH2dyisqQmvRpJLcQm7At0rFZl417y7fl8Br7kgi6nWntr0gaxbB5dszzDIA%2BsaXhSWapdd%2FYKRyoWlHjPBJLHKvbSJ1LNrsRFAefysnfIVdRAC9rx5IjZMDXL5vaDXo%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee118c06ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=109&recv=70&lost=0&retrans=0&sent_bytes=42051&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=837&x=16"

steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/8398298ad8f9377690596a56e077eacc6c7ec828a21a.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/8398298ad8f9377690596a56e077eacc6c7ec828a21a.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d326356900e57e356e160780b677a415223cd6872be/8398298ad8f9377690596a56e077eacc6c7ec828a21a.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlKCBV5pO0pz0pbdW2Z3tMVP03ulClmBSF82PaVdoNNQ2IydKc3QhUXSWqrqJKrMSVNoWvDuWf8OzWvJoPS9mUYtU0ALkaPn%2BY91zDJmA%2B9%2BsqhG3u%2BPFygVb32WkZovbPg%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee119c12ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=121&recv=70&lost=0&retrans=0&sent_bytes=48030&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=847&x=16"

store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

24 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
24 kB (24534 bytes)
Hash
92802728fc7ba467219c7249515c6e01
fdacaaecc8518d17cfde0bf866a0b7d1644123f4
85d3eba59839e1a2eaa49a39d6a0bc8f01f4a1cac8bcc909484a0247d01539b6

HTTP Headers

GET /public/shared/javascript/shared_responsive_adapter.js?v=cxQV9f417bc5&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 7103
cf-ray: 935cee123915b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "koAnKPx7pGch"
x-integrity: "sha384-zGvjzdm4cTYntn2FOZvceakG5JV75R/LU74O/1LzV1SEDSUF+uifkBlCZ3fRvc12"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/store//about/logo_steam.svg

104.18.42.105

200 OK

2.5 kB

URL GET
cdn.cloudflare.steamstatic.com/store//about/logo_steam.svg
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
SVG Scalable Vector Graphics image
Size
2.5 kB (2522 bytes)
Hash
ba1eadfd02abb260074971789870ce10
e329edad609b0c2b7a567ff1964f59833d401c66
9720a2b19519e0d51f44f91d7dd0cd57ccee7347efe38f5815acc6d984f79a8b

HTTP Headers

GET /store//about/logo_steam.svg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 935cee12a9e0b4ed-OSL
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-9da"
cf-cache-status: HIT
age: 5694
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571469
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1437
x-timer: S1745574565.663714,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee25be6c0b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66396
expires: Wed, 15 Apr 2026 09:49:24 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfr%2BUPd5Zlp6ZDsaFr0197sxRraLX%2FtfSbjDW%2FpuNVWX1vIOvbYTXh4bv4mPC4GBFoW5qlSt2zR5juYi6tPyuQJsi1z9ZTN4lTeB2WcFJuvoPfW033rMLFRhj1O08GDZA%2FIN%2FHFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571468
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1434
x-timer: S1745574564.207225,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/a02c806493f5fecae4d2fb318daad1c864eca6388ff2.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/a02c806493f5fecae4d2fb318daad1c864eca6388ff2.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/a02c806493f5fecae4d2fb318daad1c864eca6388ff2.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34LZiDDrPEmVeI%2Bd5USSdJHy%2FbVEwwonZYEX%2BG69lQI3Ay7Zg%2BFyf2MS5BvW%2BrMY6QHuueaV6NqNZ%2FxmP%2Ff23Qdg2LEjYmUBpGS9RcJwXKdot8Hp%2B3GLR4ClOQEeo3EjTHc%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee119c11ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=114&recv=70&lost=0&retrans=0&sent_bytes=44468&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=843&x=16"

steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/0e9b5e78dee4eed864b26e2585c24cc7156898b27513.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/0e9b5e78dee4eed864b26e2585c24cc7156898b27513.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/0e9b5e78dee4eed864b26e2585c24cc7156898b27513.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u78c69myN7uNJcNUoY8X5Hy5aX2PpjLqBm2%2BWxLIvVVI61Eee83dGGni8ZdwYHURfOup8dIeVph%2BgE%2BWnfMRXsiq64giM0b8sIM2j7grx%2Bow9X2nl8KqPTJt8CtSwI88WcM%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee118c07ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=116&recv=70&lost=0&retrans=0&sent_bytes=45293&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=844&x=16"

steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/baf426b2978361c1cd07e3946dee5fe5b134a5ab476e.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/baf426b2978361c1cd07e3946dee5fe5b134a5ab476e.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/baf426b2978361c1cd07e3946dee5fe5b134a5ab476e.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ra2ebkjmNMuW6UdHHNbMBV1%2Bb5zGRxq5NHDCT%2FBj%2BH9yE8hzkiUKuCz%2BwcyElbz3Pm7erlyoz6Bb4C4%2BW8iVxUhyiEcSOI4ToWdYCcgxUUqkVpXij9tYjYqSXKujToV5FgM%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee118c08ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=123&recv=70&lost=0&retrans=0&sent_bytes=48848&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=852&x=16"

steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/d4632ab8c3e9de30f4f6330ee8697bf08cea558ab9d9.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/d4632ab8c3e9de30f4f6330ee8697bf08cea558ab9d9.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d326356900e57e356e160780b677a415223cd6872be/d4632ab8c3e9de30f4f6330ee8697bf08cea558ab9d9.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVlZFUHnSFmch6Wj5xoZ4NZR8ehbbSE6wVRr5jWM4Q5NSXLdH4190QK7mEp9oXU4ot%2FC%2F%2BwSYBZIGnYWd1fhN8YnTv3WXFShDgsRnJk20DgJndb9gXfJEtIoAXJI82qH20M%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11ac1debd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=127&recv=70&lost=0&retrans=0&sent_bytes=50484&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=855&x=16"

store.cloudflare.steamstatic.com/public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

88 kB

URL GET
store.cloudflare.steamstatic.com/public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (536)
Size
88 kB (88492 bytes)
Hash
6dfb6ecb91dc490d3825a1368562c673
c682c47d5eadbc9aa5f47d0b20811abf8ccc3ca6
d79540eba04cc756955bf834f3fa3442fbd07f0d74dd10f1e46d192c2555424e

HTTP Headers

GET /public/javascript/main.js?v=wZOkh5CBgIrx&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 23516
cf-ray: 935cee1228fcb4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "bftuy5HcSQ04"
x-integrity: "sha384-dzj3WPZOI+V8RCeEtyPv3B4aR27qYv+goA7kVzvZqYMtbLCV2zI5ou/ymInksYRz"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:21 GMT
age: 2571466
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1425
x-timer: S1745574562.744910,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571468
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1433
x-timer: S1745574564.032204,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/store/about/icon-macos.svg

104.18.42.105

200 OK

1.2 kB

URL GET
cdn.cloudflare.steamstatic.com/store/about/icon-macos.svg
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1196 bytes)
Hash
204dd244cb3943172c9fc0b4cd26934b
a7ab714e22a8950762bbbb4a2f8844b917f6bb8c
a8f67eb0aee3d58bb70293466744088c2ac93154e5aa26c2bf2c5d5366d1d89f

HTTP Headers

GET /store/about/icon-macos.svg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 935cee12a9d9b4ed-OSL
last-modified: Thu, 14 Nov 2024 00:19:00 GMT
etag: W/"673541f4-4ac"
cf-cache-status: HIT
age: 5694
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee1cc83a0b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5dyhQGH1ovwcc%2Bu5JmOscQjraWMlSQRXwzhSX40q1nj5sdpYnCiNXrZmcBQm5un7hZ4t9htav1ZozmG3FWhfXWEQqiHXO6g9o%2Bj7hhKpaaQ67qmiXw78fzz3nfaigh7B7aG%2Bqlh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee24ccbc0b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66396
expires: Wed, 15 Apr 2026 09:49:24 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AzdEsRXYX%2F1vUAvORvkqpUS1e7j5TpxURKE8SKufxX3pwz6qph2YTj76Jo1qnqu%2Fug%2BTCoiOOdVCB0FhzEog3t1DEtySqdPY1SmC%2BN5yMgVcF%2BkvoE2AwfYT44YpCITg%2F4a60u3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/cd25149e0584e0090f58c3bb35d949e1a108593bfeaa.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/cd25149e0584e0090f58c3bb35d949e1a108593bfeaa.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f308b840ae623441b7e93535ba86d8bee0a743878f79/cd25149e0584e0090f58c3bb35d949e1a108593bfeaa.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSJzS40JxwINb6wxV8GVbF3FzQMaYc4cq5NxhEDqL%2FwyQUSEUEmxNkT2gbuZOogly%2FLhhBqKJc2z8LHcY2kae%2FMNRs9ztSCJlI5OCvtj5zVIrU2E3hOZ8Q7Orr2Z7iJmCQk%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee113bd6ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31030&min_rtt=27642&rtt_var=11365&sent=63&recv=63&lost=0&retrans=0&sent_bytes=7233&recv_bytes=32978&delivery_rate=185&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=718&x=16"

steam-gifts.cfd/98ee32ae02d4ef647d70c46940dad727d02f7694e0e4/57c90dbd67d885cb19a9eea815ef1fc8598a3fa6da15.js

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/98ee32ae02d4ef647d70c46940dad727d02f7694e0e4/57c90dbd67d885cb19a9eea815ef1fc8598a3fa6da15.js
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /98ee32ae02d4ef647d70c46940dad727d02f7694e0e4/57c90dbd67d885cb19a9eea815ef1fc8598a3fa6da15.js HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BsWlDCXFCACdH4gpbQGpGrqOWron3u%2FFMss%2F4yLFIiOsos71YpHyF5N%2FwgucN774tL5i3sAyxl3ToCED5QAHbBPRta%2FlNHNXaFiSAbQKCmpA%2FdyF6CZw2pLPWyPmpORiTE%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee1fbb41ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29544&min_rtt=22645&rtt_var=7737&sent=158&recv=88&lost=0&retrans=0&sent_bytes=61693&recv_bytes=36774&delivery_rate=3986&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=3117&x=16"

store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015

104.18.42.105

200 OK

124 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansMedium4.015;Plau;MotivaSans
Size
124 kB (124048 bytes)
Hash
2d64caa5ecbf5e42cbb766ca4d85e90e
147420abceb4a7fd7e486dddcfe68cda7ebb3a18
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

HTTP Headers

GET /public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam-gifts.cfd
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: application/octet-stream
content-length: 124048
cf-ray: 935cee28cc27b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1e490"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

104.18.42.105

200 OK

3.8 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3777 bytes)
Hash
eabc76eb57feae44add7faead028521e
4e3e53938fad15661d2d046a868338841a95db19
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

HTTP Headers

GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 3777
cf-ray: 935cee12493bb4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-ec1"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 3428
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

i.imgur.com/facOzSk.png

199.232.192.193

200 OK

3.4 MB

URL GET
i.imgur.com/facOzSk.png
IP
199.232.192.193:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT

File type
PNG image data, 1792 x 1024, 8-bit/color RGB, non-interlaced
Size
3.4 MB (3400538 bytes)
Hash
4eb55dea22c7dc9f5311b0c45c147c1e
6332a14dfcdeb75d970f5fb9bc0398c472ab3be2
1d3db94fe8c9316c596659a7278696394b03260b874505bf8e155f0b24d33455

HTTP Headers

GET /facOzSk.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 03 Mar 2025 07:37:26 GMT
etag: "4eb55dea22c7dc9f5311b0c45c147c1e"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: gqaEgT5OwolSLFwWJFp3MYAWU_By4FG1DsDnj7I6SC7ob9Igv9krXA==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 1480716
date: Fri, 25 Apr 2025 09:49:25 GMT
x-served-by: cache-iad-kjyo7100088-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 3129, 0
x-timer: S1745574565.293061,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 3400538
X-Firefox-Spdy: h2

steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/fbbd6f200e2ec5da037ffa9dc7439354ffffa063263b.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/fbbd6f200e2ec5da037ffa9dc7439354ffffa063263b.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f308b840ae623441b7e93535ba86d8bee0a743878f79/fbbd6f200e2ec5da037ffa9dc7439354ffffa063263b.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2LY9Ubz2YSjX72jFwi1Ss9u2MdC2gfS9IaY%2FnPvTwFQfMJME4GaOp%2BbaTb54rAg5rZEmDTAbEPzxLc8ExxOLrWpCnDRkhaTmIsDCVvATkx%2BUltXiUk%2BmVDh%2B5%2FmLur2yudQ%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
age: 717
cache-control: max-age=14400
cf-cache-status: STALE
cf-ray: 935cee115be7ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=81&recv=66&lost=0&retrans=0&sent_bytes=19353&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=786&x=16"

steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/f5be0223b11d7facb082959adf2f573a4e9071b5a92b.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/f5be0223b11d7facb082959adf2f573a4e9071b5a92b.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3eadf8e3e112d7a7301d4e1154d3d772f8fd94568528/f5be0223b11d7facb082959adf2f573a4e9071b5a92b.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQnPiN5P5CAr4IH2oeSa%2B9bWopS1BWBlsA3Sugqw%2BBOGNTCSmMBQQISezJ6Qf2qUIewi2hlNDx9JUnf36SeLFQBNZXlIGJxuiEu9JIbFRbuziIOBFdf2xPZdkYoKawIXEhM%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11bc2debd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=129&recv=70&lost=0&retrans=0&sent_bytes=51302&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=856&x=16"

store.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

33 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text
Size
33 kB (32716 bytes)
Hash
cc76c90bf029f223565c29d83b511af5
c92dd95efdcc81e21e01feaf11c63e0a150702be
d87efa746ad9501f27f9c488ff1d9737fb0cf52b074da30d044720fc54abea5d

HTTP Headers

GET /public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/css;charset=UTF-8
content-length: 4143
cf-ray: 935cee124941b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "zHbJC_Ap8iNW"
x-integrity: "sha384-yzRNAvQFX8YXWTr+vOE/XlTbzIxXMCLgRyTnOrm2MTY2UQ7Gcfbt4G4mtWvYM5Fy"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:23 GMT
age: 2571467
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1430
x-timer: S1745574564.533746,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:24 GMT
age: 2571468
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1436
x-timer: S1745574564.497941,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Bold.ttf?v=4.015

104.18.42.105

200 OK

124 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Bold.ttf?v=4.015
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansBold4.015;Plau;MotivaSans-B
Size
124 kB (123884 bytes)
Hash
6168553bef8c73ba623d6fe16b25e3e9
4a31273b6f37f1f39b855edd0b764ec1b7b051e0
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

HTTP Headers

GET /public/shared/fonts/MotivaSans-Bold.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam-gifts.cfd
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: application/octet-stream
content-length: 123884
cf-ray: 935cee28ec61b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1e3ec"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/https%3A%2F%2Fsteamcommunity.com%2Ffavicon.ico

104.21.46.25

404 Not Found

65 B

URL GET
steam-gifts.cfd/https%3A%2F%2Fsteamcommunity.com%2Ffavicon.ico
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/id=478419359
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
6688d59f1d0b9e116ceca1708a113d0d
d0078c573575a40a584cc92d4ccc5e8ae62aa948
cacc3c09d432702d237265c156358a0430dd08938afbceaf4a444d26340b25e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /https%3A%2F%2Fsteamcommunity.com%2Ffavicon.ico HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

steam-gifts.cfd/27417c007455500d5e515c19.js

104.21.46.25

200 OK

53 kB

URL GET
steam-gifts.cfd/27417c007455500d5e515c19.js
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
Unicode text, UTF-8 text, with very long lines (53441), with no line terminators
Size
53 kB (53449 bytes)
Hash
92f164c88165af00e4db19d115595bc3
d5e35fa24e72bc5aa9c9da8d104c8dc57407fd21
71485d337610ba7c2481c2bb24bff97c51746fb81ea21dd10574769f248ea66d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27417c007455500d5e515c19.js HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpPCi7wt0A334XTktVPO7EtEJ7%2BClNkDzWP0XJc%2F73i5FXQB3HMUkOeRP4KDwIrv3GJjjzRAQql9YQGQbP73ORK8xuEf91gz655us36Tluzb7DqOd4dG%2B6lz74aheVrRG2k%3D"}],"group":"cf-nel","max_age":604800}
content-disposition: inline
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
last-modified: Tue, 01 Apr 2025 09:36:18 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee10cb9cebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=81&recv=66&lost=0&retrans=0&sent_bytes=19353&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=786&x=16"

steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/1e5c5568191faa697ea1b6f35f483052f3b8b9818912.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/1e5c5568191faa697ea1b6f35f483052f3b8b9818912.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/1e5c5568191faa697ea1b6f35f483052f3b8b9818912.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ldj0vVVgo3ch12eL416BOI5JKRjve%2BnOpQVFEMT06ovBUQoMJi19eC93ACjqMZImdaDtVRJfgN%2BvyD0ufEZN5D0Zw2feUy0tN0yinW%2FhdrQlM17a7HYFqSLQEA%2BZof4xkA%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee119c0febd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34003&min_rtt=27642&rtt_var=7643&sent=103&recv=68&lost=0&retrans=0&sent_bytes=38670&recv_bytes=33203&delivery_rate=306706&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=823&x=16"

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee1db9c20b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66395
expires: Wed, 15 Apr 2026 09:49:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uepvtvTJ8DFEwAI7eflm5%2FGEBAXe0t0CE2HNucIDLSemuifkJtL7Lq2ic5F29P3xu%2FGnjiSG4ckxafyWvPxMyWg1MwNdFCyCHgaPRAdVXqVjAMh5H032ydobAIkvrTdw04XcgYd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/06915d50697fd604170e718458f7813f0581128cf506.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/06915d50697fd604170e718458f7813f0581128cf506.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/06915d50697fd604170e718458f7813f0581128cf506.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkJ34zy83CTrqU3guzf4NjEcV41IC3trtYp%2Bbz6CsGQgiMe6Lw72LVKODrn8%2FdTlMMXuEhTqPlCGR1rAlJBwTcO0MpTV7CMH7GvyPG0DygjC1cB9xpFGF1loxQ8MrxAFlbs%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: STALE
age: 718
cf-ray: 935cee112bcfebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32177&min_rtt=27642&rtt_var=8264&sent=71&recv=65&lost=0&retrans=0&sent_bytes=13864&recv_bytes=33067&delivery_rate=72315&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=765&x=16"

store.cloudflare.steamstatic.com/public/css/promo/newstore2016.css?v=zveyQLrdu9JU&l=russian&_cdn=cloudflare

104.18.42.105

200 OK

4.7 kB

URL GET
store.cloudflare.steamstatic.com/public/css/promo/newstore2016.css?v=zveyQLrdu9JU&l=russian&_cdn=cloudflare
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
4.7 kB (4737 bytes)
Hash
cef7b240baddbbd25489ebd7ceee20a3
ceaa1258aa0e92362c79216f474f57db00178a0e
1055ab19fc7dd62ff9b62b078e97586b6485315bf0d4ca41ec1cd9684c9bdf33

HTTP Headers

GET /public/css/promo/newstore2016.css?v=zveyQLrdu9JU&l=russian&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/css;charset=UTF-8
content-length: 1336
cf-ray: 935cee12a9e8b4ed-OSL
server: cloudflare
cache-control: public,max-age=15552000
expires: Mon, 21 Apr 2025 17:46:16 GMT
etag: "zveyQLrdu9JU"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 12719922
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4d42282e71138c0d7d024aafb4c076799cc74a12f7aa.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/33c3b641d00426137cb389ab0ecb86a62a596a227020/4d42282e71138c0d7d024aafb4c076799cc74a12f7aa.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /33c3b641d00426137cb389ab0ecb86a62a596a227020/4d42282e71138c0d7d024aafb4c076799cc74a12f7aa.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gyUIkQuWf3YhnMbfDylfgtTzVw9hDTJX024A5uFytdW4ipuNOEfg9mXNk190pmkLqap%2BAU1vQ%2B%2FbaA9YR3I2a6mNyf6NqXBC%2BkraS%2FADN2UIL1t0tP4DvFlDA6l2FUs3RU%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 935cee10fbb8ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32177&min_rtt=27642&rtt_var=8264&sent=69&recv=65&lost=0&retrans=0&sent_bytes=12892&recv_bytes=33067&delivery_rate=72315&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=760&x=16"

steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/372152a59e5ae998be8370070c3bf9cef88a14321be9.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/372152a59e5ae998be8370070c3bf9cef88a14321be9.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d326356900e57e356e160780b677a415223cd6872be/372152a59e5ae998be8370070c3bf9cef88a14321be9.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9s4wBnh0l6nq9Z47Kx%2FlIxK9Xq2TrgFxVBGFM3MrjnQdtu7xvKtMYnF3WcI7wQ68Tnq4V7MaGs69CRXQSKNzWM5YoQ8k%2BQcUpO1sMLEwQ5ztW5NbNs7PAco4dSsUShVkndE%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11ac24ebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34335&min_rtt=25624&rtt_var=10248&sent=132&recv=71&lost=0&retrans=0&sent_bytes=52912&recv_bytes=33340&delivery_rate=240565&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=861&x=16"

store.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

104.18.42.105

200 OK

291 B

URL GET
store.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced
Size
291 B (291 bytes)
Hash
a2796187c58c7e948159e37d6990ecc2
4209cd85add507247f9ce5a87a8c9095b54ee417
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

HTTP Headers

GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: image/png
content-length: 291
cf-ray: 935cee28bbf0b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:11 GMT
etag: "649bb1ef-123"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 4295
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/id=478419359

104.21.46.25

200 OK

20 kB

URL User Request GET
steam-gifts.cfd/id=478419359
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with very long lines (18863)
Size
20 kB (19850 bytes)
Hash
28587aa1c4d45ad9e351d9627198a7f8
15603b7db75ddc6df8ce5dc39b90929da90b20ea
f9541ebd11ec03e291abd701f3633a4c798e49e7ca4ab03534840c169864c714

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /id=478419359 HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:20 GMT
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
cf-cache-status: DYNAMIC
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
content-encoding: br
set-cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; SameSite=Lax; Path=/; Expires=Fri, 25 Apr 2025 13:49:20 GMT
token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; SameSite=Lax; Path=/; Expires=Fri, 25 Apr 2025 13:49:20 GMT
cf-ray: 935cee0c7d2eeb55-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015

104.18.42.105

200 OK

123 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansRegular4.015;Plau;MotivaSan
Size
123 kB (122684 bytes)
Hash
57613e143ff3dae10f282e84a066de28
88756cc8c6db645b5f20aa17b14feefb4411c25f
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

HTTP Headers

GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam-gifts.cfd
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: application/octet-stream
content-length: 122684
cf-ray: 935cee28bc12b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1df3c"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015

104.18.42.105

200 OK

123 kB

URL GET
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansLight4.015;Plau;MotivaSans-
Size
123 kB (122660 bytes)
Hash
d45f521dba72b19a4096691a165b1990
2a08728fbb9229acccbf907efdf4091f9b9a232f
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

HTTP Headers

GET /public/shared/fonts/MotivaSans-Light.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam-gifts.cfd
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: application/octet-stream
content-length: 122660
cf-ray: 935cee28ec65b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:10 GMT
etag: "649bb1ee-1df24"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider

104.18.42.105

200 OK

87 kB

URL GET
store.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
HTML document, ASCII text
Size
87 kB (87011 bytes)
Hash
973ffdf6f722db9bb1e350b4c673f365
a6c7d4331056cd37569fac3ee5f4b4e0e09b38cb
658b209483f3b09ceabfab105ce9f15078138d646ca0e9abee2033606c852b19

HTTP Headers

GET /public/javascript/scriptaculous/_combined.js?v=Me1IBxzktiwk&l=russian&_cdn=cloudflare&load=effects,controls,slider HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/javascript;charset=UTF-8
content-length: 24100
cf-ray: 935cee123904b4ed-OSL
server: cloudflare
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "lz_99vci25ux"
x-integrity: "sha384-ypv8apRisCy5MbfVW/xJQC0n6ooV6krjmoShQQ8SJNZ3Q5Z+m92YpP2BXkzevTqz"
last-modified: Thu, 23 Apr 1970 04:01:16 GMT
content-encoding: gzip
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.66.137

200 OK

470 kB

URL GET
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
470 kB (469790 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Apr 2025 09:49:22 GMT
age: 2571467
x-served-by: cache-lga21958-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 456, 1426
x-timer: S1745574563.927298,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

store.cloudflare.steamstatic.com/public/shared/images/popups/btn_arrow_down_padded.png

104.18.42.105

200 OK

161 B

URL GET
store.cloudflare.steamstatic.com/public/shared/images/popups/btn_arrow_down_padded.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 19 x 12, 8-bit/color RGBA, non-interlaced
Size
161 B (161 bytes)
Hash
f2dae37acac6b9d5a91caf1885c2f7d0
5f80fdde9f702a1d7589bc5faf88c14066e26c32
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5

HTTP Headers

GET /public/shared/images/popups/btn_arrow_down_padded.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=7sR4EhV3nKzm&l=russian&_cdn=cloudflare
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:25 GMT
content-type: image/png
content-length: 161
cf-ray: 935cee28bbf3b4ed-OSL
server: cloudflare
last-modified: Wed, 28 Jun 2023 04:07:12 GMT
etag: "649bb1f0-a1"
strict-transport-security: max-age=10368000
x-cache: MISS
cf-cache-status: HIT
age: 3425
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/5594489db6d1817e59055d860d6adb88f6b6eab02e94.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/5594489db6d1817e59055d860d6adb88f6b6eab02e94.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc1aa468b7243d3b2a0fad9df7eda01f852cbc74972b/5594489db6d1817e59055d860d6adb88f6b6eab02e94.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rm8iAk%2BDiOXZZ6rq5hcCx95t2GBlLbA%2Bg4yd%2Bjfu%2BhFw38fJ4nUbxYi8g1OhfHrzpGiBSursUU6N9XQbV3LOL610WbXknY2WSjv5XMhamTpvIZ5rfg%2BAfLw7xpUewj6i%2F7c%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: max-age=14400
cf-cache-status: STALE
age: 718
cf-ray: 935cee112bccebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=79&recv=66&lost=0&retrans=0&sent_bytes=17452&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=782&x=16"

steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/f157423a4085bb28dddb0e6d2937fb52d341c7aecd12.css

104.21.46.25

404 Not Found

0 B

URL GET
steam-gifts.cfd/f308b840ae623441b7e93535ba86d8bee0a743878f79/f157423a4085bb28dddb0e6d2937fb52d341c7aecd12.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f308b840ae623441b7e93535ba86d8bee0a743878f79/f157423a4085bb28dddb0e6d2937fb52d341c7aecd12.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvoXb4i3UYjN5vCsOy%2FvzLbilN%2BvMbpVQTwbmCEkt9T0jT9qn7OivPGhvg%2FAs3ZryAn99NPZtdsnfEkXKp5aE1aVt%2FZ%2BK1f0X7VcBNc1IXaiQMeFBtzU95RBYgxshEEojes%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
age: 717
cache-control: max-age=14400
cf-cache-status: STALE
cf-ray: 935cee114bd7ebd2-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31696&min_rtt=27642&rtt_var=7160&sent=75&recv=66&lost=0&retrans=0&sent_bytes=15655&recv_bytes=33112&delivery_rate=67619&cwnd=12000&unsent_bytes=0&cid=0fe395943a681c51&ts=775&x=16"

steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/d1112f42a24075dcb5b1c07b232f81448e5655adb676.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/d1112f42a24075dcb5b1c07b232f81448e5655adb676.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f97d5d1316a2f97c16ee9044798b3fed32e9c87f0306/d1112f42a24075dcb5b1c07b232f81448e5655adb676.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3CoxQYiNSKmr6GcJfhRE75BpBgm6M9HOhE7oXw6PnoOf5u%2BKUKwWA%2BEdfbaBlmz4zIKiEJOqnxBYS6nlH55UJ9Hd6Kwu06oTJ3h6jgMwj6eU81StD1JSeTopJ1DppizxKE%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee119c0bebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35302&min_rtt=25624&rtt_var=11086&sent=113&recv=70&lost=0&retrans=0&sent_bytes=43682&recv_bytes=33294&delivery_rate=355826&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=840&x=16"

steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/1cb7df5c555015b39b34ee74d56af9adcbf14ba95908.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/9d326356900e57e356e160780b677a415223cd6872be/1cb7df5c555015b39b34ee74d56af9adcbf14ba95908.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d326356900e57e356e160780b677a415223cd6872be/1cb7df5c555015b39b34ee74d56af9adcbf14ba95908.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMUfoFBdOfLnVWIJXudrLWu2PQXUVX0rNNnvUX%2FtpvPpOsLZCx57usd359Z0uyEOchIHMOP6kLul0I8LXdu%2BvHJehImDPCjh%2BGTaoiy1%2Bww6HqbOGKxU0KXFvTg4o9uZFek%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee11ac1cebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33351&min_rtt=25624&rtt_var=5726&sent=136&recv=74&lost=0&retrans=0&sent_bytes=54544&recv_bytes=33476&delivery_rate=351663&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=878&x=16"

steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/8ae126a3da11b9ffaca2e867eb3f11f78171c622a311.css

104.21.46.25

503 Service Unavailable

190 B

URL GET
steam-gifts.cfd/6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/8ae126a3da11b9ffaca2e867eb3f11f78171c622a311.css
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
190 B (190 bytes)
Hash
3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6b288e4964fdb9dec1322402c2d9dad1c5bc48af526c/8ae126a3da11b9ffaca2e867eb3f11f78171c622a311.css HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NMP63SBKmcyPQdVxyWmfqMAD6DTtj9sEn6mMmfB%2FqlHNz0RCBbIRcQsoZU3WBAxfk%2BrfAIwV4wEHC9fDV%2F8PeMsEex7aeVVRO6%2FCQTQ6C7B%2BOiv9cAWuJfnAlkSRjbhRzqY%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee117bfcebd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34003&min_rtt=27642&rtt_var=7643&sent=99&recv=68&lost=0&retrans=0&sent_bytes=36872&recv_bytes=33203&delivery_rate=306706&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=813&x=16"

store.cloudflare.steamstatic.com/public/images/ico/ico_facebook.png

104.18.42.105

200 OK

1.2 kB

URL GET
store.cloudflare.steamstatic.com/public/images/ico/ico_facebook.png
IP
104.18.42.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
FingerprintDB:07:06:4C:BE:02:55:6D:48:85:F1:3D:EC:CA:32:DF:2A:FF:7B:B7
ValidityTue, 25 Mar 2025 15:45:41 GMT - Mon, 23 Jun 2025 15:45:40 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1161 bytes)
Hash
e406e5a22e4f3cfa580d3bb57420150e
5b381e535bb0ce6003a461f3124fa1238dfbcedb
760589f903c5e9bd169b38f941f9a3dc88a23897e9cc5b622d3d91f5c204b9e4

HTTP Headers

GET /public/images/ico/ico_facebook.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Apr 2025 09:49:21 GMT
content-type: image/png
content-length: 1161
cf-ray: 935cee1289abb4ed-OSL
server: cloudflare
last-modified: Wed, 06 Dec 2023 00:00:29 GMT
etag: "656fb99d-489"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3758
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2

steam-gifts.cfd/3f51187818b7cde26da510a10594f3213ee28cdeb696/bdf997526965a6c3fd37231628bce15baa50f62dd225.js

104.21.46.25

503 Service Unavailable

0 B

URL GET
steam-gifts.cfd/3f51187818b7cde26da510a10594f3213ee28cdeb696/bdf997526965a6c3fd37231628bce15baa50f62dd225.js
IP
104.21.46.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectsteam-gifts.cfd
FingerprintFF:A7:BE:AF:F8:4C:92:8C:0D:01:A0:25:AF:FE:EF:A2:5E:4D:64:F4
ValidityThu, 24 Apr 2025 21:15:19 GMT - Wed, 23 Jul 2025 22:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3f51187818b7cde26da510a10594f3213ee28cdeb696/bdf997526965a6c3fd37231628bce15baa50f62dd225.js HTTP/1.1
Host: steam-gifts.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZH0rF25lH0jv84KaFk52IP9q5478oT84.gP2LbzcxkUw8f31u.0Beg17KoioNjbDGXkO0wLmRjUBVfQSYCdlpGqZ3GS0IapMsG1Y8Xk69mEYY7FbltcrNLQB_aqWvmadz9ahE0bYfiPaL9rUE93L9yIiIehp1yi3m6NAlZ2Few2Es_vebI3f8zqAFofhFrGxGpUBqwn9JaoPt_wJvvTk3qQ9iur3KJMukWdMU4QwLCoe1cUqsQv3i5h6C3meqVUHH6OtYH7WkngJiOdXXGPgEzmsyrCWU.WUbOSQKkRrEAp8TDN-ytWg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6ODgsInNlY3JldCI6ImM4MmE5ZDNkMDU5YTAxMTU5ZjdlZDVlYzdmMmM4M2VhIiwic2VydmljZSI6IlN0ZWFtIn0.uJvG-98einpAsykYeMP-v69InmPwNTe6RBbLJz5nMdQ; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 503 Service Unavailable
date: Fri, 25 Apr 2025 09:49:23 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ru8BhHAFF7gK54Uvs3%2FDZAPaifb9WxsQCKBOtZLko2b5WR5GDpNz3MbHhE4%2BfMSGuMhr8KXdVkGY1KAeXYCiPNCUBD8294tfkjM41%2B6xlsrGlDjIlQTZzJ9wOvT7Ie24o4c%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
cf-ray: 935cee19d88debd2-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28411&min_rtt=23420&rtt_var=5242&sent=153&recv=84&lost=0&retrans=0&sent_bytes=59877&recv_bytes=35249&delivery_rate=565&cwnd=24000&unsent_bytes=0&cid=0fe395943a681c51&ts=2168&x=16"

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Apr 2025 09:49:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
cf-ray: 935cee19cb450b45-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66394
expires: Wed, 15 Apr 2026 09:49:22 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MtjIQMbGw154rRnElL%2FaUS9eIh43kz4a7Qk%2Fap6O5hix%2B7iqfs3mbwjz%2BCp8aDVWRpHbaz0qTpGZuJ8SkBvfmw0O27e3StXinsQp%2Bff7YGlR6%2Bhx%2FLLAjcuLIaeUlNje%2Bj3gARN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

store.steampowered.com/dynamicstore/saledata/?cc=BY

184.24.45.71

200 OK

29 B

URL GET
store.steampowered.com/dynamicstore/saledata/?cc=BY
IP
184.24.45.71:443
ASN
#16625 AKAMAI-AS

Requested by
https://steam-gifts.cfd/27417c007455500d54100a2504060901085f04505d
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
FingerprintD1:63:2B:87:0C:48:95:7A:BC:F5:BE:8D:96:58:14:CB:4F:9F:D5:50
ValidityTue, 10 Sep 2024 00:00:00 GMT - Thu, 11 Sep 2025 23:59:59 GMT

File type
JSON text data
Size
29 B (29 bytes)
Hash
7d8e35afa8792b923f4e6c5906e7c4b5
32168fbcd8a98b424f566046d3680648b49ac633
d5c8f5fb29ca010ec4c6e11774d17b0cc27b21304811521e29141f581c061e87

HTTP Headers

GET /dynamicstore/saledata/?cc=BY HTTP/1.1
Host: store.steampowered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam-gifts.cfd
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json; charset=utf-8
X-Frame-Options: DENY
Cache-Control: public,max-age=300
Expires: Fri, 25 Apr 2025 09:50:07 GMT
Last-Modified: Fri, 25 Apr 2025 09:45:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin, Accept-Encoding
Strict-Transport-Security: max-age=10368000
Content-Length: 49
Date: Fri, 25 Apr 2025 09:49:25 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML