| | 210.74.226.164 | 200 | 8.7 kB |
URL User Request GET HTTP/1.1IP210.74.226.164:443 ASN#4812 China Telecom Group
CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3129), with CRLF, LF line terminators Hash70bc0aa19033579282805a49e8d1c557 6360c9662c5fd837abbc5e37fc17d142c796dd82 36b837bac1d8a5c6dcc81a584756f37a744610e98b34e7d90f20ff013340ad48
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 8679
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://steam.guesskings.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: no-cache
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Origin: https://steam.guesskings.com
Set-Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; Path=/; Secure; SameSite=None;Domain=steam.guesskings.com
steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; Path=/; Secure; HttpOnly; SameSite=None;Domain=steam.guesskings.com
uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; Path=/; Domain=steam.guesskings.com
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-cjwn6
traceId: eaac1cf3af17132866626652503d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1761390/6467c6bec4cbd97c3ed30119e8b08072644dd9ab.jpg | 172.64.145.151 | 200 OK | 1.9 kB |
URL GET HTTP/2cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1761390/6467c6bec4cbd97c3ed30119e8b08072644dd9ab.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 32x32, components 3 Hash24ea1e7c26785e7112497a4b4d4901d0 6467c6bec4cbd97c3ed30119e8b08072644dd9ab 52a0a0101bac21bb9f0e07056c64a4a55ebfd72132a6ae430090802ce9259565
GET /steamcommunity/public/images/apps/1761390/6467c6bec4cbd97c3ed30119e8b08072644dd9ab.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 1874
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "628fab98-752"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 26 May 2022 16:32:24 GMT
cf-cache-status: HIT
age: 12135970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c6a0b59-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/250900/16d46c8630499bfc54d20745ac90786a302cd643.jpg | 172.64.145.151 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/250900/16d46c8630499bfc54d20745ac90786a302cd643.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, components 3 Hash7bb9c2f6817759549f20698413253351 16d46c8630499bfc54d20745ac90786a302cd643 a357b694227b7e44aeae9996aa1967923d60e88fae837a69826a6f0fbb94fce6
GET /steamcommunity/public/images/apps/250900/16d46c8630499bfc54d20745ac90786a302cd643.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 1216
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "606e7a18-4c0"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 08 Apr 2021 03:35:52 GMT
cf-cache-status: HIT
age: 12576350
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74eac720b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/images/login/throbber.gif | 172.64.145.151 | 200 OK | 3.2 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/images/login/throbber.gif IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 32 x 32 Hash928e54c4c9683d8dd32867ee992d73c4 83b3252952e1e8c98deb5e6eb64e150c594dd97b 0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d
GET /public/images/login/throbber.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/gif
content-length: 3208
last-modified: Fri, 05 Jan 2018 01:34:49 GMT
etag: "5a4ed639-c88"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3696
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c610b59-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1202540/96711df7876b863b33b15dc01fedcd1ac2482137.jpg | 172.64.145.151 | 200 OK | 1.4 kB |
URL GET HTTP/2cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1202540/96711df7876b863b33b15dc01fedcd1ac2482137.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 32x32, components 3 Hash8c7910cedd7574f8f45f5c78862d6daf 96711df7876b863b33b15dc01fedcd1ac2482137 166125d72bf6e130a780eca450c0aaeac6257a2cc45aed07581d696996568eb8
GET /steamcommunity/public/images/apps/1202540/96711df7876b863b33b15dc01fedcd1ac2482137.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 1444
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "65815bce-5a4"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 19 Dec 2023 09:01:02 GMT
cf-cache-status: HIT
age: 457586
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74eac710b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png | 172.64.145.151 | 200 OK | 11 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced Hasha4e79c73ee13cb25b60fc4b0ba1f690c b690c31b2eb1b0eb085e91aaae7e79f03debe7c1 6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
GET /public/shared/images/responsive/header_logo.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/png
content-length: 10863
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-2a6f"
x-cache: MISS
cf-cache-status: HIT
age: 1632
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c680b59-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/359550/624745d333ac54aedb1ee911013e2edb7722550e.jpg | 172.64.145.151 | 200 OK | 454 B |
URL GET HTTP/2cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/359550/624745d333ac54aedb1ee911013e2edb7722550e.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 32x32, components 1 Hash4e139cd6cbf5f6f3a6a8f5e7eee84166 c61a68efbc58e37aaacca0916a3021ac9a950cf5 7f0dd7fc9ae014dd34fd4a150151beee9ab6868bb6afbb95257f03897ae29049
GET /steamcommunity/public/images/apps/359550/624745d333ac54aedb1ee911013e2edb7722550e.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 454
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "6553edda-1c6"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 14 Nov 2023 21:59:54 GMT
cf-cache-status: HIT
age: 1198352
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c6c0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png | 172.64.145.151 | 200 OK | 1.8 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced Hash574c350c7b23ae794d5276f8580e0838 235c7b35c3468f8915eca01f7abdb43d34079609 8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
GET /public/shared/images/responsive/logo_valve_footer.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/png
content-length: 1846
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-736"
x-cache: MISS
cf-cache-status: HIT
age: 4962
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c580b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/images/skin_1/ico_external_link.gif | 172.64.145.151 | 200 OK | 63 B |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/images/skin_1/ico_external_link.gif IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 8 x 8 Hashd1c5aa274c0f681d02317d33026e93d2 07ce7ddd50b6c56dc35a08128a161cdd78c08be4 563401248387cb3cf47d04e1dda78508467889ce4ebb80d24a074e0c24a0183c
GET /public/images/skin_1/ico_external_link.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/gif
content-length: 63
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
etag: "5a4ed63b-3f"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4188
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c620b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png | 172.64.145.151 | 200 OK | 3.8 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced Hasheabc76eb57feae44add7faead028521e 4e3e53938fad15661d2d046a868338841a95db19 fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/png
content-length: 3777
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-ec1"
x-cache: MISS
cf-cache-status: HIT
age: 40
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c630b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/images/x9x9.gif | 172.64.145.151 | 200 OK | 58 B |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/images/x9x9.gif IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 9 x 9 Hashc85b970b4c832e361445c1b446cc2343 57e60c2f1f1f919a871b7c171c6d59d42e3adbe5 5ce28d7cf05f0e6eeaa3788a393d9980e9b51130963c6b9672d3447b6b11de6d
GET /public/images/x9x9.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/gif
content-length: 58
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
etag: "5a4ed63b-3a"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3076
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c5c0b59-OSL
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 2.7 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash19f4a36c629c358690fc93dbd234d105 6bbc819e64172d57a4abdaa20c8e2b8a32dd662c e753a6b743187c7d592e6e2d3580336751e6211cd228ad7410e02db29ec91ad8
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 2718
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "GfSjbGKcNYaQ"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 20:15:10 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3703352
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b74f099985ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866635241524d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 34 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF, LF line terminators Hashb6e362692c17c1c613dfc67197952242 fed8f68cdfdd8bf5c29fb0ebd418f796bc8af2dd 151dc1c5196a4ca683f292ae77fa5321f750c495a5c4ffd4888959eb46d9cdc1
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 33770
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "tuNiaSwXwcYT"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 14:45:02 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3703353
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b74f0c8a211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866635213043d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 11 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashae830b57b9039ffb0d5130d6272945f6 d653c649e9c9957d592a06ae0e340d96ac1bc444 613569c4a8092b813b9d1a2fdbf007a0fe43f6bb0a2d2c87ac998050f473938d
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 11062
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "roMLV7kDn_sN"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693427
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75149568514-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17132866638853934d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare | 210.74.226.164 | 200 | 2.5 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash8db2ffc24354dbc4b5a7bebbc2b3cdaf 311653110625167fdb4ce22e8f147b717bce6649 e888e754e20a1b354bb45b59a05d7b281fee588a445854116b2bc84620fbf7f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 2465
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:47 GMT
ETag: ".TP5s6TzX6LLh"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 22:48:52 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2916531
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7544d225e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866643602510d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 6.8 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash102f7c6e20daa0a5210e8fb3786bbd4f c688baecba8e6161d6901c2deec80968baf1454d 462481feb218b26c45b970f7c3b5d349dffff44de22d5eaf4f9ed544a2626e7c
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 6824
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "EC98biDaoKUh"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 18:33:00 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3709484
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7559fff8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17132866645673940d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 40 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (4009), with CRLF, LF line terminators Hasha7055c200b47357c2051179f9b979bbd 701f861353694ceb6a41a867ac2e118a76400cdc f553f59191af4f2b222a73d129b731d4f461c84a67d55cf8e29ba319fe13b078
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 39590
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "pwVcIAtHNXwg"
Cache-Control: public,max-age=15552000
Expires: Sun, 22 Sep 2024 22:52:20 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1793121
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b753cc4d5e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866642812508d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 17 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash5ce6bb1be046a76c593dc5f9aa706226 64e2c5b91dc1fbb25a4e76ef3a960ff4a34febaf 8584c8ca39f9c0db8dd5d299d575a056ad34afd1d3bef62bc31700de106284a1
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 16631
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "XOa7G-BGp2xZ"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 19:12:07 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2929537
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7556be985ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866645461528d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub.css?v=620ci8yyn3Hw&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 29 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub.css?v=620ci8yyn3Hw&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF, LF line terminators Hasheb6d1c8bccb29f71f03bd7a3347777f3 0c4095e9f1d52bf10838c0c1953a8667c4cb3bcd 98aa7cd415cdec4e3d1e1bfcc737c92faa6446491beaf67a97d671682427a9b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/css/apphub.css?v=620ci8yyn3Hw&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 28639
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "620ci8yyn3Hw"
Cache-Control: public,max-age=15552000
Expires: Sun, 22 Sep 2024 22:52:41 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1793068
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b753fa0c211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866643153046d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 1.1 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash4b38ffd17055eb4d80ecbfca24531e66 b9f8457fa8f87dfd8d848eae33d943c5561ec7c0 d340fb2a9e88f33e7018727ce410262d84354cebb6b87662a77eae794ebb0475
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 1121
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "Szj_0XBV602A"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693428
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b756ae9d85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866647411530d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 88 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1819), with CRLF, LF line terminators Hashd95a196b633c5a1de4bfe531abe19544 b4d3e3d225c8f699d2c5661b194e6feadd9b5807 8a0e6fb8b50e1da206a13969ee4f1f904f0b0a430fd6455a10fc7829b6776ae4
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 87472
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "2VoZa2M8Wh3k"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:45 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 584399
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b753d96a85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866642871527d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 3.7 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashff40a59671699ae63a3a37c9338612f4 c6f166f3847630f0591589511bd42ff9b7035b26 46a9c57e77a87a44e59346c3c5a1c6af49ef045d2cc4cffba98264783712822d
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3706
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "_0CllnFpmuY6"
Cache-Control: public,max-age=15552000
Expires: Sun, 01 Sep 2024 08:42:59 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3658485
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b757e9eb5e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866649462515d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 19 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1667), with CRLF, LF line terminators Hash2ab2918d06c27cd874de4857d3558626 363be3b96ec2d4430f6d578168c68286cb54b465 4afb3e37bfdd549cc16ef5321faf3f0a3bf6e84c79fc4408bc6f157280636453
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 18935
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "KrKRjQbCfNh0"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:35 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3662121
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b757ee9c211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866649423051d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 13 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (629), with CRLF line terminators Hashbe1e0131e0dc3620948b14da818b1a4d 810b4aff56a0e76cf870cc67e3092447b46dcd92 ebd518bec6383218452cc4597aeff5debc82b1f76cbea1950c5ecbfd59c5e3e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 12804
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "vh4BMeDcNiCU"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:23:19 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699264
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7582ee1211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866649823052d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare | 210.74.226.164 | 200 | 16 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash72938851e7c2ef7b63299eba0c6752cb b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 16087
Connection: keep-alive
Last-Modified: Tue, 22 Mar 2022 23:23:42 GMT
ETag: ".zYHOpI1L3Rt0"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693429
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75a8ff28514-HKG
Content-Disposition: inline;filename=f.txt
traceId: bdb56198-f1e4-4d9e-b85a-174f8fc5338c
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/main.css?v=96N66CvLHly8&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 120 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/main.css?v=96N66CvLHly8&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (26986), with CRLF, LF line terminators Size120 kB (119908 bytes) Hashf7a37ae82bcb1e5cbcbe7f59ae3f751d 261a66e8d78629d058da4fb001d285f4eebdb352 95fab1a42c8c835c28c2871604e3ca738bee153d5d78cfd6d398fb51142a3c0e
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/applications/community/main.css?v=96N66CvLHly8&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 119908
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "96N66CvLHly8"
Cache-Control: public,max-age=15552000
Expires: Tue, 10 Sep 2024 20:29:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2794727
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b757cbae8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17132866649253942d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop | 210.74.226.164 | 200 | 122 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Size122 kB (122171 bytes) Hash39e34882ba4417cb4b1b84916dabb770 0d0ca081fb60c8aad337091bafcbe84f966c38b0 da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 122171
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "OeNIgrpEF8tL"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 14:56:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2934020
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7599e9c8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 0d8073ba-40b0-4fc1-892b-c1070916f683
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 104 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (9521), with CRLF line terminators Size104 kB (103774 bytes) Hash0563fe4c0338861e0abda77fef3435b6 2358574b18e5853cb5d8da9fb52fe84546843a7b 9898bab895b6fb9ad62035cda4e12bb8615339e142478043b47d1c175f824379
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 103774
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "PyuRtGtUpR0t"
Cache-Control: public,max-age=15552000
Expires: Sun, 22 Sep 2024 22:52:20 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1793123
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75a3973211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 32c2ca58-06a5-4343-94dd-0102cc23abeb
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare | 210.74.226.164 | 200 | 96 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32086), with CRLF line terminators Hash4dc834d16a0d219d5c2b8a5b814569e4 4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 95790
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: ".isFTSRckeNhC"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:24:48 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699177
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75a6ce25e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: 07dd67ff-882c-466b-a536-484da765f5d0
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 3.9 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash75f321bb2f8bae9ca8e5c4c6d72521bd 8ed540dc9da8c5d7c2bbe390fc663e6de0b1ef0c 92a217685eda5e8319d193142aeadf80ae7a9c9e04a9a365d9cf01078d459985
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 3869
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "dfMhuy-Lrpyo"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:23:30 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699255
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75dcca68514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 25289125-ec3e-4435-a678-163423b559a9
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 14 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1011), with CRLF line terminators Hash59dd2408449e26ab969b384f6cc5cd98 09a2919cdeef326b8d4c492e7f65895e2dfb9801 78a72f3e67d9f2f0200e36adc262f794312e5c69001f18be84886601a8a59571
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 13922
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "Wd0kCESeJquW"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 18:32:59 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3709486
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75e09915e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: 4308e748-2b72-4a9e-add9-07536381a6ba
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare | 210.74.226.164 | 200 | 169 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size169 kB (169399 bytes) Hash6a39e0b509fecb928d47b8a2643fed2a f67fa6cb1d09963d10ba117d6553c8e7d5bc7863 d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 169399
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: ".55t44gwuwgvw"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 14:35:53 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 3709553
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b758fb1f5e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: d0c7a424-9097-43b7-81da-44e76a8d5396
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 12 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash2ba219efad9b8f0614bb8ca395644299 cbedc420cf2d472ab8e7f8819c33a55f962e3a5f 17b25eb544bcb517752ef36c778caf44d50bf2f815bb305771381fe76aac7e8c
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 11557
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "8OrLYcA-XZ3m"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:23:30 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699256
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75eecdd85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: 58cca614-df0e-4a51-a316-7a3ecb151c45
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 18 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (342), with CRLF line terminators Hashd642581b253bf84ac7a7da752573ca62 f9e9617e832657133ffe0423d3bffcd91c35b3a7 1a8fb0d133135943bca919329003eac543aa29749eea474f33d3a94a4d15a647
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 17729
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "JSwdk0x7aW5O"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693430
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75ecc0684cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: 2ab179fb-8487-42b4-a56d-92aaaa4ebd2c
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 15 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashb50443501108ef0f2862f7619ec73726 ebd84e20c04cc1bf68b5c55b456f25661a46b9e5 168d530f7bf604619928553dc2e847d4df2c6136a4076f2c07ebaefbc2fb48c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 14789
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "LRs2cUK5D3j7"
Cache-Control: public,max-age=15552000
Expires: Wed, 25 Sep 2024 21:00:50 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1540526
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7601869211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 1a86ac22-f671-4d90-b0bb-5ee508d24542
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 2.9 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashe275614b456ede9716af5db33bc06ff3 7be0606e8e489e67db8d8b6e88236badd643cb8f 7a4db8fc6f2f7f5c2735b78a80c465f47b61c704e6814368f207e07eca1ba742
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 2858
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "st0tzXwxiGks"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 18:32:59 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3709487
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76058c1211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: c68fdd0e-3053-4628-98d0-a5665bcc7819
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 155 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2654), with CRLF line terminators Size155 kB (154553 bytes) Hash4f0a7af4385f98de48c8060fba988e27 b07077ee281ba5b63dd665b42b48a197c80c88b8 3a44820ddcbe21e29f3670ebdbbe1399de32459b17cb9ac7972a6ee5aa50afc3
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 154553
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "XPgJuNunk65I"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:24 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 584400
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75d1d01211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 5e956594-0d7a-4695-849a-3c4dac292574
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 1.1 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash210c2d3ede48ef95f9fe19605086eb5e 9581c67260e7125df72febd83193874e9bd14164 9d8b43fee90b04c7e0156d0c8f82707cc00f8411677ad5114ee232285afa06d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1063
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "8-RwlLlPLHOa"
Cache-Control: public,max-age=15552000
Expires: Tue, 10 Sep 2024 20:42:47 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2794866
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7612f2084cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: c05628d3-29fa-492c-81fd-f3da21f987e3
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 16 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15473), with CRLF, LF line terminators Hash7a75daa9723ca7af54624a6727a7d5f5 62c95bbfb66df1b93287c9c053a8e52bcca51018 e4ccc0cb2ddd09066559b9e3900c2aaa093f2c2f245b0904fcd310d6ac982820
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 15647
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VrmidAAJJjCf"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:06 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 420694
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76139b78514-HKG
Content-Disposition: inline;filename=f.txt
traceId: dd4ac2c6-6cd1-41dc-91eb-e6df5fc0170c
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 457 B |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (455), with CRLF line terminators Hash1fc0e266e0c35f24bf232e1015ca7064 dcfa89f38d3bac32a02f28c662cfa4f4855ec8b7 c5527d218ab87fb08c01dbdb65039651a55be1bf70fb19aef70930c2e81c7698
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 457
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "H8DiZuDDXyS_"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 19:12:07 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2929539
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7629b7285ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: 6604db08-36ca-4f79-97c2-c7a28d3149a8
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 25 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hasha52bc800ab6e9df5a05a5153eea29ffb 8661643fcbc7498dd7317d100ec62d1c1c6886ff 57cfaf9b92c98541f769090cd0229a30013cea7cfafc18519ca654bfae29e14e
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 24657
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "pSvIAKtunfWg"
Cache-Control: public,max-age=15552000
Expires: Sun, 29 Sep 2024 09:11:21 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 1237585
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7636cc38514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 27e3a8ed-8828-4c40-8fed-dc7a6d5202d2
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 927 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators Size927 kB (926681 bytes) Hash7cc72a37a98a82387097c2d95db8dfa4 eb60fd9b530d5ea6115e20f891e832d4851ccd5f 5b87b450067424f7b1e5674d9f5634a2fb6e8f1347d273f6003e85398b7c4359
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 926681
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VGtvPLNviurP"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 584401
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7616a34211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 60b48c52-d775-41cb-bf55-ad0f06b0c79c
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 587 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators Size587 kB (586946 bytes) Hash220a975c6d9f00eb8f0f993b03b52e7c 6d90e35e6fe894ff7c091ef60d461f7c3f873599 7bd76a1514ae8cbca8644ed9e800fe441c5316a4ef0d1e12accd3b885e28329b
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 586946
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "xsBMMDVfE_Nk"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:14 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 420691
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7627b778514-HKG
Content-Disposition: inline;filename=f.txt
traceId: b9df5b95-9040-468a-8df3-7ec309257ddc
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1 | 172.64.145.151 | 200 OK | 291 B |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced Hasha2796187c58c7e948159e37d6990ecc2 4209cd85add507247f9ce5a87a8c9095b54ee417 23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: image/png
content-length: 291
last-modified: Wed, 21 Mar 2018 00:07:17 GMT
etag: "5ab1a235-123"
x-cache: MISS
cf-cache-status: HIT
age: 6374
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b769ed6c0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 | 172.64.145.151 | 200 OK | 123 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeTrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansRegular4.015;Plau;MotivaSan Size123 kB (122684 bytes) Hash57613e143ff3dae10f282e84a066de28 88756cc8c6db645b5f20aa17b14feefb4411c25f 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam.guesskings.com
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: application/octet-stream
content-length: 122684
last-modified: Tue, 28 Jul 2020 23:16:28 GMT
etag: "5f20b1cc-1df3c"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b769ed7f0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 | 172.64.145.151 | 200 OK | 124 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeTrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansMedium4.015;Plau;MotivaSans Size124 kB (124048 bytes) Hash2d64caa5ecbf5e42cbb766ca4d85e90e 147420abceb4a7fd7e486dddcfe68cda7ebb3a18 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
GET /public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam.guesskings.com
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: application/octet-stream
content-length: 124048
last-modified: Tue, 28 Jul 2020 23:16:28 GMT
etag: "5f20b1cc-1e490"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b769fd8b0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 | 172.64.145.151 | 200 OK | 119 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeTrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansThin4.015;Plau;MotivaSans-T Size119 kB (118736 bytes) Hashce6bda6643b662a41b9fb570bdf72f83 87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8 0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
GET /public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam.guesskings.com
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: application/octet-stream
content-length: 118736
last-modified: Tue, 28 Jul 2020 23:16:27 GMT
etag: "5f20b1cb-1cfd0"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b76a0d950b59-OSL
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 16 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15473), with CRLF, LF line terminators Hash7a75daa9723ca7af54624a6727a7d5f5 62c95bbfb66df1b93287c9c053a8e52bcca51018 e4ccc0cb2ddd09066559b9e3900c2aaa093f2c2f245b0904fcd310d6ac982820
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:48 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 15647
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VrmidAAJJjCf"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:06 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 420696
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76b0e73211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 745d08e7-430b-4405-95c1-be37b51ea2be
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 927 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators Size927 kB (926681 bytes) Hash7cc72a37a98a82387097c2d95db8dfa4 eb60fd9b530d5ea6115e20f891e832d4851ccd5f 5b87b450067424f7b1e5674d9f5634a2fb6e8f1347d273f6003e85398b7c4359
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:48 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 926681
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VGtvPLNviurP"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 584403
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76dccbf85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: 0d8593c1-5b0d-4a60-82ad-62cd7bc2447d
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare | 210.74.226.164 | 200 | 587 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators Size587 kB (586946 bytes) Hash220a975c6d9f00eb8f0f993b03b52e7c 6d90e35e6fe894ff7c091ef60d461f7c3f873599 7bd76a1514ae8cbca8644ed9e800fe441c5316a4ef0d1e12accd3b885e28329b
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:49 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 586946
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "xsBMMDVfE_Nk"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:14 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 420694
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b775480d8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 03ddc03d-974a-4373-9c46-0de428cce1a0
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.cloudflare.steamstatic.com/public/images//sharedfiles/searchbox_workshop_submit.gif | 172.64.145.151 | 200 OK | 1.4 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/images//sharedfiles/searchbox_workshop_submit.gif IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 23 x 18 Hash05fb65c97a9a5a8ae214129b1179cd41 b9646bed2952c2a908ee7bbba96331919cd6e43a ecb79b1ea1675b180662b87e2eb7236ac5fe55ee3f37cbb5432202d3a17232a0
GET /public/images//sharedfiles/searchbox_workshop_submit.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:50 GMT
content-type: image/gif
content-length: 1418
last-modified: Fri, 05 Jan 2018 01:34:50 GMT
etag: "5a4ed63a-58a"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4919
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7796ca50b59-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cloudflare.steamstatic.com/steam/apps/359550/page_bg_generated_v6b.jpg?t=1711470437 | 172.64.145.151 | 200 OK | 59 kB |
URL GET HTTP/2cdn.cloudflare.steamstatic.com/steam/apps/359550/page_bg_generated_v6b.jpg?t=1711470437 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1438x810, components 3 Hash5eef4afebac148d107466675fad4ff7a bcdbd9dce3e633d9fdae639f934c051ff4b61581 5140144fc08e717d5a72e7225081b96eace016be954ee9fbde28fc2560b62e51
GET /steam/apps/359550/page_bg_generated_v6b.jpg?t=1711470437 HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:50 GMT
content-type: image/jpeg
content-length: 59127
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-bgj: h2pri
etag: "6602f763-e6f7"
expires: Tue, 23 Apr 2024 16:28:13 GMT
last-modified: Tue, 26 Mar 2024 16:27:15 GMT
cf-cache-status: HIT
age: 1547
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7797cb30b59-OSL
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/favicon.ico | 210.74.226.164 | 200 | 39 kB |
URL GET HTTP/1.1steam.guesskings.com/favicon.ico IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hash231913fdebabcbe65f4b0052372bde56 553909d080e4f210b64dc73292f3a111d5a0781f 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: image/x-icon
Content-Length: 38554
Connection: keep-alive
Last-Modified: Tue, 18 Sep 2018 23:32:59 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://steam.guesskings.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: public,max-age=86400
Expires: Fri, 06 Oct 2023 02:34:46 GMT
Origin: https://steam.guesskings.com
Set-Cookie: uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; Path=/; Domain=steam.guesskings.com
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-cjwn6
traceId: eaac1cf3af17132866705232539d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1 | 210.74.226.164 | 200 | 9.7 kB |
URL GET HTTP/1.1steam.guesskings.com/apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1219), with CRLF line terminators Hash0f7979011b011900ad641a53e87b5417 0aaaa145768b19d6c3f29bcca5501be735159d2a d6c6b3112f566cafc39baff41a2cb838005f5f12c032a17273d0f0d84e096362
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.7
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 9665
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 16:57:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://steam.guesskings.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: public,max-age=60
Content-Encoding: gzip
Expires: Tue, 16 Apr 2024 16:58:22 GMT
Origin: https://steam.guesskings.com
Set-Cookie: uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; Path=/; Domain=steam.guesskings.com
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-cjwn6
traceId: eaac1cf3af17132866705432540d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.cloudflare.steamstatic.com/public/shared/images/userreviews/icon_thumbsUp.png?v=1 | 172.64.145.151 | 200 OK | 2.1 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/userreviews/icon_thumbsUp.png?v=1 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash70dd94db2cc784ee7d1d4e711e1c4260 f04a6007da546006b008b1a7d143b4dcb4a3147a 16d0421c9b126ba66695653318780cbd30fef1fe2093f9135eeb323a37143a1e
GET /public/shared/images/userreviews/icon_thumbsUp.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/png
content-length: 2103
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-837"
x-cache: MISS
cf-cache-status: HIT
age: 2608
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e0bd30b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/apphubs/play_icon80.png | 172.64.145.151 | 200 OK | 2.2 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/apphubs/play_icon80.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 80 x 55, 8-bit/color RGBA, non-interlaced Hash080c457af88ef213cf315af1221f74c2 44c7475d69e1f3d8780b6f638960b670c2c0fa58 47cca726b04188ab33a403ac206822b96d6789fe5ff568ddcbd9ba972688f6d4
GET /public/shared/images/apphubs/play_icon80.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/png
content-length: 2184
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-888"
x-cache: MISS
cf-cache-status: HIT
age: 1312
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e0bdf0b59-OSL
X-Firefox-Spdy: h2
|
|
| avatars.cloudflare.steamstatic.com/dc66620aff3d51c87b12ab545e0076efff39ff16.jpg | 172.64.145.151 | 200 OK | 1.1 kB |
URL GET HTTP/2avatars.cloudflare.steamstatic.com/dc66620aff3d51c87b12ab545e0076efff39ff16.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hashe96d8bd9ce6a2f9ca068b269d5f84b38 dc66620aff3d51c87b12ab545e0076efff39ff16 8ce16922277238c4e43157b85ba3388faa482ab2a63dc9fd94defd9b22f71f96
GET /dc66620aff3d51c87b12ab545e0076efff39ff16.jpg HTTP/1.1
Host: avatars.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/jpeg
content-length: 1063
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: h2pri
content-md5: 6W2L2c5qL5ygaLJp1fhLOA==
etag: "0x8DB003FBDD82999"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 08:23:17 GMT
x-cache: MISS
cf-cache-status: HIT
age: 116317
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e2c0d0b59-OSL
X-Firefox-Spdy: h2
|
|
| avatars.cloudflare.steamstatic.com/41dc340b5caece51a18ede7d0a297a7a8f8ead1b.jpg | 172.64.145.151 | 200 OK | 853 B |
URL GET HTTP/2avatars.cloudflare.steamstatic.com/41dc340b5caece51a18ede7d0a297a7a8f8ead1b.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash9a3a7b96004709fc7ac8f17213212c44 41dc340b5caece51a18ede7d0a297a7a8f8ead1b 022731af45237e53c5b785403a03facdee2d5b28b31b27d61ace16f304056060
GET /41dc340b5caece51a18ede7d0a297a7a8f8ead1b.jpg HTTP/1.1
Host: avatars.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/jpeg
content-length: 853
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: h2pri
content-md5: mjp7lgBHCfx6yPFyEyEsRA==
etag: "0x8DA049352E10C3D"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 13 Mar 2022 01:46:42 GMT
x-cache: MISS
cf-cache-status: HIT
age: 66255
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e3c1e0b59-OSL
X-Firefox-Spdy: h2
|
|
| avatars.cloudflare.steamstatic.com/cf681785339885cfc9399fb8757a514e6850e81c.jpg | 172.64.145.151 | 200 OK | 898 B |
URL GET HTTP/2avatars.cloudflare.steamstatic.com/cf681785339885cfc9399fb8757a514e6850e81c.jpg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash2e81278438b259c5268022e15126235e cf681785339885cfc9399fb8757a514e6850e81c a6bdfd58d6536150500a62adcf47bd51476f950874116c09127c54f8d2905526
GET /cf681785339885cfc9399fb8757a514e6850e81c.jpg HTTP/1.1
Host: avatars.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/jpeg
content-length: 898
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: h2pri
content-md5: LoEnhDiyWcUmgCLhUSYjXg==
etag: "0x8DC587A3F11BB2A"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 09 Apr 2024 09:48:44 GMT
x-cache: HIT
cf-cache-status: HIT
age: 106369
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77ead250b59-OSL
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2484373040650810626/39F0424DBDEE8847A436D78ACFED14DDB62A6790/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 5.3 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2484373040650810626/39F0424DBDEE8847A436D78ACFED14DDB62A6790/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3 Hash5e38e5af7cfd7e3fd88173c217e0b0f1 d236178d6906a263a918ee34b6ff1d5d87deaf45 2ebd9e1fd93540b2f2821f7f00735ecb99e62956d88fc9f4caf4efc2ee65cc4a
GET /ugc/2484373040650810626/39F0424DBDEE8847A436D78ACFED14DDB62A6790/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Sun, 14 Apr 2024 08:54:38 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5C607C25609D"
server: Akamai Image Manager
x-serial: 1777
content-length: 5259
content-type: image/jpeg
cache-control: private, no-transform, max-age=404182
expires: Sun, 21 Apr 2024 09:14:13 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2501261538285713262/61682A4A9BFB5CCE463801BF8C3F9251EF8F77F6/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 5.2 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2501261538285713262/61682A4A9BFB5CCE463801BF8C3F9251EF8F77F6/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 128x128, components 3 Hashdd4b3e69ee712bbae35a50cef63376e1 751dd37a57326e2a28f1f6771da2f55e55da6d4f 0b5f94062463cf280947d6ad510aa332a002dab5fc67166d78d9252435147cd3
GET /ugc/2501261538285713262/61682A4A9BFB5CCE463801BF8C3F9251EF8F77F6/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Mon, 15 Apr 2024 06:20:07 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5D141379D67A"
server: Akamai Image Manager
x-serial: 1859
content-length: 5161
content-type: image/jpeg
cache-control: private, no-transform, max-age=480447
expires: Mon, 22 Apr 2024 06:25:18 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2521527737908936232/60F478D0EE575667CEE9BDB82AE7371D63447B05/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 4.1 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2521527737908936232/60F478D0EE575667CEE9BDB82AE7371D63447B05/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 128x128, components 3 Hashfd16d8bbdda681ce0d32a540a653fc88 ea21b7406e31a5dd0f5573b81ffeb6d2fe1a7dea 7f3aaf71b15641b2d6ec9e4ca17097c81a9e285835e676a338bcc42a8a6b3695
GET /ugc/2521527737908936232/60F478D0EE575667CEE9BDB82AE7371D63447B05/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Mon, 15 Apr 2024 11:01:23 GMT
access-control-expose-headers: origin
etag: "3b5f82ed7c3e14e38028435237e9c791"
server: Akamai Image Manager
x-serial: 986
content-length: 4081
content-type: image/jpeg
cache-control: private, no-transform, max-age=502482
expires: Mon, 22 Apr 2024 12:32:33 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2508016938371187267/2EDF087F328EBCD595059C10137EB9293108CA9E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 7.9 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2508016938371187267/2EDF087F328EBCD595059C10137EB9293108CA9E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, progressive, precision 8, 128x128, components 3 Hashb87e67b4e8d66c81e97543663faefdb1 fe0780d6f122b8809d46022a8b1010328a403a57 87f996f114ebf3204fb549f799fc8d2d3bd16a0bfc3b6556e168587494a141d0
GET /ugc/2508016938371187267/2EDF087F328EBCD595059C10137EB9293108CA9E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Fri, 12 Apr 2024 18:43:10 GMT
access-control-expose-headers: origin
etag: "7626948b0b534759df2b8fc8db32da98"
server: Akamai Image Manager
x-serial: 1724
content-length: 7878
content-type: image/jpeg
cache-control: private, no-transform, max-age=316616
expires: Sat, 20 Apr 2024 08:54:47 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2500135638379285046/F58F61D8BE4979AAF5972031E769AEE5385CA289/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 3.2 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2500135638379285046/F58F61D8BE4979AAF5972031E769AEE5385CA289/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 128x128, components 3 Hash18331ebe02771856f9e4180e2d31a741 09149feb5458afe001ee43c6d5ce7c8c5f2f7edb f4cdeec65082b4ce9d14e453c1a6a1b164cd2d782164b320601cceeadde25730
GET /ugc/2500135638379285046/F58F61D8BE4979AAF5972031E769AEE5385CA289/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Akamai Image Server
last-modified: Mon, 15 Apr 2024 08:14:36 GMT
etag: "7564a278ef17bd336489032bd944baf0"
access-control-expose-headers: origin
access-control-allow-origin: *
content-type: image/jpeg
content-length: 3165
cache-control: private, max-age=487035
expires: Mon, 22 Apr 2024 08:15:06 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2493380238610157586/FF205B39A459DD9376FBD4CE40B27DA623D589C1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 121 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2493380238610157586/FF205B39A459DD9376FBD4CE40B27DA623D589C1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 128 x 128 Size121 kB (121440 bytes) Hashc8c0a9fb5cfe1ff7d585d75a71c91e5c 03fbf9f24a644771ece4cd6a721489b447121c02 e64c085aa189fcd8750127e37b3fa923c7461fae1a220e12798d5fc765e9266d
GET /ugc/2493380238610157586/FF205B39A459DD9376FBD4CE40B27DA623D589C1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Sun, 14 Apr 2024 18:32:00 GMT
access-control-expose-headers: origin
etag: "8b25dafc6a9011f0579da9f793f2260e"
server: Akamai Image Manager
content-length: 121440
content-type: image/gif
cache-control: private, no-transform, max-age=437993
expires: Sun, 21 Apr 2024 18:37:44 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2465232740275342093/FBCC995D19EDD8AB1ADD63B245F88116E7F08E59/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 34 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2465232740275342093/FBCC995D19EDD8AB1ADD63B245F88116E7F08E59/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hasheffa7c407137bc0db3735855489e01ad 1f5a55637118fb1afe8e1b32efbe355ddb91685c fbe4ba553b60e6da6ddb388125c6356838abd746f82a7274ccfcd28f45954fea
GET /ugc/2465232740275342093/FBCC995D19EDD8AB1ADD63B245F88116E7F08E59/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:14:20 GMT
access-control-expose-headers: origin
etag: "4280974db2119543c6d9eaddc2b64c22"
server: Akamai Image Manager
x-serial: 1606
content-length: 34513
content-type: image/jpeg
cache-control: private, no-transform, max-age=602171
expires: Tue, 23 Apr 2024 16:14:02 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2502387438200301198/140780233C1F907FC3454BB690BE3BBC46214ADC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 25 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2502387438200301198/140780233C1F907FC3454BB690BE3BBC46214ADC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hash3cc080d562ddff0e4224395ce7a5d602 0e445f947d4446970d5d2017d72c839ac424e2de d7ab3a440cc92851d86ed91e02ba7fb4611c84ca6fda5a430e675424dc4dd1a0
GET /ugc/2502387438200301198/140780233C1F907FC3454BB690BE3BBC46214ADC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:57:26 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2A8247A425"
server: Akamai Image Manager
x-serial: 1669
content-length: 25009
content-type: image/jpeg
cache-control: private, no-transform, max-age=601835
expires: Tue, 23 Apr 2024 16:08:26 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2482121240849041055/E677578BB9A68E6F5E41EB93729BB4B49F15B3CC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 41 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2482121240849041055/E677578BB9A68E6F5E41EB93729BB4B49F15B3CC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 512x288, components 3 Hash369547ae3b3c03823ba1dd0616165a33 921e6d553ce75ba219341fffc6a0b818adfc5076 afd255d5d5dc4d373a967bf5eb4842f02ce9442b84559748c089fcf7588aa554
GET /ugc/2482121240849041055/E677578BB9A68E6F5E41EB93729BB4B49F15B3CC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Akamai Image Server
last-modified: Tue, 16 Apr 2024 11:01:25 GMT
etag: "ddf96a23a89fe8b5a516f381f587764e"
access-control-expose-headers: origin
access-control-allow-origin: *
content-type: image/jpeg
content-length: 40635
cache-control: private, max-age=586791
expires: Tue, 23 Apr 2024 11:57:42 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2496757938664587878/B5104DA871AEBF9EB404232DAE5EA596575815B9/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 48 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2496757938664587878/B5104DA871AEBF9EB404232DAE5EA596575815B9/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hash417bac037b5fa3b9b413894bb5353d6a ba90114a1db6707d592e7de8594666a827a5a304 ac2faaf3037ec09b96cd94e2b2da67eaa08b7f8252061d78494b71d2f08c050e
GET /ugc/2496757938664587878/B5104DA871AEBF9EB404232DAE5EA596575815B9/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 11:57:57 GMT
access-control-expose-headers: origin
etag: "abb05530f0aa05375c620300e868b201"
server: Akamai Image Manager
content-length: 48213
content-type: image/jpeg
cache-control: private, no-transform, max-age=586894
expires: Tue, 23 Apr 2024 11:59:25 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2513646437898644298/D9DD85E2CED972CE59F814781367CE2491F8BB1A/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 41 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2513646437898644298/D9DD85E2CED972CE59F814781367CE2491F8BB1A/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hash5107e441e1bf86299009072c7fdf4f18 5811cb9caccfca00762dc69ee8b1b1b3dad9eb11 d076f22bc94d19fe53e3bc7fdc628b88cd3e1c558c84b164aa452e10366ef7d2
GET /ugc/2513646437898644298/D9DD85E2CED972CE59F814781367CE2491F8BB1A/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:14:36 GMT
access-control-expose-headers: origin
etag: "a3fb6e253321ec985459a43a4cf9dd8f"
server: Akamai Image Manager
content-length: 40669
content-type: image/jpeg
cache-control: private, no-transform, max-age=598927
expires: Tue, 23 Apr 2024 15:19:58 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2477617641548643596/DED7210148C500A95F8E4332E7F90851E7A29005/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 28 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2477617641548643596/DED7210148C500A95F8E4332E7F90851E7A29005/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hashd078598ffa55e4ee4e779f9355be1e85 4a4d33c112a2e4a6a62602cf6218f2350da31082 304a2410c07d051a8c5b9ae83f74fb563e3d865dde81915d18e0162672892ef8
GET /ugc/2477617641548643596/DED7210148C500A95F8E4332E7F90851E7A29005/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 14:55:13 GMT
access-control-expose-headers: origin
etag: "8ab1ffe1173c55cdb95af02f4ca8ed38"
server: Akamai Image Manager
x-serial: 1505
content-length: 27988
content-type: image/jpeg
cache-control: private, no-transform, max-age=597868
expires: Tue, 23 Apr 2024 15:02:19 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2519275938101854754/BC34F9E5FD225A74188C0755F0B47FBC59E09E30/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 56 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2519275938101854754/BC34F9E5FD225A74188C0755F0B47FBC59E09E30/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hashe05cc9da8f8445dc63c21c9e9beee466 a6128207543988a51570bdcdeb415f2cb80fae71 4a15ad0d20921b42a10a2833fd3f0603e5fe7a8fd9d36d8e279a2d0b60b05e54
GET /ugc/2519275938101854754/BC34F9E5FD225A74188C0755F0B47FBC59E09E30/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:19:27 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E21E21E9197"
server: Akamai Image Manager
content-length: 56314
content-type: image/jpeg
cache-control: private, no-transform, max-age=599168
expires: Tue, 23 Apr 2024 15:23:59 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2505765138579921935/A30FC598EF2FBF1476C1B15F971C660B5B8CB622/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 30 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2505765138579921935/A30FC598EF2FBF1476C1B15F971C660B5B8CB622/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 512x288, components 3 Hash6fbf97ec835cc505c8ca6672e6560ca1 d0648b320224d626421dbea47c100d64824911ec edfbdebf18ba7b5c83a97cb6cae4f400c3ebaa3384e3cf655441157fb2c3c258
GET /ugc/2505765138579921935/A30FC598EF2FBF1476C1B15F971C660B5B8CB622/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Akamai Image Server
last-modified: Tue, 16 Apr 2024 13:50:12 GMT
etag: "0x8DC5E1C237F548F"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/jpeg
content-length: 30518
cache-control: private, max-age=595647
expires: Tue, 23 Apr 2024 14:25:18 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2523779535431271138/65C84651EFDC40B5D9EF08F5A54076DCDE607F42/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 33 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2523779535431271138/65C84651EFDC40B5D9EF08F5A54076DCDE607F42/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 512x288, components 3 Hash698b8d44b42b49015618673eb1743450 4a0f9a90a7ff8c7299240269fa0378eb8c09bdd9 1518a7ba531ee4bbe85997bcfb2e2763f69ba89ec32dbbcecfc2c37916ab860f
GET /ugc/2523779535431271138/65C84651EFDC40B5D9EF08F5A54076DCDE607F42/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:16:37 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2B63B35312"
server: Akamai Image Manager
content-length: 32933
content-type: image/jpeg
cache-control: private, no-transform, max-age=602452
expires: Tue, 23 Apr 2024 16:18:43 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2483247140757758824/ED8C7CA4DA33A01CB2C984C940E1F6F0485A0EC6/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 268 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2483247140757758824/ED8C7CA4DA33A01CB2C984C940E1F6F0485A0EC6/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 1920x1080, components 3 Size268 kB (267916 bytes) Hash443a5bdc9c4e56bae610895b1778e0fb 8a86a0f087f203b8c95a071a2623c5b7050e26f4 e0aa723b0f5cd8152afdacda941543fd3cc8d23b04b686e38d34e15502f2b59a
GET /ugc/2483247140757758824/ED8C7CA4DA33A01CB2C984C940E1F6F0485A0EC6/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 14:25:25 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E1FDD11EEB5"
server: Akamai Image Manager
content-length: 267916
content-type: image/jpeg
cache-control: private, no-transform, max-age=595877
expires: Tue, 23 Apr 2024 14:29:08 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2466358640182364661/7F9EAB9865034FDBF69E446CE5F62BC6494F3CC9/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 86 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2466358640182364661/7F9EAB9865034FDBF69E446CE5F62BC6494F3CC9/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 559x811, components 3 Hash1410539f93fa30ea03f7d8e257f74e18 87326a9053c0124358539c0331d020d370756f63 8871a968fad7a004608b41b166c06aa58e533b8283e0a117fb51d0a71e6f0cf9
GET /ugc/2466358640182364661/7F9EAB9865034FDBF69E446CE5F62BC6494F3CC9/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:14:53 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2DE6693BD9"
server: Akamai Image Manager
content-length: 86442
content-type: image/jpeg
cache-control: private, no-transform, max-age=602336
expires: Tue, 23 Apr 2024 16:16:47 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2466358640182369299/BBEB0C98903F6E06149F18630C4DE1830031FA44/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 89 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2466358640182369299/BBEB0C98903F6E06149F18630C4DE1830031FA44/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 489x676, components 3 Hash6960f2312a45175feb68e7598a970c7d d8b9b474313e91e3a7a3edc3031c2e777cea2eae 0fa01a5743a1f3a4b13a7798969dfc53f79331704e6f7b7e3ff0110584722bbf
GET /ugc/2466358640182369299/BBEB0C98903F6E06149F18630C4DE1830031FA44/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:11:49 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2E0891BEB7"
server: Akamai Image Manager
x-serial: 1802
content-length: 89223
content-type: image/jpeg
cache-control: private, no-transform, max-age=602583
expires: Tue, 23 Apr 2024 16:20:54 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images//award_icon_blue.svg | 172.64.145.151 | 200 OK | 357 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images//award_icon_blue.svg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typegzip compressed data, from Unix Size357 kB (357121 bytes) Hash42bff6b1c454ca44c18411a34e68677d 0d7e1d9cb42267a24bb5da66369bee16e3ba8cf1 401b835b7342a1d96650cd0ef9f2437be8d392fb1f5d038f027026b884fe932d
GET /public/shared/images//award_icon_blue.svg HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jun 2020 22:53:14 GMT
etag: W/"5ee94d5a-952"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 6155
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77dfbbd0b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2466358640182364068/E0439E536ACA2011E664A835C52B7D2701FFC674/?imw=1024&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 188 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2466358640182364068/E0439E536ACA2011E664A835C52B7D2701FFC674/?imw=1024&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 798x943, components 3 Size188 kB (188175 bytes) Hasha68f7b40f9b3535344829a3b6e96012c cea6ee9028a40e5f24edcc54e00a9a255a069eb1 0e9175f750cd4ef380c1f8e89e21353b20291f9e7e87c110a590c6c96d98320a
GET /ugc/2466358640182364068/E0439E536ACA2011E664A835C52B7D2701FFC674/?imw=1024&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Akamai Image Server
last-modified: Tue, 16 Apr 2024 15:57:14 GMT
etag: "0x8DC5E2DE2349537"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/jpeg
content-length: 188175
cache-control: private, max-age=601606
expires: Tue, 23 Apr 2024 16:04:37 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2469736339902791944/A93032510EC8657CDB1CDFEB046DB26B207E10ED/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 234 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2469736339902791944/A93032510EC8657CDB1CDFEB046DB26B207E10ED/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x810, components 3 Size234 kB (233702 bytes) Hash38ed87ca5ef3769e705518a303a5a197 9d3b280ac5da1e0fd8e5844e24b2e50e9a76556d 040ecb5e2fa2cefe5eba1885d0862ff053b53cfcaabb1b7c8c55d46a782c5e10
GET /ugc/2469736339902791944/A93032510EC8657CDB1CDFEB046DB26B207E10ED/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:19:38 GMT
access-control-expose-headers: origin
etag: "1ac2ed803763835298ad9cf8ae2a3f96"
server: Akamai Image Manager
content-length: 233702
content-type: image/jpeg
cache-control: private, no-transform, max-age=602530
expires: Tue, 23 Apr 2024 16:20:01 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2469736339902776957/6B881CC37010EA21852054360C8CF39FFD489CB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 112 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2469736339902776957/6B881CC37010EA21852054360C8CF39FFD489CB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x810, components 3 Size112 kB (112248 bytes) Hash85f1c38ac700dc982e7186659bc49cfe 120c4cc7358537d527aca006667518ae62fa0f20 7fe761814ed8ac11e70f600322c73abfb8f1f0091d41939ee2a8d1bedfa57095
GET /ugc/2469736339902776957/6B881CC37010EA21852054360C8CF39FFD489CB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:14:19 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2FAAC0E448"
server: Akamai Image Manager
x-serial: 838
content-length: 112248
content-type: image/jpeg
cache-control: private, no-transform, max-age=602557
expires: Tue, 23 Apr 2024 16:20:28 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2469736339902779902/A0A5DC100136E570EBD5EE5FC99A01539676B615/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 246 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2469736339902779902/A0A5DC100136E570EBD5EE5FC99A01539676B615/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1240x1080, components 3 Size246 kB (245875 bytes) Hashafff9a6e0e72bf420a6853dc1a6734c2 087b4b68bd03fecac86549c3baa93d9250621a44 461a0c9e794ff7e161b6892170318f2eee6a1c14cce1b4fa48c0d3d940f7072f
GET /ugc/2469736339902779902/A0A5DC100136E570EBD5EE5FC99A01539676B615/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:18:04 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2FC35008AE"
server: Akamai Image Manager
content-length: 245875
content-type: image/jpeg
cache-control: private, no-transform, max-age=602580
expires: Tue, 23 Apr 2024 16:20:51 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2519275938102152565/5E7713C7F2C643BB374032BD4B670B3D76680501/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 180 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2519275938102152565/5E7713C7F2C643BB374032BD4B670B3D76680501/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 1920x527, components 3 Size180 kB (179688 bytes) Hashc1ac50d5f30a61671d79315bb525cb8d f9de2a414e802439724d333e471feaf53d1a6aa8 ae8054a3de05030e25321261cba08f1542ca13d68e20cc457a0030f065eef451
GET /ugc/2519275938102152565/5E7713C7F2C643BB374032BD4B670B3D76680501/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:44:11 GMT
access-control-expose-headers: origin
etag: "d8f82b5390aaa14c3903fe398fc86e54"
server: Akamai Image Manager
content-length: 179688
content-type: image/jpeg
cache-control: private, no-transform, max-age=600385
expires: Tue, 23 Apr 2024 15:44:16 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2506891038477796803/6889A8B1247F2E2D3AD979EC720CFAECFA5FD7DB/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 70 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2506891038477796803/6889A8B1247F2E2D3AD979EC720CFAECFA5FD7DB/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 128 x 128 Hashccdb99a165d826e12ca588b75018fbb8 8883a3fc70587e08b1253fe94935ac4ab5899e60 37ccb402f96ea4af163c70befbe470d7483057a8cdc452a92fe03c072fad97aa
GET /ugc/2506891038477796803/6889A8B1247F2E2D3AD979EC720CFAECFA5FD7DB/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Akamai Image Server
last-modified: Sun, 14 Apr 2024 22:52:20 GMT
etag: "0x8DC5CD58AEC8669"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/gif
content-length: 69962
cache-control: private, max-age=453287
expires: Sun, 21 Apr 2024 22:52:38 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2509142838286174380/6FEE9F22A9E8C604517869722B23B1421751AA79/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 5.8 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2509142838286174380/6FEE9F22A9E8C604517869722B23B1421751AA79/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3 Hash42a99105e7e96473d7016105360857d3 19441845fcf478fe23901896f56b1ae446a8d2c7 340b87f546e0e4805019bf291887dbc2b0d18001ff0b1c2244ca5b343061849b
GET /ugc/2509142838286174380/6FEE9F22A9E8C604517869722B23B1421751AA79/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Sun, 14 Apr 2024 02:41:52 GMT
access-control-expose-headers: origin
etag: "33547722dd12817a3e73e59b0055f88b"
server: Akamai Image Manager
x-serial: 1740
content-length: 5838
content-type: image/jpeg
cache-control: private, no-transform, max-age=409091
expires: Sun, 21 Apr 2024 10:36:02 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/764896052077847401/0D885690960BBB3DF5532C755C6D3BE2728046ED/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 7.3 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/764896052077847401/0D885690960BBB3DF5532C755C6D3BE2728046ED/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 128x128, components 3 Hash42f90b45dc017610b2cdca2aa8246136 fe33a3dc6f80fbc6d20b847f856ce9c589c34795 b1898ff22ea2e6fd0300a80b73d2d00ece52e2c6c3d1e42d4ee23fb7a21fb7be
GET /ugc/764896052077847401/0D885690960BBB3DF5532C755C6D3BE2728046ED/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Mon, 15 Apr 2024 07:25:49 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8D4A27F7607C195"
server: Akamai Image Manager
content-length: 7281
content-type: image/jpeg
cache-control: private, no-transform, max-age=484597
expires: Mon, 22 Apr 2024 07:34:28 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2520401838009130195/7A630A59D504588123A165E6DC8A9CA3C8DF2FB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 672 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2520401838009130195/7A630A59D504588123A165E6DC8A9CA3C8DF2FB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1080x1948, components 3 Size672 kB (671791 bytes) Hash2076d0f998b1df7025fe6b855f523ada 6204dccb9166e977fef736fb6a1d7eb6e86ec271 fb55558d39520079a7e95d320416c01ae41bd16d45eac1f9c39235d12c8bca60
GET /ugc/2520401838009130195/7A630A59D504588123A165E6DC8A9CA3C8DF2FB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:18:56 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E30AE1ADA8D"
server: Akamai Image Manager
content-length: 671791
content-type: image/jpeg
cache-control: private, no-transform, max-age=602556
expires: Tue, 23 Apr 2024 16:20:27 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2500135638369736852/AD89895259B959C7206F057435DC98855775E581/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true | 95.101.11.35 | 200 OK | 6.9 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2500135638369736852/AD89895259B959C7206F057435DC98855775E581/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 128x128, components 3 Hash6fccd0637634bb13b689e39136570996 1d4c4f36ae95744d2883605adb07694072d7d320 966c5498b0d9318ba0cf25bf68a42556719000afceb0f2d423c08b06e337efc4
GET /ugc/2500135638369736852/AD89895259B959C7206F057435DC98855775E581/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-akamai-im-skip-dlr: 1
server: Akamai Image Server
last-modified: Sat, 13 Apr 2024 17:47:15 GMT
etag: "0x8DC5BE1C1C416C6"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/jpeg
content-length: 6868
cache-control: private, max-age=349982
expires: Sat, 20 Apr 2024 18:10:53 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2520401838007163800/0E75C908B8B13CDBD32E824D52F18E5708ABD4FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 58 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2520401838007163800/0E75C908B8B13CDBD32E824D52F18E5708ABD4FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3 Hashe77d36f7639608c6ec8b111b59af541d 47981de18ed4f35cc4e9aa63367e8412d45eeb24 6e455b579ac4e6f7ff12f90dabe41b405549ca197de86bfc6d4e1fca766414cf
GET /ugc/2520401838007163800/0E75C908B8B13CDBD32E824D52F18E5708ABD4FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 08:51:10 GMT
access-control-expose-headers: origin
etag: "14d881aeec8dae0f14deb1587a3a4ffd"
server: Akamai Image Manager
content-length: 58390
content-type: image/jpeg
cache-control: private, no-transform, max-age=575911
expires: Tue, 23 Apr 2024 08:56:22 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656 | 210.74.226.164 | 200 | 172 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64895), with CRLF, LF line terminators Size172 kB (171857 bytes) Hash770f28bc44b902bc87bf7d43fc089359 d860bd7d7beee0b83d78d43e1db9816a5ab599dd 978f491c58e9b75220f568e3ca172c1cbc5e79940933981016eb814d2b7a9ba4
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:53 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b77afc27211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 890c357d-fd53-4465-abfc-fc8beb90a77b
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0 | 210.74.226.164 | 200 | 185 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65245), with CRLF, LF line terminators Size185 kB (184975 bytes) Hashc023e4c06c828c36b044b6290ad4fa38 b95f05bcec10296fe7e45481e84b4a05f1f2a80f 57b9fb4a5d43760a96aea3984dcef7aff72427f6f4775c8505c749d7914420eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Apr 2024 22:36:15 GMT
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:22 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 584403
Vary: Accept-Encoding
CF-RAY: 8755b77b0c8384cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: 2e899821-6c7f-4f9b-8435-30bc55f810c8
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d | 210.74.226.164 | 200 | 216 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65349), with CRLF, LF line terminators Size216 kB (215736 bytes) Hash853ee23dcdf650baacddda80e05e36bb 60104b174ada73ae6845f5def564c5f9428548fa 00026ec6d14e33a96aefb38fc8a7e741eb8cc3a35600467991b576f5ba98a2f3
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:54 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b77af8eb8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: afe58936-a854-4f0b-82c6-cc46bbf64173
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| img.youtube.com/vi/R7lFaigt5Ow/0.jpg | 142.250.74.78 | 200 OK | 18 kB |
URL GET HTTP/2img.youtube.com/vi/R7lFaigt5Ow/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hashde12beeeaa5790a2989807defe3e8fa6 2bb4893758997e98ae13c85ba69dc753997e4994 e4514ad0c445171f89d242867b952aa9ad3900f0544de4ee71e84f3ac7085e27
GET /vi/R7lFaigt5Ow/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 18061
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:54:24 GMT
expires: Tue, 16 Apr 2024 16:59:24 GMT
cache-control: public, max-age=300
etag: "1713040851"
content-type: image/jpeg
vary: Origin
age: 208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/skWgIg4OsG4/0.jpg | 142.250.74.78 | 200 OK | 3.6 kB |
URL GET HTTP/2img.youtube.com/vi/skWgIg4OsG4/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash45a49bd55576794d3b387c79e1e1be99 6ec9cb09119b656422fce1f54902f76bcc335d6f 584db0030ea71591ccb0aab8d7d6045ae7d52422cff900bc935adda95fd88222
GET /vi/skWgIg4OsG4/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 3558
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:28 GMT
expires: Tue, 16 Apr 2024 17:02:28 GMT
cache-control: public, max-age=300
etag: "0"
content-type: image/jpeg
vary: Origin
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/qooZx_kVD8A/0.jpg | 142.250.74.78 | 200 OK | 27 kB |
URL GET HTTP/2img.youtube.com/vi/qooZx_kVD8A/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash334bf1ab7d9ba4bd083ef57c59a1cdab c8428cbd652a31fb581c9fcfa62faf9f47abd3ab 03e1eefd43fcd4bbd8e3793c87fd3e740daa7a4c2ff5c19f0d6b617605ee70e7
GET /vi/qooZx_kVD8A/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26677
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:56:25 GMT
expires: Tue, 16 Apr 2024 18:56:25 GMT
cache-control: public, max-age=7200
etag: "1711295504"
content-type: image/jpeg
vary: Origin
age: 87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/7xOe_y6Mz5A/0.jpg | 142.250.74.78 | 200 OK | 32 kB |
URL GET HTTP/2img.youtube.com/vi/7xOe_y6Mz5A/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash8a18e18bbfc968a8a6cc9a75e67d1aeb 8550477e1d1e2f9ad11571489abfaf6f201ec2e1 b76e8dcbdc2ed2a22ad148a87465c32dad0f3ce9d757cbebc0ee1254a62185fb
GET /vi/7xOe_y6Mz5A/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 32291
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:55:13 GMT
expires: Tue, 16 Apr 2024 18:55:13 GMT
cache-control: public, max-age=7200
etag: "1712924827"
content-type: image/jpeg
vary: Origin
age: 159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/vu6yvYyjidg/0.jpg | 142.250.74.78 | 200 OK | 24 kB |
URL GET HTTP/2img.youtube.com/vi/vu6yvYyjidg/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash7c6a582ae54b34f32803a687fad97622 7e8803b4296c00ec5aef7c2d50454c0df092de36 ad71a3489ffa9cc59d76134545f75e065d9e9517207158346b4e039306af679f
GET /vi/vu6yvYyjidg/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 24373
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:38 GMT
expires: Tue, 16 Apr 2024 18:57:38 GMT
cache-control: public, max-age=7200
etag: "1711787278"
content-type: image/jpeg
vary: Origin
age: 14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/GB6V0QjLhYg/0.jpg | 142.250.74.78 | 200 OK | 24 kB |
URL GET HTTP/2img.youtube.com/vi/GB6V0QjLhYg/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hashd2a7e2bd94551d7e5810c8b5b251037d 089aae722ed96ae325f42792c395f755d20cd96b 3b0f3a95237dd20e58ab3b6b93e3e264722d17b29db70f460228ce4555a5b9d0
GET /vi/GB6V0QjLhYg/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 23563
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:42 GMT
expires: Tue, 16 Apr 2024 18:57:42 GMT
cache-control: public, max-age=7200
etag: "1711857003"
content-type: image/jpeg
vary: Origin
age: 10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/F_sLmzXqlxo/0.jpg | 142.250.74.78 | 200 OK | 22 kB |
URL GET HTTP/2img.youtube.com/vi/F_sLmzXqlxo/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash2519c00f3c0f554abfd29dd00794ed56 fbf9a04f7c22685532af0b5d76a53c932d4b3dda 54a79196240c495f4bdcf3018386b0f9b32b9862614b4a862724b177bdb6405e
GET /vi/F_sLmzXqlxo/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 22499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:53:41 GMT
expires: Tue, 16 Apr 2024 18:53:41 GMT
cache-control: public, max-age=7200
etag: "1711814009"
content-type: image/jpeg
vary: Origin
age: 251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/-yaFPrAEKXw/0.jpg | 142.250.74.78 | 200 OK | 19 kB |
URL GET HTTP/2img.youtube.com/vi/-yaFPrAEKXw/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash5520b47c3302632c1d3dc33b5501bf74 0c3e8167e23c216d67f8c3924d806041cbba91ff 649011ebe21bd8ced633754f7d5ff82494cd797d4520e2885fded18720b541b0
GET /vi/-yaFPrAEKXw/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 19176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:50 GMT
expires: Tue, 16 Apr 2024 18:57:50 GMT
cache-control: public, max-age=7200
etag: "1668275284"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d | 210.74.226.164 | 200 | 413 B |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF, LF line terminators Hash8a1b0b2a98ac8f20dfcf085c127e7e03 6d12a4e8c5e6e9aaf740bf834059511442d9550a ee3e4329cb688bf42a8bfce72de3ac4c127dcd6231186873c1b93fcbbfb73ae5
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:56 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621526
Vary: Accept-Encoding
CF-RAY: 8755b7858b4785ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: da36ad94-5a79-4ea0-9cd7-39f786b63979
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280 | 210.74.226.164 | 200 | 18 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17427), with CRLF, LF line terminators Hashaaa33178361679569b06631439eefa8b 19c33edb9e15a917faf8852aca133db6a5dba5aa 8155a9cff7831b9962ce870baab32394e3662e8834bf0f88ae887b50b522ec90
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:56 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b7859b9a84f0-HKG
Content-Disposition: inline;filename=f.txt
traceId: 1a082622-5ef8-49db-a65e-dc4850af5e9d
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/communityawardsapp.css?contenthash=8e020fa3bf0449a24cbd | 210.74.226.164 | 200 | 18 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/communityawardsapp.css?contenthash=8e020fa3bf0449a24cbd IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (10476), with CRLF, LF line terminators Hash31869693d352d644e6f5ec47a6fbde6b 89dbb3cc6afb83288d55a2f19907f7791ba7a06f 32fe829a2100907418aa0c1339794071d5c9ffd1de8117e4e519c0628eb7e082
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/css/applications/community/communityawardsapp.css?contenthash=8e020fa3bf0449a24cbd HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Feb 2024 22:14:59 GMT
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 20:15:14 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3703358
Vary: Accept-Encoding
CF-RAY: 8755b78598275e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866722492548d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985 | 210.74.226.164 | 200 | 36 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (36120), with CRLF, LF line terminators Hash0c6e056220f2cc2bba5d6c2824a1bf5b 5250dd3a2216ff3138ca8fea93d7795dc152a2b7 01e883447b1170ce2da7f3e327ea2c37cbeada1b39e61f8ee1999201e69eb5f3
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:31:08 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b785acf9044a-HKG
Content-Disposition: inline;filename=f.txt
traceId: 55514c32-3121-4ea2-b16b-2accc7fdafd4
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d | 210.74.226.164 | 200 | 60 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (59366), with CRLF, LF line terminators Hash1e06b714c4138494a69b7e6b5cba60d2 2bf619c3e0dd462e0583fd6aa96649e613c5f08a c549b4336a4c68a1563498184f45bec294af07e2e3815d663cab691b47dadce2
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:53 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621603
Vary: Accept-Encoding
CF-RAY: 8755b7859bd084cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: 5440bdc3-e754-4e6c-afe0-405d5182da45
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| img.youtube.com/vi/cRglf_VElO8/0.jpg | 142.250.74.78 | 200 OK | 16 kB |
URL GET HTTP/2img.youtube.com/vi/cRglf_VElO8/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash31ea99753b84c6366883592a114c9096 76d20108a691026aafd2a359026a2d97fdcb72d2 17c3344c68fac809e6978040c095e66f8d40091accd7bd9d446eb945369be671
GET /vi/cRglf_VElO8/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 15574
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:51 GMT
expires: Tue, 16 Apr 2024 18:57:51 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/HyVjwo4aDVA/0.jpg | 142.250.74.78 | 200 OK | 34 kB |
URL GET HTTP/2img.youtube.com/vi/HyVjwo4aDVA/0.jpg IP142.250.74.78:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash810a8950c4d89f39ca99a8c0b809d0ce d7f12802dcbd4d3025aa47ad7ed30eb4ee06f81f c3c87045f9f7a6ed5ce1507745d90259e395e6bf0b67983a46b6f26d3026da46
GET /vi/HyVjwo4aDVA/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 33585
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:34 GMT
expires: Tue, 16 Apr 2024 18:57:34 GMT
cache-control: public, max-age=7200
etag: "1659537195"
content-type: image/jpeg
vary: Origin
age: 18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440 | 210.74.226.164 | 200 | 26 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (25789), with CRLF, LF line terminators Hash9f8996d885d01fca43b666a5077f3337 9380a54c75cfb85fc31a5c4297333faf21ce7168 527644336ab44c46f478aa183d31a86957d4fae2aadd74673b71f6d191e473c9
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b785892d8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 1e820496-6f56-40fa-918e-77fb9fe74bc9
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.cloudflare.steamstatic.com/public/shared/images/comment_quoteicon.png | 172.64.145.151 | 200 OK | 417 B |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/comment_quoteicon.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash2e6556310cf788abcc905dc522fe8375 f721b02abedca660d17f7c7d2f38aac2a89e4155 32285e351f9647f9b357aa997d5e1f6c1c521dac197bee998b17041ee5297d7d
GET /public/shared/images/comment_quoteicon.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 417
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-1a1"
x-cache: MISS
cf-cache-status: HIT
age: 6533
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7896db60b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/apphubs/4-star.png | 172.64.145.151 | 200 OK | 3.5 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/apphubs/4-star.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced Hash99b0b7ce794818eb24dd6d5287588936 ae4ad007ad10371bf4a35f1d4ae2b871d2b809e7 e957985b47c64e1d65ec3c377170d5c0bbea810eab863824f305838493be7427
GET /public/shared/images/apphubs/4-star.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 3475
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-d93"
x-cache: MISS
cf-cache-status: HIT
age: 1179
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7897dcb0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/apphubs/item_type_hover.png?v=1 | 172.64.145.151 | 200 OK | 2.8 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/apphubs/item_type_hover.png?v=1 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hash2024f24380b48b22d0d1dd5664452b7a 120a6cbbb2c3f97099b573978b810d6d33389e40 9f60fa47c8e46e872dbdd2b8b2c4bfeed0f1db835ac3c6cb83740ffc17b9015c
GET /public/shared/images/apphubs/item_type_hover.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 2792
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-ae8"
x-cache: MISS
cf-cache-status: HIT
age: 6105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7898dda0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/apphubs/icons/icon_rate.png | 172.64.145.151 | 200 OK | 1.1 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/apphubs/icons/icon_rate.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash96c60098e888af1bc5ae43c93034b017 44317b6e92c020c7b467737df6702858972830d8 101dcaab2ad4a31c11dbd87a661b1324c5dd52b43a1ea814234f5bbc78993286
GET /public/shared/images/apphubs/icons/icon_rate.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 1131
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-46b"
x-cache: MISS
cf-cache-status: HIT
age: 3862
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7898de10b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/iconholder_inactive.png | 172.64.145.151 | 200 OK | 967 B |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/iconholder_inactive.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash8de9529afbb3519ac8f5994776e78fd0 c06318fef84fa2955ee0c54f8607c4ac8a8e0d54 2641bea3a22453d5d7cbae49bbb0414fce0ddd6ce39d067c3b7f2311846e46cd
GET /public/shared/images/iconholder_inactive.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 967
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-3c7"
x-cache: MISS
cf-cache-status: HIT
age: 2892
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7899de80b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/apphubs/not-yet.png | 172.64.145.151 | 200 OK | 2.4 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/apphubs/not-yet.png IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced Hash9467cd36fa8d637f6025e405a8a8ee81 8d028c12f3ef3edbecfafe5217c734003b739967 1396ffd3fdda47e9634bbaaffa5c1b8fa3dafbeef347fa2504e2c636ef316636
GET /public/shared/images/apphubs/not-yet.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 2441
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-989"
x-cache: MISS
cf-cache-status: HIT
age: 1580
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7899ded0b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/buttons/icons_16.png?v=5 | 172.64.145.151 | 200 OK | 6.7 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/buttons/icons_16.png?v=5 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 320 x 32, 8-bit/color RGBA, non-interlaced Hash49b920ca1495fc302a0ed1515ce53491 6cce254202c4dc378cf31aaa7d05c8538267f078 472165755644972c17e4bbaf1300926ab99724d95599415b2ea7f9c16a27737c
GET /public/shared/images/buttons/icons_16.png?v=5 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 6719
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-1a3f"
x-cache: MISS
cf-cache-status: HIT
age: 2895
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b789ae060b59-OSL
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images/apphubs/bg_workshopitem.png?v=1 | 172.64.145.151 | 200 OK | 24 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/apphubs/bg_workshopitem.png?v=1 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePNG image data, 305 x 126, 8-bit/color RGBA, non-interlaced Hash480ab236d2cca062e8d1e623887e465e 6c16204ee617e33b7472dd0010d7f5f3dfaadc7c bff63013b4aeb2d2a71f3fbdca0360da66289022fb70ac9914db529113bc7e9e
GET /public/shared/images/apphubs/bg_workshopitem.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 24341
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-5f15"
x-cache: MISS
cf-cache-status: HIT
age: 1179
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b789be140b59-OSL
X-Firefox-Spdy: h2
|
|
| steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34 | 210.74.226.164 | 200 | 14 kB |
URL GET HTTP/1.1steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjectsteam.guesskings.com FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9 ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14161), with CRLF, LF line terminators Hashaa4dd4fca6bf426c7e8f50d1ca669be7 180b969aa6948c1967dd1838a5c270d5e88c5295 71fc1143b0819165eb9616f8dd6fd2f9c7d068becace38a522aa63a75413a225
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:53 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b787dbf6211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 2b6dcc2a-ad07-4ff1-9e39-36bbd178e6de
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 | 172.64.145.151 | 200 OK | 3.7 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashca81bf2f0d99757a6f97b0fec3cf5ab5 de4b8d0953809e4687fa45f95092c9c5e92ca146 b83d5a05f79f53d2945fe89bee2239fad2761c2eccee6ad655bbec92a85a80e1
GET /public/shared/images/header/logo_steam.svg?t=962016 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Nov 2020 23:34:54 GMT
etag: W/"5fb45e1e-e64"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3078
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c5f0b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| community.cloudflare.steamstatic.com/public/shared/images//award_icon.svg | 172.64.145.151 | 200 OK | 2.4 kB |
URL GET HTTP/2community.cloudflare.steamstatic.com/public/shared/images//award_icon.svg IP172.64.145.151:443
Requested byhttps://steam.guesskings.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0 ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash4a5fc8aeab8927b9b0f77e3f42b84985 79bd26f8c7651d31ebb505e32001ef01a5e8a9c8 8b20f27831d4d86e404f0eac6ba0915e0d584fcc92ef580297db2da74293b123
GET /public/shared/images//award_icon.svg HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jun 2020 22:53:14 GMT
etag: W/"5ee94d5a-952"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 1289
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e6cb10b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| steamuserimages-a.akamaihd.net/ugc/2466358640182369850/A8459A9CD88BE7D65EA2AB75926A5D4965A6FFC2/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false | 95.101.11.35 | 200 OK | 356 kB |
URL GET HTTP/2steamuserimages-a.akamaihd.net/ugc/2466358640182369850/A8459A9CD88BE7D65EA2AB75926A5D4965A6FFC2/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false IP95.101.11.35:443 ASN#20940 Akamai International B.V.
Requested byhttps://steam.guesskings.com/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1366x768, components 3 Size356 kB (356037 bytes) Hash35ce8c816fc2f6aed202e21b912b18b4 febfbf2244e1633ec9d0a5a60c2d33e98d142967 abb902ab22134b7fea8c9d154ac699340f7c0a702562a98b0805f26ca1928016
GET /ugc/2466358640182369850/A8459A9CD88BE7D65EA2AB75926A5D4965A6FFC2/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:09:23 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2E0D810E6D"
server: Akamai Image Manager
content-length: 356037
content-type: image/jpeg
cache-control: private, no-transform, max-age=602302
expires: Tue, 23 Apr 2024 16:16:13 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2
|
|