Report - steam.guesskings.com/

Report Overview

Submitted URL
steam.guesskings.com/
IP
210.74.226.164
ASN
#4812 China Telecom Group
Submitted
2024-04-16 16:58:12
Access
public
Website Title
Steam Community
Final URL
steam.guesskings.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
168

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
steamuserimages-a.akamaihd.net	18390	2009-09-14	2017-01-29	2024-04-15	17 kB	3.1 MB	95.101.11.35
img.youtube.com	3087	2005-02-15	2012-05-30	2024-04-16	4.4 kB	226 kB	142.250.74.78
steam.guesskings.com	unknown	2022-05-10	2022-09-23	2024-03-27	32 kB	5.0 MB	210.74.226.164
cdn.cloudflare.steamstatic.com	9505	2013-11-07	2020-06-12	2024-04-15	2.6 kB	66 kB	172.64.145.151
community.cloudflare.steamstatic.com	15754	2013-11-07	2020-06-24	2024-04-13	12 kB	805 kB	172.64.145.151
avatars.cloudflare.steamstatic.com	unknown	2013-11-07	2022-03-02	2024-04-15	1.5 kB	4.3 kB	172.64.145.151

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam
2024-04-16	medium	steam.guesskings.com/	Steam

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed
2024-04-16	medium	guesskings.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare	587 kB	2024-04-16	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 18:58:15 Last Seen2024-04-16 18:58:17 Times Seen3 Hash 220a975c6d9f00eb8f0f993b03b52e7c 6d90e35e6fe894ff7c091ef60d461f7c3f873599 7bd76a1514ae8cbca8644ed9e800fe441c5316a4ef0d1e12accd3b885e28329b Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare	16 kB	2024-04-16	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 18:58:15 Last Seen2024-04-16 18:58:17 Times Seen3 Hash 7a75daa9723ca7af54624a6727a7d5f5 62c95bbfb66df1b93287c9c053a8e52bcca51018 e4ccc0cb2ddd09066559b9e3900c2aaa093f2c2f245b0904fcd310d6ac982820 Loading...

	steam.guesskings.com/	374 B	2023-03-12	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 09:45:05 Last Seen2024-04-29 23:26:44 Times Seen1212 Hash b70da133ca779ab3e43a34b27582022a 43c146ab15416cc77dadea9d17dbd69b4b001b4b 9b7266c903d26b60f47edbf7647ebe6fe6810e4e06c0cf06f1348944ee585b2c Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop	122 kB	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-29 19:57:37 Times Seen4094 Hash 39e34882ba4417cb4b1b84916dabb770 0d0ca081fb60c8aad337091bafcbe84f966c38b0 da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c Loading...

	steam.guesskings.com/	521 B	2023-03-12	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 09:45:05 Last Seen2024-04-29 23:26:44 Times Seen1211 Hash 1ca437221076a602c053146ac451e9a2 605ca877765dcd8a7420d4e3df5a644f5468b5e7 1ce28f3f9525bda804d49ef59149ff51b079c28dfdee7a6b86107bcd0350538f Loading...

	steam.guesskings.com/	99 B	2023-10-29	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-29 02:38:02 Last Seen2024-04-29 07:10:57 Times Seen35 Hash 7bad9ec419a7ab6f218e66c74f8fc709 0eb3917fce88fc5dee8153be5b390e595dd32264 2577469d646d952251e4b3c6def3a89c889a0a66c6971178e53f25b614ef6ec3 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare	18 kB	2023-03-12	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:03 Last Seen2024-04-16 18:58:17 Times Seen30 Hash d642581b253bf84ac7a7da752573ca62 f9e9617e832657133ffe0423d3bffcd91c35b3a7 1a8fb0d133135943bca919329003eac543aa29749eea474f33d3a94a4d15a647 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare	927 kB	2024-04-16	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 18:58:15 Last Seen2024-04-29 07:10:58 Times Seen5 Hash 7cc72a37a98a82387097c2d95db8dfa4 eb60fd9b530d5ea6115e20f891e832d4851ccd5f 5b87b450067424f7b1e5674d9f5634a2fb6e8f1347d273f6003e85398b7c4359 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d	216 kB	2024-02-08	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-08 03:02:47 Last Seen2024-04-16 18:58:18 Times Seen46 Hash 853ee23dcdf650baacddda80e05e36bb 60104b174ada73ae6845f5def564c5f9428548fa 00026ec6d14e33a96aefb38fc8a7e741eb8cc3a35600467991b576f5ba98a2f3 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare	1.1 kB	2023-03-12	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:03 Last Seen2024-04-16 18:58:17 Times Seen22 Hash 210c2d3ede48ef95f9fe19605086eb5e 9581c67260e7125df72febd83193874e9bd14164 9d8b43fee90b04c7e0156d0c8f82707cc00f8411677ad5114ee232285afa06d5 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d	60 kB	2024-01-28	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-28 04:43:03 Last Seen2024-04-16 18:58:18 Times Seen38 Hash 1e06b714c4138494a69b7e6b5cba60d2 2bf619c3e0dd462e0583fd6aa96649e613c5f08a c549b4336a4c68a1563498184f45bec294af07e2e3815d663cab691b47dadce2 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34	14 kB	2024-02-16	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34 IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-16 23:15:33 Last Seen2024-04-29 07:10:58 Times Seen33 Hash aa4dd4fca6bf426c7e8f50d1ca669be7 180b969aa6948c1967dd1838a5c270d5e88c5295 71fc1143b0819165eb9616f8dd6fd2f9c7d068becace38a522aa63a75413a225 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare	169 kB	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-04-29 19:57:37 Times Seen4531 Hash 6a39e0b509fecb928d47b8a2643fed2a f67fa6cb1d09963d10ba117d6553c8e7d5bc7863 d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96 Loading...

	steam.guesskings.com/	114 B	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-29 23:26:44 Times Seen1364 Hash 16f8c3f24c03dd22c268f120ecbb7d9c 0fc91d904a8d38ad4588344a0191af727fd09311 61c71b0ebf72ea0d8fc27d307870302ea163aa9bd344b3ba1402a2e894721925 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d	413 B	2024-02-08	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-08 03:02:48 Last Seen2024-04-16 18:58:18 Times Seen18 Hash 8a1b0b2a98ac8f20dfcf085c127e7e03 6d12a4e8c5e6e9aaf740bf834059511442d9550a ee3e4329cb688bf42a8bfce72de3ac4c127dcd6231186873c1b93fcbbfb73ae5 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440	26 kB	2024-01-28	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440 IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-28 04:43:02 Last Seen2024-04-29 07:10:58 Times Seen39 Hash 9f8996d885d01fca43b666a5077f3337 9380a54c75cfb85fc31a5c4297333faf21ce7168 527644336ab44c46f478aa183d31a86957d4fae2aadd74673b71f6d191e473c9 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare	16 kB	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-29 19:57:37 Times Seen5150 Hash 72938851e7c2ef7b63299eba0c6752cb b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985	36 kB	2024-02-18	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985 IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-18 16:52:18 Last Seen2024-04-29 07:10:58 Times Seen20 Hash 0c6e056220f2cc2bba5d6c2824a1bf5b 5250dd3a2216ff3138ca8fea93d7795dc152a2b7 01e883447b1170ce2da7f3e327ea2c37cbeada1b39e61f8ee1999201e69eb5f3 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0	185 kB	2024-04-16	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0 IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 18:58:16 Last Seen2024-04-16 18:58:18 Times Seen2 Hash c023e4c06c828c36b044b6290ad4fa38 b95f05bcec10296fe7e45481e84b4a05f1f2a80f 57b9fb4a5d43760a96aea3984dcef7aff72427f6f4775c8505c749d7914420eb Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280	18 kB	2024-02-16	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280 IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-16 23:15:34 Last Seen2024-04-29 07:10:58 Times Seen29 Hash aaa33178361679569b06631439eefa8b 19c33edb9e15a917faf8852aca133db6a5dba5aa 8155a9cff7831b9962ce870baab32394e3662e8834bf0f88ae887b50b522ec90 Loading...

	steam.guesskings.com/	323 B	2023-10-29	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-29 02:38:02 Last Seen2024-04-29 07:10:57 Times Seen32 Hash e90288bc345fb618a5d705e2a0e3ca7d 5be604132abcbc57179be1376f2ea3047aeda91e 97b51b7bd0958577e42353c44fb294b45085ac5cf53a6dee10d0e48a6a7cd357 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare	96 kB	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-29 19:57:37 Times Seen6166 Hash 4dc834d16a0d219d5c2b8a5b814569e4 4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare	155 kB	2024-04-16	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 18:58:16 Last Seen2024-04-29 07:10:58 Times Seen4 Hash 4f0a7af4385f98de48c8060fba988e27 b07077ee281ba5b63dd665b42b48a197c80c88b8 3a44820ddcbe21e29f3670ebdbbe1399de32459b17cb9ac7972a6ee5aa50afc3 Loading...

	steam.guesskings.com/	138 B	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-29 23:26:44 Times Seen1166 Hash 9f44e1f62e772303b2e525ddb1612081 e4a96a617321364bc3a043575388a6ceb1c0f4c9 9bde39c62b2614c2823a872c6c9d049d0752a22d1ed9474b8bf0cd318001d288 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656	172 kB	2024-01-28	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656 IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-28 04:43:02 Last Seen2024-04-29 07:10:57 Times Seen27 Hash bff935ef448759fa0b4b0fb6308537d1 b0bf8950d5ac42374a448b7fb3718be45e81b32a 96bb4ddc027781b623f8178f765b4cb4e9bdc4b30424067b768a77694f0291dd Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare	14 kB	2023-03-29	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:06:41 Last Seen2024-04-29 07:24:04 Times Seen205 Hash 59dd2408449e26ab969b384f6cc5cd98 09a2919cdeef326b8d4c492e7f65895e2dfb9801 78a72f3e67d9f2f0200e36adc262f794312e5c69001f18be84886601a8a59571 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare	15 kB	2024-03-31	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-31 18:56:34 Last Seen2024-04-16 18:58:17 Times Seen4 Hash b50443501108ef0f2862f7619ec73726 ebd84e20c04cc1bf68b5c55b456f25661a46b9e5 168d530f7bf604619928553dc2e847d4df2c6136a4076f2c07ebaefbc2fb48c6 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare	2.9 kB	2023-03-12	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:03 Last Seen2024-04-16 18:58:17 Times Seen34 Hash e275614b456ede9716af5db33bc06ff3 7be0606e8e489e67db8d8b6e88236badd643cb8f 7a4db8fc6f2f7f5c2735b78a80c465f47b61c704e6814368f207e07eca1ba742 Loading...

	steam.guesskings.com/	295 B	2023-06-21	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 01:00:33 Last Seen2024-04-29 23:26:44 Times Seen1127 Hash 6004c14868a256e4cae4dec3db42e6d7 48b9c9cef4ebb49a77da2a00b57c3b2c9d86472b 2c550300a61671a67a72219fc89acad93ea8c8cb54d5468ec6f891eda7f30e96 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare	25 kB	2023-03-08	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:04:23 Last Seen2024-04-29 19:57:37 Times Seen2964 Hash a52bc800ab6e9df5a05a5153eea29ffb 8661643fcbc7498dd7317d100ec62d1c1c6886ff 57cfaf9b92c98541f769090cd0229a30013cea7cfafc18519ca654bfae29e14e Loading...

	steam.guesskings.com/	918 B	2024-04-16	2024-04-16
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 18:58:16 Last Seen2024-04-16 18:58:16 Times Seen1 Hash 367b2b7df23974ecc7137038946dd360 4475bfe0aa7bf1f4b2242ca158cec19975e7978d 21d4f0b8d3e6417660a885f7529c5437e8adf1c692a73451347062b6f0d1469a Loading...

	steam.guesskings.com/	158 B	2023-03-08	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:23:05 Last Seen2024-04-29 23:26:44 Times Seen146 Hash 876d8dfa35d272f923bd6c74b5fadda6 ead0d2543eb5cec28d37d3f1ba64165972bbb33c 56e5d3b4faa73eed6bcb3646991980521731d7786d8226d5e7d132d6f477b8d6 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare	104 kB	2024-03-31	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-31 18:56:34 Last Seen2024-04-29 07:10:58 Times Seen8 Hash 0563fe4c0338861e0abda77fef3435b6 2358574b18e5853cb5d8da9fb52fe84546843a7b 9898bab895b6fb9ad62035cda4e12bb8615339e142478043b47d1c175f824379 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare	3.9 kB	2023-03-07	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-29 07:24:04 Times Seen3323 Hash 75f321bb2f8bae9ca8e5c4c6d72521bd 8ed540dc9da8c5d7c2bbe390fc663e6de0b1ef0c 92a217685eda5e8319d193142aeadf80ae7a9c9e04a9a365d9cf01078d459985 Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare	12 kB	2023-03-12	2024-04-16
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:47:01 Last Seen2024-04-16 18:58:17 Times Seen30 Hash 2ba219efad9b8f0614bb8ca395644299 cbedc420cf2d472ab8e7f8819c33a55f962e3a5f 17b25eb544bcb517752ef36c778caf44d50bf2f815bb305771381fe76aac7e8c Loading...

	steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare	457 B	2023-03-26	2024-04-29
Pretty URL steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:00:05 Last Seen2024-04-29 07:15:17 Times Seen365 Hash 1fc0e266e0c35f24bf232e1015ca7064 dcfa89f38d3bac32a02f28c662cfa4f4855ec8b7 c5527d218ab87fb08c01dbdb65039651a55be1bf70fb19aef70930c2e81c7698 Loading...

	steam.guesskings.com/	46 B	2023-03-08	2024-04-29
Pretty URL steam.guesskings.com/ IP 210.74.226.164 ASN #4812 China Telecom Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:23:05 Last Seen2024-04-29 23:26:44 Times Seen146 Hash c8fe540b1a80ea9061274096d1a895e7 c1762692504af73e2769e61f2b8d618ea9655ada 95eef46f501e4037e8ea0520631718089341740893db9a127aae77d477ccbeaf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 921f3dbdb232f27445fc7df4ec3644fe	111 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 18:58:16 Last Seen2024-04-16 18:58:16 Times Seen1 Hash 921f3dbdb232f27445fc7df4ec3644fe 16ee778563b9306673c46905acd10819609d0557 af68d185f406c604b3b30588d1d68c1f4c7da64a796f89ca7e4f93fcbd677545 Loading...

	#2 Eval - 5a25443d0c63977f772496059e92606f	580 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 18:58:16 Last Seen2024-04-16 18:58:16 Times Seen1 Hash 5a25443d0c63977f772496059e92606f f928d741268cae31031f0dc0c7289ca6393b0116 85137c62dd5234b187b3ee08230dfa839628de4df18b46a6da1fdd4120f28466 Loading...

HTTP Transactions (120)

URL IP Response Size

steam.guesskings.com/

210.74.226.164

200

8.7 kB

URL User Request GET HTTP/1.1
steam.guesskings.com/
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3129), with CRLF, LF line terminators
Size
8.7 kB (8679 bytes)
Hash
70bc0aa19033579282805a49e8d1c557
6360c9662c5fd837abbc5e37fc17d142c796dd82
36b837bac1d8a5c6dcc81a584756f37a744610e98b34e7d90f20ff013340ad48

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 8679
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://steam.guesskings.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: no-cache
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Origin: https://steam.guesskings.com
Set-Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; Path=/; Secure; SameSite=None;Domain=steam.guesskings.com
steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; Path=/; Secure; HttpOnly; SameSite=None;Domain=steam.guesskings.com
uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; Path=/; Domain=steam.guesskings.com
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-cjwn6
traceId: eaac1cf3af17132866626652503d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1761390/6467c6bec4cbd97c3ed30119e8b08072644dd9ab.jpg

172.64.145.151

200 OK

1.9 kB

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1761390/6467c6bec4cbd97c3ed30119e8b08072644dd9ab.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 32x32, components 3
Size
1.9 kB (1874 bytes)
Hash
24ea1e7c26785e7112497a4b4d4901d0
6467c6bec4cbd97c3ed30119e8b08072644dd9ab
52a0a0101bac21bb9f0e07056c64a4a55ebfd72132a6ae430090802ce9259565

HTTP Headers

GET /steamcommunity/public/images/apps/1761390/6467c6bec4cbd97c3ed30119e8b08072644dd9ab.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 1874
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "628fab98-752"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 26 May 2022 16:32:24 GMT
cf-cache-status: HIT
age: 12135970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c6a0b59-OSL
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/250900/16d46c8630499bfc54d20745ac90786a302cd643.jpg

172.64.145.151

200 OK

1.2 kB

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/250900/16d46c8630499bfc54d20745ac90786a302cd643.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, components 3
Size
1.2 kB (1216 bytes)
Hash
7bb9c2f6817759549f20698413253351
16d46c8630499bfc54d20745ac90786a302cd643
a357b694227b7e44aeae9996aa1967923d60e88fae837a69826a6f0fbb94fce6

HTTP Headers

GET /steamcommunity/public/images/apps/250900/16d46c8630499bfc54d20745ac90786a302cd643.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 1216
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "606e7a18-4c0"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 08 Apr 2021 03:35:52 GMT
cf-cache-status: HIT
age: 12576350
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74eac720b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/images/login/throbber.gif

172.64.145.151

200 OK

3.2 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/images/login/throbber.gif
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 32 x 32
Size
3.2 kB (3208 bytes)
Hash
928e54c4c9683d8dd32867ee992d73c4
83b3252952e1e8c98deb5e6eb64e150c594dd97b
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d

HTTP Headers

GET /public/images/login/throbber.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/gif
content-length: 3208
last-modified: Fri, 05 Jan 2018 01:34:49 GMT
etag: "5a4ed639-c88"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3696
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c610b59-OSL
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1202540/96711df7876b863b33b15dc01fedcd1ac2482137.jpg

172.64.145.151

200 OK

1.4 kB

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1202540/96711df7876b863b33b15dc01fedcd1ac2482137.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 32x32, components 3
Size
1.4 kB (1444 bytes)
Hash
8c7910cedd7574f8f45f5c78862d6daf
96711df7876b863b33b15dc01fedcd1ac2482137
166125d72bf6e130a780eca450c0aaeac6257a2cc45aed07581d696996568eb8

HTTP Headers

GET /steamcommunity/public/images/apps/1202540/96711df7876b863b33b15dc01fedcd1ac2482137.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 1444
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "65815bce-5a4"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 19 Dec 2023 09:01:02 GMT
cf-cache-status: HIT
age: 457586
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74eac710b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png

172.64.145.151

200 OK

11 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced
Size
11 kB (10863 bytes)
Hash
a4e79c73ee13cb25b60fc4b0ba1f690c
b690c31b2eb1b0eb085e91aaae7e79f03debe7c1
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

HTTP Headers

GET /public/shared/images/responsive/header_logo.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/png
content-length: 10863
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-2a6f"
x-cache: MISS
cf-cache-status: HIT
age: 1632
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c680b59-OSL
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/359550/624745d333ac54aedb1ee911013e2edb7722550e.jpg

172.64.145.151

200 OK

454 B

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/359550/624745d333ac54aedb1ee911013e2edb7722550e.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 32x32, components 1
Size
454 B (454 bytes)
Hash
4e139cd6cbf5f6f3a6a8f5e7eee84166
c61a68efbc58e37aaacca0916a3021ac9a950cf5
7f0dd7fc9ae014dd34fd4a150151beee9ab6868bb6afbb95257f03897ae29049

HTTP Headers

GET /steamcommunity/public/images/apps/359550/624745d333ac54aedb1ee911013e2edb7722550e.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/jpeg
content-length: 454
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "6553edda-1c6"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 14 Nov 2023 21:59:54 GMT
cf-cache-status: HIT
age: 1198352
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c6c0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png

172.64.145.151

200 OK

1.8 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1846 bytes)
Hash
574c350c7b23ae794d5276f8580e0838
235c7b35c3468f8915eca01f7abdb43d34079609
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

HTTP Headers

GET /public/shared/images/responsive/logo_valve_footer.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/png
content-length: 1846
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-736"
x-cache: MISS
cf-cache-status: HIT
age: 4962
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c580b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/images/skin_1/ico_external_link.gif

172.64.145.151

200 OK

63 B

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/images/skin_1/ico_external_link.gif
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 8 x 8
Size
63 B (63 bytes)
Hash
d1c5aa274c0f681d02317d33026e93d2
07ce7ddd50b6c56dc35a08128a161cdd78c08be4
563401248387cb3cf47d04e1dda78508467889ce4ebb80d24a074e0c24a0183c

HTTP Headers

GET /public/images/skin_1/ico_external_link.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/gif
content-length: 63
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
etag: "5a4ed63b-3f"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4188
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c620b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

172.64.145.151

200 OK

3.8 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3777 bytes)
Hash
eabc76eb57feae44add7faead028521e
4e3e53938fad15661d2d046a868338841a95db19
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

HTTP Headers

GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/png
content-length: 3777
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-ec1"
x-cache: MISS
cf-cache-status: HIT
age: 40
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c630b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/images/x9x9.gif

172.64.145.151

200 OK

58 B

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/images/x9x9.gif
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 9 x 9
Size
58 B (58 bytes)
Hash
c85b970b4c832e361445c1b446cc2343
57e60c2f1f1f919a871b7c171c6d59d42e3adbe5
5ce28d7cf05f0e6eeaa3788a393d9980e9b51130963c6b9672d3447b6b11de6d

HTTP Headers

GET /public/images/x9x9.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/gif
content-length: 58
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
etag: "5a4ed63b-3a"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3076
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c5c0b59-OSL
X-Firefox-Spdy: h2

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare

210.74.226.164

200

2.7 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2718 bytes)
Hash
19f4a36c629c358690fc93dbd234d105
6bbc819e64172d57a4abdaa20c8e2b8a32dd662c
e753a6b743187c7d592e6e2d3580336751e6211cd228ad7410e02db29ec91ad8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 2718
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "GfSjbGKcNYaQ"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 20:15:10 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3703352
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b74f099985ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866635241524d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english&_cdn=cloudflare

210.74.226.164

200

34 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
34 kB (33770 bytes)
Hash
b6e362692c17c1c613dfc67197952242
fed8f68cdfdd8bf5c29fb0ebd418f796bc8af2dd
151dc1c5196a4ca683f292ae77fa5321f750c495a5c4ffd4888959eb46d9cdc1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 33770
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "tuNiaSwXwcYT"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 14:45:02 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3703353
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b74f0c8a211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866635213043d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english&_cdn=cloudflare

210.74.226.164

200

11 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
11 kB (11062 bytes)
Hash
ae830b57b9039ffb0d5130d6272945f6
d653c649e9c9957d592a06ae0e340d96ac1bc444
613569c4a8092b813b9d1a2fdbf007a0fe43f6bb0a2d2c87ac998050f473938d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:43 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 11062
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "roMLV7kDn_sN"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693427
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75149568514-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17132866638853934d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare

210.74.226.164

200

2.5 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2465 bytes)
Hash
8db2ffc24354dbc4b5a7bebbc2b3cdaf
311653110625167fdb4ce22e8f147b717bce6649
e888e754e20a1b354bb45b59a05d7b281fee588a445854116b2bc84620fbf7f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 2465
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:47 GMT
ETag: ".TP5s6TzX6LLh"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 22:48:52 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2916531
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7544d225e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866643602510d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english&_cdn=cloudflare

210.74.226.164

200

6.8 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
6.8 kB (6824 bytes)
Hash
102f7c6e20daa0a5210e8fb3786bbd4f
c688baecba8e6161d6901c2deec80968baf1454d
462481feb218b26c45b970f7c3b5d349dffff44de22d5eaf4f9ed544a2626e7c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 6824
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "EC98biDaoKUh"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 18:33:00 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3709484
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7559fff8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17132866645673940d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&_cdn=cloudflare

210.74.226.164

200

40 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4009), with CRLF, LF line terminators
Size
40 kB (39590 bytes)
Hash
a7055c200b47357c2051179f9b979bbd
701f861353694ceb6a41a867ac2e118a76400cdc
f553f59191af4f2b222a73d129b731d4f461c84a67d55cf8e29ba319fe13b078

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 39590
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "pwVcIAtHNXwg"
Cache-Control: public,max-age=15552000
Expires: Sun, 22 Sep 2024 22:52:20 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1793121
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b753cc4d5e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866642812508d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english&_cdn=cloudflare

210.74.226.164

200

17 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
17 kB (16631 bytes)
Hash
5ce6bb1be046a76c593dc5f9aa706226
64e2c5b91dc1fbb25a4e76ef3a960ff4a34febaf
8584c8ca39f9c0db8dd5d299d575a056ad34afd1d3bef62bc31700de106284a1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 16631
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "XOa7G-BGp2xZ"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 19:12:07 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2929537
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7556be985ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866645461528d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub.css?v=620ci8yyn3Hw&l=english&_cdn=cloudflare

210.74.226.164

200

29 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub.css?v=620ci8yyn3Hw&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
29 kB (28639 bytes)
Hash
eb6d1c8bccb29f71f03bd7a3347777f3
0c4095e9f1d52bf10838c0c1953a8667c4cb3bcd
98aa7cd415cdec4e3d1e1bfcc737c92faa6446491beaf67a97d671682427a9b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/css/apphub.css?v=620ci8yyn3Hw&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 28639
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "620ci8yyn3Hw"
Cache-Control: public,max-age=15552000
Expires: Sun, 22 Sep 2024 22:52:41 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1793068
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b753fa0c211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866643153046d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english&_cdn=cloudflare

210.74.226.164

200

1.1 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1121 bytes)
Hash
4b38ffd17055eb4d80ecbfca24531e66
b9f8457fa8f87dfd8d848eae33d943c5561ec7c0
d340fb2a9e88f33e7018727ce410262d84354cebb6b87662a77eae794ebb0475

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 1121
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "Szj_0XBV602A"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693428
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b756ae9d85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866647411530d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english&_cdn=cloudflare

210.74.226.164

200

88 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1819), with CRLF, LF line terminators
Size
88 kB (87472 bytes)
Hash
d95a196b633c5a1de4bfe531abe19544
b4d3e3d225c8f699d2c5661b194e6feadd9b5807
8a0e6fb8b50e1da206a13969ee4f1f904f0b0a430fd6455a10fc7829b6776ae4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 87472
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "2VoZa2M8Wh3k"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:45 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 584399
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b753d96a85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17132866642871527d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english&_cdn=cloudflare

210.74.226.164

200

3.7 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
3.7 kB (3706 bytes)
Hash
ff40a59671699ae63a3a37c9338612f4
c6f166f3847630f0591589511bd42ff9b7035b26
46a9c57e77a87a44e59346c3c5a1c6af49ef045d2cc4cffba98264783712822d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3706
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "_0CllnFpmuY6"
Cache-Control: public,max-age=15552000
Expires: Sun, 01 Sep 2024 08:42:59 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3658485
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b757e9eb5e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866649462515d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&l=english&_cdn=cloudflare

210.74.226.164

200

19 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1667), with CRLF, LF line terminators
Size
19 kB (18935 bytes)
Hash
2ab2918d06c27cd874de4857d3558626
363be3b96ec2d4430f6d578168c68286cb54b465
4afb3e37bfdd549cc16ef5321faf3f0a3bf6e84c79fc4408bc6f157280636453

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 18935
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "KrKRjQbCfNh0"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:35 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3662121
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b757ee9c211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866649423051d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english&_cdn=cloudflare

210.74.226.164

200

13 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (629), with CRLF line terminators
Size
13 kB (12804 bytes)
Hash
be1e0131e0dc3620948b14da818b1a4d
810b4aff56a0e76cf870cc67e3092447b46dcd92
ebd518bec6383218452cc4597aeff5debc82b1f76cbea1950c5ecbfd59c5e3e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 12804
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "vh4BMeDcNiCU"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:23:19 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699264
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7582ee1211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17132866649823052d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare

210.74.226.164

200

16 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
16 kB (16087 bytes)
Hash
72938851e7c2ef7b63299eba0c6752cb
b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e
e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 16087
Connection: keep-alive
Last-Modified: Tue, 22 Mar 2022 23:23:42 GMT
ETag: ".zYHOpI1L3Rt0"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693429
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75a8ff28514-HKG
Content-Disposition: inline;filename=f.txt
traceId: bdb56198-f1e4-4d9e-b85a-174f8fc5338c
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/main.css?v=96N66CvLHly8&l=english&_cdn=cloudflare

210.74.226.164

200

120 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/main.css?v=96N66CvLHly8&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (26986), with CRLF, LF line terminators
Size
120 kB (119908 bytes)
Hash
f7a37ae82bcb1e5cbcbe7f59ae3f751d
261a66e8d78629d058da4fb001d285f4eebdb352
95fab1a42c8c835c28c2871604e3ca738bee153d5d78cfd6d398fb51142a3c0e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/applications/community/main.css?v=96N66CvLHly8&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:44 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 119908
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "96N66CvLHly8"
Cache-Control: public,max-age=15552000
Expires: Tue, 10 Sep 2024 20:29:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2794727
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b757cbae8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17132866649253942d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop

210.74.226.164

200

122 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
122 kB (122171 bytes)
Hash
39e34882ba4417cb4b1b84916dabb770
0d0ca081fb60c8aad337091bafcbe84f966c38b0
da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 122171
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "OeNIgrpEF8tL"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 14:56:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2934020
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7599e9c8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 0d8073ba-40b0-4fc1-892b-c1070916f683
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare

210.74.226.164

200

104 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9521), with CRLF line terminators
Size
104 kB (103774 bytes)
Hash
0563fe4c0338861e0abda77fef3435b6
2358574b18e5853cb5d8da9fb52fe84546843a7b
9898bab895b6fb9ad62035cda4e12bb8615339e142478043b47d1c175f824379

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/global.js?v=PyuRtGtUpR0t&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 103774
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "PyuRtGtUpR0t"
Cache-Control: public,max-age=15552000
Expires: Sun, 22 Sep 2024 22:52:20 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1793123
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75a3973211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 32c2ca58-06a5-4343-94dd-0102cc23abeb
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare

210.74.226.164

200

96 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32086), with CRLF line terminators
Size
96 kB (95790 bytes)
Hash
4dc834d16a0d219d5c2b8a5b814569e4
4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 95790
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: ".isFTSRckeNhC"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:24:48 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699177
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75a6ce25e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: 07dd67ff-882c-466b-a536-484da765f5d0
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare

210.74.226.164

200

3.9 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.9 kB (3869 bytes)
Hash
75f321bb2f8bae9ca8e5c4c6d72521bd
8ed540dc9da8c5d7c2bbe390fc663e6de0b1ef0c
92a217685eda5e8319d193142aeadf80ae7a9c9e04a9a365d9cf01078d459985

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 3869
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "dfMhuy-Lrpyo"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:23:30 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699255
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75dcca68514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 25289125-ec3e-4435-a678-163423b559a9
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare

210.74.226.164

200

14 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1011), with CRLF line terminators
Size
14 kB (13922 bytes)
Hash
59dd2408449e26ab969b384f6cc5cd98
09a2919cdeef326b8d4c492e7f65895e2dfb9801
78a72f3e67d9f2f0200e36adc262f794312e5c69001f18be84886601a8a59571

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 13922
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "Wd0kCESeJquW"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 18:32:59 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3709486
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75e09915e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: 4308e748-2b72-4a9e-add9-07536381a6ba
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare

210.74.226.164

200

169 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
169 kB (169399 bytes)
Hash
6a39e0b509fecb928d47b8a2643fed2a
f67fa6cb1d09963d10ba117d6553c8e7d5bc7863
d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 169399
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: ".55t44gwuwgvw"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 14:35:53 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 3709553
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b758fb1f5e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: d0c7a424-9097-43b7-81da-44e76a8d5396
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare

210.74.226.164

200

12 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
12 kB (11557 bytes)
Hash
2ba219efad9b8f0614bb8ca395644299
cbedc420cf2d472ab8e7f8819c33a55f962e3a5f
17b25eb544bcb517752ef36c778caf44d50bf2f815bb305771381fe76aac7e8c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 11557
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "8OrLYcA-XZ3m"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 21:23:30 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3699256
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75eecdd85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: 58cca614-df0e-4a51-a316-7a3ecb151c45
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare

210.74.226.164

200

18 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (342), with CRLF line terminators
Size
18 kB (17729 bytes)
Hash
d642581b253bf84ac7a7da752573ca62
f9e9617e832657133ffe0423d3bffcd91c35b3a7
1a8fb0d133135943bca919329003eac543aa29749eea474f33d3a94a4d15a647

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 17729
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "JSwdk0x7aW5O"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 23:00:36 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3693430
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75ecc0684cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: 2ab179fb-8487-42b4-a56d-92aaaa4ebd2c
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare

210.74.226.164

200

15 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
15 kB (14789 bytes)
Hash
b50443501108ef0f2862f7619ec73726
ebd84e20c04cc1bf68b5c55b456f25661a46b9e5
168d530f7bf604619928553dc2e847d4df2c6136a4076f2c07ebaefbc2fb48c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 14789
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "LRs2cUK5D3j7"
Cache-Control: public,max-age=15552000
Expires: Wed, 25 Sep 2024 21:00:50 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1540526
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7601869211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 1a86ac22-f671-4d90-b0bb-5ee508d24542
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare

210.74.226.164

200

2.9 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.9 kB (2858 bytes)
Hash
e275614b456ede9716af5db33bc06ff3
7be0606e8e489e67db8d8b6e88236badd643cb8f
7a4db8fc6f2f7f5c2735b78a80c465f47b61c704e6814368f207e07eca1ba742

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 2858
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "st0tzXwxiGks"
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 18:32:59 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3709487
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76058c1211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: c68fdd0e-3053-4628-98d0-a5665bcc7819
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare

210.74.226.164

200

155 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2654), with CRLF line terminators
Size
155 kB (154553 bytes)
Hash
4f0a7af4385f98de48c8060fba988e27
b07077ee281ba5b63dd665b42b48a197c80c88b8
3a44820ddcbe21e29f3670ebdbbe1399de32459b17cb9ac7972a6ee5aa50afc3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:45 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 154553
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "XPgJuNunk65I"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:24 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 584400
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b75d1d01211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 5e956594-0d7a-4695-849a-3c4dac292574
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare

210.74.226.164

200

1.1 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1063 bytes)
Hash
210c2d3ede48ef95f9fe19605086eb5e
9581c67260e7125df72febd83193874e9bd14164
9d8b43fee90b04c7e0156d0c8f82707cc00f8411677ad5114ee232285afa06d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1063
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "8-RwlLlPLHOa"
Cache-Control: public,max-age=15552000
Expires: Tue, 10 Sep 2024 20:42:47 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2794866
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7612f2084cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: c05628d3-29fa-492c-81fd-f3da21f987e3
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare

210.74.226.164

200

16 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15473), with CRLF, LF line terminators
Size
16 kB (15647 bytes)
Hash
7a75daa9723ca7af54624a6727a7d5f5
62c95bbfb66df1b93287c9c053a8e52bcca51018
e4ccc0cb2ddd09066559b9e3900c2aaa093f2c2f245b0904fcd310d6ac982820

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 15647
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VrmidAAJJjCf"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:06 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 420694
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76139b78514-HKG
Content-Disposition: inline;filename=f.txt
traceId: dd4ac2c6-6cd1-41dc-91eb-e6df5fc0170c
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare

210.74.226.164

200

457 B

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (455), with CRLF line terminators
Size
457 B (457 bytes)
Hash
1fc0e266e0c35f24bf232e1015ca7064
dcfa89f38d3bac32a02f28c662cfa4f4855ec8b7
c5527d218ab87fb08c01dbdb65039651a55be1bf70fb19aef70930c2e81c7698

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 457
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "H8DiZuDDXyS_"
Cache-Control: public,max-age=15552000
Expires: Mon, 09 Sep 2024 19:12:07 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 2929539
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7629b7285ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: 6604db08-36ca-4f79-97c2-c7a28d3149a8
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare

210.74.226.164

200

25 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
25 kB (24657 bytes)
Hash
a52bc800ab6e9df5a05a5153eea29ffb
8661643fcbc7498dd7317d100ec62d1c1c6886ff
57cfaf9b92c98541f769090cd0229a30013cea7cfafc18519ca654bfae29e14e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 24657
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "pSvIAKtunfWg"
Cache-Control: public,max-age=15552000
Expires: Sun, 29 Sep 2024 09:11:21 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 1237585
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7636cc38514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 27e3a8ed-8828-4c40-8fed-dc7a6d5202d2
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare

210.74.226.164

200

927 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators
Size
927 kB (926681 bytes)
Hash
7cc72a37a98a82387097c2d95db8dfa4
eb60fd9b530d5ea6115e20f891e832d4851ccd5f
5b87b450067424f7b1e5674d9f5634a2fb6e8f1347d273f6003e85398b7c4359

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 926681
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VGtvPLNviurP"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 584401
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7616a34211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 60b48c52-d775-41cb-bf55-ad0f06b0c79c
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare

210.74.226.164

200

587 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators
Size
587 kB (586946 bytes)
Hash
220a975c6d9f00eb8f0f993b03b52e7c
6d90e35e6fe894ff7c091ef60d461f7c3f873599
7bd76a1514ae8cbca8644ed9e800fe441c5316a4ef0d1e12accd3b885e28329b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:46 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 586946
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "xsBMMDVfE_Nk"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:14 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 420691
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b7627b778514-HKG
Content-Disposition: inline;filename=f.txt
traceId: b9df5b95-9040-468a-8df3-7ec309257ddc
Strict-Transport-Security: max-age=15724800; includeSubDomains

community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1

172.64.145.151

200 OK

291 B

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced
Size
291 B (291 bytes)
Hash
a2796187c58c7e948159e37d6990ecc2
4209cd85add507247f9ce5a87a8c9095b54ee417
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

HTTP Headers

GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: image/png
content-length: 291
last-modified: Wed, 21 Mar 2018 00:07:17 GMT
etag: "5ab1a235-123"
x-cache: MISS
cf-cache-status: HIT
age: 6374
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b769ed6c0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015

172.64.145.151

200 OK

123 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansRegular4.015;Plau;MotivaSan
Size
123 kB (122684 bytes)
Hash
57613e143ff3dae10f282e84a066de28
88756cc8c6db645b5f20aa17b14feefb4411c25f
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

HTTP Headers

GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam.guesskings.com
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: application/octet-stream
content-length: 122684
last-modified: Tue, 28 Jul 2020 23:16:28 GMT
etag: "5f20b1cc-1df3c"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b769ed7f0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015

172.64.145.151

200 OK

124 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansMedium4.015;Plau;MotivaSans
Size
124 kB (124048 bytes)
Hash
2d64caa5ecbf5e42cbb766ca4d85e90e
147420abceb4a7fd7e486dddcfe68cda7ebb3a18
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

HTTP Headers

GET /public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam.guesskings.com
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: application/octet-stream
content-length: 124048
last-modified: Tue, 28 Jul 2020 23:16:28 GMT
etag: "5f20b1cc-1e490"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b769fd8b0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015

172.64.145.151

200 OK

119 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansThin4.015;Plau;MotivaSans-T
Size
119 kB (118736 bytes)
Hash
ce6bda6643b662a41b9fb570bdf72f83
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

HTTP Headers

GET /public/shared/fonts/MotivaSans-Thin.ttf?v=4.015 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steam.guesskings.com
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:47 GMT
content-type: application/octet-stream
content-length: 118736
last-modified: Tue, 28 Jul 2020 23:16:27 GMT
etag: "5f20b1cb-1cfd0"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b76a0d950b59-OSL
X-Firefox-Spdy: h2

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare

210.74.226.164

200

16 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15473), with CRLF, LF line terminators
Size
16 kB (15647 bytes)
Hash
7a75daa9723ca7af54624a6727a7d5f5
62c95bbfb66df1b93287c9c053a8e52bcca51018
e4ccc0cb2ddd09066559b9e3900c2aaa093f2c2f245b0904fcd310d6ac982820

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=VrmidAAJJjCf&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:48 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 15647
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VrmidAAJJjCf"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:06 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 420696
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76b0e73211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 745d08e7-430b-4405-95c1-be37b51ea2be
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare

210.74.226.164

200

927 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators
Size
927 kB (926681 bytes)
Hash
7cc72a37a98a82387097c2d95db8dfa4
eb60fd9b530d5ea6115e20f891e832d4851ccd5f
5b87b450067424f7b1e5674d9f5634a2fb6e8f1347d273f6003e85398b7c4359

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:48 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 926681
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VGtvPLNviurP"
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:44 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 584403
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b76dccbf85ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: 0d8593c1-5b0d-4a60-82ad-62cd7bc2447d
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare

210.74.226.164

200

587 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65362), with CRLF, LF line terminators
Size
587 kB (586946 bytes)
Hash
220a975c6d9f00eb8f0f993b03b52e7c
6d90e35e6fe894ff7c091ef60d461f7c3f873599
7bd76a1514ae8cbca8644ed9e800fe441c5316a4ef0d1e12accd3b885e28329b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/main.js?v=xsBMMDVfE_Nk&l=english&_cdn=cloudflare HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:49 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 586946
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "xsBMMDVfE_Nk"
Cache-Control: public,max-age=15552000
Expires: Tue, 08 Oct 2024 20:06:14 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 420694
Accept-Ranges: bytes
Vary: Accept-Encoding
CF-RAY: 8755b775480d8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 03ddc03d-974a-4373-9c46-0de428cce1a0
Strict-Transport-Security: max-age=15724800; includeSubDomains

community.cloudflare.steamstatic.com/public/images//sharedfiles/searchbox_workshop_submit.gif

172.64.145.151

200 OK

1.4 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/images//sharedfiles/searchbox_workshop_submit.gif
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 23 x 18
Size
1.4 kB (1418 bytes)
Hash
05fb65c97a9a5a8ae214129b1179cd41
b9646bed2952c2a908ee7bbba96331919cd6e43a
ecb79b1ea1675b180662b87e2eb7236ac5fe55ee3f37cbb5432202d3a17232a0

HTTP Headers

GET /public/images//sharedfiles/searchbox_workshop_submit.gif HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:50 GMT
content-type: image/gif
content-length: 1418
last-modified: Fri, 05 Jan 2018 01:34:50 GMT
etag: "5a4ed63a-58a"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4919
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7796ca50b59-OSL
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/steam/apps/359550/page_bg_generated_v6b.jpg?t=1711470437

172.64.145.151

200 OK

59 kB

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steam/apps/359550/page_bg_generated_v6b.jpg?t=1711470437
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1438x810, components 3
Size
59 kB (59127 bytes)
Hash
5eef4afebac148d107466675fad4ff7a
bcdbd9dce3e633d9fdae639f934c051ff4b61581
5140144fc08e717d5a72e7225081b96eace016be954ee9fbde28fc2560b62e51

HTTP Headers

GET /steam/apps/359550/page_bg_generated_v6b.jpg?t=1711470437 HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:50 GMT
content-type: image/jpeg
content-length: 59127
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-bgj: h2pri
etag: "6602f763-e6f7"
expires: Tue, 23 Apr 2024 16:28:13 GMT
last-modified: Tue, 26 Mar 2024 16:27:15 GMT
cf-cache-status: HIT
age: 1547
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7797cb30b59-OSL
X-Firefox-Spdy: h2

steam.guesskings.com/favicon.ico

210.74.226.164

200

39 kB

URL GET HTTP/1.1
steam.guesskings.com/favicon.ico
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Size
39 kB (38554 bytes)
Hash
231913fdebabcbe65f4b0052372bde56
553909d080e4f210b64dc73292f3a111d5a0781f
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: image/x-icon
Content-Length: 38554
Connection: keep-alive
Last-Modified: Tue, 18 Sep 2018 23:32:59 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://steam.guesskings.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: public,max-age=86400
Expires: Fri, 06 Oct 2023 02:34:46 GMT
Origin: https://steam.guesskings.com
Set-Cookie: uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; Path=/; Domain=steam.guesskings.com
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-cjwn6
traceId: eaac1cf3af17132866705232539d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1

210.74.226.164

200

9.7 kB

URL GET HTTP/1.1
steam.guesskings.com/apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (1219), with CRLF line terminators
Size
9.7 kB (9665 bytes)
Hash
0f7979011b011900ad641a53e87b5417
0aaaa145768b19d6c3f29bcca5501be735159d2a
d6c6b3112f566cafc39baff41a2cb838005f5f12c032a17273d0f0d84e096362

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.7
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 9665
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 16:57:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://steam.guesskings.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: public,max-age=60
Content-Encoding: gzip
Expires: Tue, 16 Apr 2024 16:58:22 GMT
Origin: https://steam.guesskings.com
Set-Cookie: uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; Path=/; Domain=steam.guesskings.com
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-cjwn6
traceId: eaac1cf3af17132866705432540d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

community.cloudflare.steamstatic.com/public/shared/images/userreviews/icon_thumbsUp.png?v=1

172.64.145.151

200 OK

2.1 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/userreviews/icon_thumbsUp.png?v=1
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2103 bytes)
Hash
70dd94db2cc784ee7d1d4e711e1c4260
f04a6007da546006b008b1a7d143b4dcb4a3147a
16d0421c9b126ba66695653318780cbd30fef1fe2093f9135eeb323a37143a1e

HTTP Headers

GET /public/shared/images/userreviews/icon_thumbsUp.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/png
content-length: 2103
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-837"
x-cache: MISS
cf-cache-status: HIT
age: 2608
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e0bd30b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/apphubs/play_icon80.png

172.64.145.151

200 OK

2.2 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/apphubs/play_icon80.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 80 x 55, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2184 bytes)
Hash
080c457af88ef213cf315af1221f74c2
44c7475d69e1f3d8780b6f638960b670c2c0fa58
47cca726b04188ab33a403ac206822b96d6789fe5ff568ddcbd9ba972688f6d4

HTTP Headers

GET /public/shared/images/apphubs/play_icon80.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/png
content-length: 2184
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-888"
x-cache: MISS
cf-cache-status: HIT
age: 1312
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e0bdf0b59-OSL
X-Firefox-Spdy: h2

avatars.cloudflare.steamstatic.com/dc66620aff3d51c87b12ab545e0076efff39ff16.jpg

172.64.145.151

200 OK

1.1 kB

URL GET HTTP/2
avatars.cloudflare.steamstatic.com/dc66620aff3d51c87b12ab545e0076efff39ff16.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3
Size
1.1 kB (1063 bytes)
Hash
e96d8bd9ce6a2f9ca068b269d5f84b38
dc66620aff3d51c87b12ab545e0076efff39ff16
8ce16922277238c4e43157b85ba3388faa482ab2a63dc9fd94defd9b22f71f96

HTTP Headers

GET /dc66620aff3d51c87b12ab545e0076efff39ff16.jpg HTTP/1.1
Host: avatars.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/jpeg
content-length: 1063
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: h2pri
content-md5: 6W2L2c5qL5ygaLJp1fhLOA==
etag: "0x8DB003FBDD82999"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 08:23:17 GMT
x-cache: MISS
cf-cache-status: HIT
age: 116317
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e2c0d0b59-OSL
X-Firefox-Spdy: h2

avatars.cloudflare.steamstatic.com/41dc340b5caece51a18ede7d0a297a7a8f8ead1b.jpg

172.64.145.151

200 OK

853 B

URL GET HTTP/2
avatars.cloudflare.steamstatic.com/41dc340b5caece51a18ede7d0a297a7a8f8ead1b.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3
Size
853 B (853 bytes)
Hash
9a3a7b96004709fc7ac8f17213212c44
41dc340b5caece51a18ede7d0a297a7a8f8ead1b
022731af45237e53c5b785403a03facdee2d5b28b31b27d61ace16f304056060

HTTP Headers

GET /41dc340b5caece51a18ede7d0a297a7a8f8ead1b.jpg HTTP/1.1
Host: avatars.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/jpeg
content-length: 853
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: h2pri
content-md5: mjp7lgBHCfx6yPFyEyEsRA==
etag: "0x8DA049352E10C3D"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 13 Mar 2022 01:46:42 GMT
x-cache: MISS
cf-cache-status: HIT
age: 66255
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e3c1e0b59-OSL
X-Firefox-Spdy: h2

avatars.cloudflare.steamstatic.com/cf681785339885cfc9399fb8757a514e6850e81c.jpg

172.64.145.151

200 OK

898 B

URL GET HTTP/2
avatars.cloudflare.steamstatic.com/cf681785339885cfc9399fb8757a514e6850e81c.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3
Size
898 B (898 bytes)
Hash
2e81278438b259c5268022e15126235e
cf681785339885cfc9399fb8757a514e6850e81c
a6bdfd58d6536150500a62adcf47bd51476f950874116c09127c54f8d2905526

HTTP Headers

GET /cf681785339885cfc9399fb8757a514e6850e81c.jpg HTTP/1.1
Host: avatars.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/jpeg
content-length: 898
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: h2pri
content-md5: LoEnhDiyWcUmgCLhUSYjXg==
etag: "0x8DC587A3F11BB2A"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 09 Apr 2024 09:48:44 GMT
x-cache: HIT
cf-cache-status: HIT
age: 106369
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77ead250b59-OSL
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2484373040650810626/39F0424DBDEE8847A436D78ACFED14DDB62A6790/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

5.3 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2484373040650810626/39F0424DBDEE8847A436D78ACFED14DDB62A6790/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3
Size
5.3 kB (5259 bytes)
Hash
5e38e5af7cfd7e3fd88173c217e0b0f1
d236178d6906a263a918ee34b6ff1d5d87deaf45
2ebd9e1fd93540b2f2821f7f00735ecb99e62956d88fc9f4caf4efc2ee65cc4a

HTTP Headers

GET /ugc/2484373040650810626/39F0424DBDEE8847A436D78ACFED14DDB62A6790/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Sun, 14 Apr 2024 08:54:38 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5C607C25609D"
server: Akamai Image Manager
x-serial: 1777
content-length: 5259
content-type: image/jpeg
cache-control: private, no-transform, max-age=404182
expires: Sun, 21 Apr 2024 09:14:13 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2501261538285713262/61682A4A9BFB5CCE463801BF8C3F9251EF8F77F6/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

5.2 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2501261538285713262/61682A4A9BFB5CCE463801BF8C3F9251EF8F77F6/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 128x128, components 3
Size
5.2 kB (5161 bytes)
Hash
dd4b3e69ee712bbae35a50cef63376e1
751dd37a57326e2a28f1f6771da2f55e55da6d4f
0b5f94062463cf280947d6ad510aa332a002dab5fc67166d78d9252435147cd3

HTTP Headers

GET /ugc/2501261538285713262/61682A4A9BFB5CCE463801BF8C3F9251EF8F77F6/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Mon, 15 Apr 2024 06:20:07 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5D141379D67A"
server: Akamai Image Manager
x-serial: 1859
content-length: 5161
content-type: image/jpeg
cache-control: private, no-transform, max-age=480447
expires: Mon, 22 Apr 2024 06:25:18 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2521527737908936232/60F478D0EE575667CEE9BDB82AE7371D63447B05/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

4.1 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2521527737908936232/60F478D0EE575667CEE9BDB82AE7371D63447B05/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 128x128, components 3
Size
4.1 kB (4081 bytes)
Hash
fd16d8bbdda681ce0d32a540a653fc88
ea21b7406e31a5dd0f5573b81ffeb6d2fe1a7dea
7f3aaf71b15641b2d6ec9e4ca17097c81a9e285835e676a338bcc42a8a6b3695

HTTP Headers

GET /ugc/2521527737908936232/60F478D0EE575667CEE9BDB82AE7371D63447B05/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Mon, 15 Apr 2024 11:01:23 GMT
access-control-expose-headers: origin
etag: "3b5f82ed7c3e14e38028435237e9c791"
server: Akamai Image Manager
x-serial: 986
content-length: 4081
content-type: image/jpeg
cache-control: private, no-transform, max-age=502482
expires: Mon, 22 Apr 2024 12:32:33 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2508016938371187267/2EDF087F328EBCD595059C10137EB9293108CA9E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

7.9 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2508016938371187267/2EDF087F328EBCD595059C10137EB9293108CA9E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, progressive, precision 8, 128x128, components 3
Size
7.9 kB (7878 bytes)
Hash
b87e67b4e8d66c81e97543663faefdb1
fe0780d6f122b8809d46022a8b1010328a403a57
87f996f114ebf3204fb549f799fc8d2d3bd16a0bfc3b6556e168587494a141d0

HTTP Headers

GET /ugc/2508016938371187267/2EDF087F328EBCD595059C10137EB9293108CA9E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Fri, 12 Apr 2024 18:43:10 GMT
access-control-expose-headers: origin
etag: "7626948b0b534759df2b8fc8db32da98"
server: Akamai Image Manager
x-serial: 1724
content-length: 7878
content-type: image/jpeg
cache-control: private, no-transform, max-age=316616
expires: Sat, 20 Apr 2024 08:54:47 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2500135638379285046/F58F61D8BE4979AAF5972031E769AEE5385CA289/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

3.2 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2500135638379285046/F58F61D8BE4979AAF5972031E769AEE5385CA289/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 128x128, components 3
Size
3.2 kB (3165 bytes)
Hash
18331ebe02771856f9e4180e2d31a741
09149feb5458afe001ee43c6d5ce7c8c5f2f7edb
f4cdeec65082b4ce9d14e453c1a6a1b164cd2d782164b320601cceeadde25730

HTTP Headers

GET /ugc/2500135638379285046/F58F61D8BE4979AAF5972031E769AEE5385CA289/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Akamai Image Server
last-modified: Mon, 15 Apr 2024 08:14:36 GMT
etag: "7564a278ef17bd336489032bd944baf0"
access-control-expose-headers: origin
access-control-allow-origin: *
content-type: image/jpeg
content-length: 3165
cache-control: private, max-age=487035
expires: Mon, 22 Apr 2024 08:15:06 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2493380238610157586/FF205B39A459DD9376FBD4CE40B27DA623D589C1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

121 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2493380238610157586/FF205B39A459DD9376FBD4CE40B27DA623D589C1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 128 x 128
Size
121 kB (121440 bytes)
Hash
c8c0a9fb5cfe1ff7d585d75a71c91e5c
03fbf9f24a644771ece4cd6a721489b447121c02
e64c085aa189fcd8750127e37b3fa923c7461fae1a220e12798d5fc765e9266d

HTTP Headers

GET /ugc/2493380238610157586/FF205B39A459DD9376FBD4CE40B27DA623D589C1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Sun, 14 Apr 2024 18:32:00 GMT
access-control-expose-headers: origin
etag: "8b25dafc6a9011f0579da9f793f2260e"
server: Akamai Image Manager
content-length: 121440
content-type: image/gif
cache-control: private, no-transform, max-age=437993
expires: Sun, 21 Apr 2024 18:37:44 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2465232740275342093/FBCC995D19EDD8AB1ADD63B245F88116E7F08E59/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

34 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2465232740275342093/FBCC995D19EDD8AB1ADD63B245F88116E7F08E59/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
34 kB (34513 bytes)
Hash
effa7c407137bc0db3735855489e01ad
1f5a55637118fb1afe8e1b32efbe355ddb91685c
fbe4ba553b60e6da6ddb388125c6356838abd746f82a7274ccfcd28f45954fea

HTTP Headers

GET /ugc/2465232740275342093/FBCC995D19EDD8AB1ADD63B245F88116E7F08E59/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:14:20 GMT
access-control-expose-headers: origin
etag: "4280974db2119543c6d9eaddc2b64c22"
server: Akamai Image Manager
x-serial: 1606
content-length: 34513
content-type: image/jpeg
cache-control: private, no-transform, max-age=602171
expires: Tue, 23 Apr 2024 16:14:02 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2502387438200301198/140780233C1F907FC3454BB690BE3BBC46214ADC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

25 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2502387438200301198/140780233C1F907FC3454BB690BE3BBC46214ADC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
25 kB (25009 bytes)
Hash
3cc080d562ddff0e4224395ce7a5d602
0e445f947d4446970d5d2017d72c839ac424e2de
d7ab3a440cc92851d86ed91e02ba7fb4611c84ca6fda5a430e675424dc4dd1a0

HTTP Headers

GET /ugc/2502387438200301198/140780233C1F907FC3454BB690BE3BBC46214ADC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:57:26 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2A8247A425"
server: Akamai Image Manager
x-serial: 1669
content-length: 25009
content-type: image/jpeg
cache-control: private, no-transform, max-age=601835
expires: Tue, 23 Apr 2024 16:08:26 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2482121240849041055/E677578BB9A68E6F5E41EB93729BB4B49F15B3CC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

41 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2482121240849041055/E677578BB9A68E6F5E41EB93729BB4B49F15B3CC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 512x288, components 3
Size
41 kB (40635 bytes)
Hash
369547ae3b3c03823ba1dd0616165a33
921e6d553ce75ba219341fffc6a0b818adfc5076
afd255d5d5dc4d373a967bf5eb4842f02ce9442b84559748c089fcf7588aa554

HTTP Headers

GET /ugc/2482121240849041055/E677578BB9A68E6F5E41EB93729BB4B49F15B3CC/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Akamai Image Server
last-modified: Tue, 16 Apr 2024 11:01:25 GMT
etag: "ddf96a23a89fe8b5a516f381f587764e"
access-control-expose-headers: origin
access-control-allow-origin: *
content-type: image/jpeg
content-length: 40635
cache-control: private, max-age=586791
expires: Tue, 23 Apr 2024 11:57:42 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2496757938664587878/B5104DA871AEBF9EB404232DAE5EA596575815B9/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

48 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2496757938664587878/B5104DA871AEBF9EB404232DAE5EA596575815B9/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
48 kB (48213 bytes)
Hash
417bac037b5fa3b9b413894bb5353d6a
ba90114a1db6707d592e7de8594666a827a5a304
ac2faaf3037ec09b96cd94e2b2da67eaa08b7f8252061d78494b71d2f08c050e

HTTP Headers

GET /ugc/2496757938664587878/B5104DA871AEBF9EB404232DAE5EA596575815B9/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 11:57:57 GMT
access-control-expose-headers: origin
etag: "abb05530f0aa05375c620300e868b201"
server: Akamai Image Manager
content-length: 48213
content-type: image/jpeg
cache-control: private, no-transform, max-age=586894
expires: Tue, 23 Apr 2024 11:59:25 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2513646437898644298/D9DD85E2CED972CE59F814781367CE2491F8BB1A/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

41 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2513646437898644298/D9DD85E2CED972CE59F814781367CE2491F8BB1A/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
41 kB (40669 bytes)
Hash
5107e441e1bf86299009072c7fdf4f18
5811cb9caccfca00762dc69ee8b1b1b3dad9eb11
d076f22bc94d19fe53e3bc7fdc628b88cd3e1c558c84b164aa452e10366ef7d2

HTTP Headers

GET /ugc/2513646437898644298/D9DD85E2CED972CE59F814781367CE2491F8BB1A/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:14:36 GMT
access-control-expose-headers: origin
etag: "a3fb6e253321ec985459a43a4cf9dd8f"
server: Akamai Image Manager
content-length: 40669
content-type: image/jpeg
cache-control: private, no-transform, max-age=598927
expires: Tue, 23 Apr 2024 15:19:58 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2477617641548643596/DED7210148C500A95F8E4332E7F90851E7A29005/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

28 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2477617641548643596/DED7210148C500A95F8E4332E7F90851E7A29005/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
28 kB (27988 bytes)
Hash
d078598ffa55e4ee4e779f9355be1e85
4a4d33c112a2e4a6a62602cf6218f2350da31082
304a2410c07d051a8c5b9ae83f74fb563e3d865dde81915d18e0162672892ef8

HTTP Headers

GET /ugc/2477617641548643596/DED7210148C500A95F8E4332E7F90851E7A29005/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 14:55:13 GMT
access-control-expose-headers: origin
etag: "8ab1ffe1173c55cdb95af02f4ca8ed38"
server: Akamai Image Manager
x-serial: 1505
content-length: 27988
content-type: image/jpeg
cache-control: private, no-transform, max-age=597868
expires: Tue, 23 Apr 2024 15:02:19 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2519275938101854754/BC34F9E5FD225A74188C0755F0B47FBC59E09E30/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

56 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2519275938101854754/BC34F9E5FD225A74188C0755F0B47FBC59E09E30/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
56 kB (56314 bytes)
Hash
e05cc9da8f8445dc63c21c9e9beee466
a6128207543988a51570bdcdeb415f2cb80fae71
4a15ad0d20921b42a10a2833fd3f0603e5fe7a8fd9d36d8e279a2d0b60b05e54

HTTP Headers

GET /ugc/2519275938101854754/BC34F9E5FD225A74188C0755F0B47FBC59E09E30/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:19:27 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E21E21E9197"
server: Akamai Image Manager
content-length: 56314
content-type: image/jpeg
cache-control: private, no-transform, max-age=599168
expires: Tue, 23 Apr 2024 15:23:59 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2505765138579921935/A30FC598EF2FBF1476C1B15F971C660B5B8CB622/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

30 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2505765138579921935/A30FC598EF2FBF1476C1B15F971C660B5B8CB622/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 512x288, components 3
Size
30 kB (30518 bytes)
Hash
6fbf97ec835cc505c8ca6672e6560ca1
d0648b320224d626421dbea47c100d64824911ec
edfbdebf18ba7b5c83a97cb6cae4f400c3ebaa3384e3cf655441157fb2c3c258

HTTP Headers

GET /ugc/2505765138579921935/A30FC598EF2FBF1476C1B15F971C660B5B8CB622/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Akamai Image Server
last-modified: Tue, 16 Apr 2024 13:50:12 GMT
etag: "0x8DC5E1C237F548F"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/jpeg
content-length: 30518
cache-control: private, max-age=595647
expires: Tue, 23 Apr 2024 14:25:18 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2523779535431271138/65C84651EFDC40B5D9EF08F5A54076DCDE607F42/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

33 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2523779535431271138/65C84651EFDC40B5D9EF08F5A54076DCDE607F42/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 512x288, components 3
Size
33 kB (32933 bytes)
Hash
698b8d44b42b49015618673eb1743450
4a0f9a90a7ff8c7299240269fa0378eb8c09bdd9
1518a7ba531ee4bbe85997bcfb2e2763f69ba89ec32dbbcecfc2c37916ab860f

HTTP Headers

GET /ugc/2523779535431271138/65C84651EFDC40B5D9EF08F5A54076DCDE607F42/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:16:37 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2B63B35312"
server: Akamai Image Manager
content-length: 32933
content-type: image/jpeg
cache-control: private, no-transform, max-age=602452
expires: Tue, 23 Apr 2024 16:18:43 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2483247140757758824/ED8C7CA4DA33A01CB2C984C940E1F6F0485A0EC6/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

268 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2483247140757758824/ED8C7CA4DA33A01CB2C984C940E1F6F0485A0EC6/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
268 kB (267916 bytes)
Hash
443a5bdc9c4e56bae610895b1778e0fb
8a86a0f087f203b8c95a071a2623c5b7050e26f4
e0aa723b0f5cd8152afdacda941543fd3cc8d23b04b686e38d34e15502f2b59a

HTTP Headers

GET /ugc/2483247140757758824/ED8C7CA4DA33A01CB2C984C940E1F6F0485A0EC6/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 14:25:25 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E1FDD11EEB5"
server: Akamai Image Manager
content-length: 267916
content-type: image/jpeg
cache-control: private, no-transform, max-age=595877
expires: Tue, 23 Apr 2024 14:29:08 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2466358640182364661/7F9EAB9865034FDBF69E446CE5F62BC6494F3CC9/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

86 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2466358640182364661/7F9EAB9865034FDBF69E446CE5F62BC6494F3CC9/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 559x811, components 3
Size
86 kB (86442 bytes)
Hash
1410539f93fa30ea03f7d8e257f74e18
87326a9053c0124358539c0331d020d370756f63
8871a968fad7a004608b41b166c06aa58e533b8283e0a117fb51d0a71e6f0cf9

HTTP Headers

GET /ugc/2466358640182364661/7F9EAB9865034FDBF69E446CE5F62BC6494F3CC9/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:14:53 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2DE6693BD9"
server: Akamai Image Manager
content-length: 86442
content-type: image/jpeg
cache-control: private, no-transform, max-age=602336
expires: Tue, 23 Apr 2024 16:16:47 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2466358640182369299/BBEB0C98903F6E06149F18630C4DE1830031FA44/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

89 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2466358640182369299/BBEB0C98903F6E06149F18630C4DE1830031FA44/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 489x676, components 3
Size
89 kB (89223 bytes)
Hash
6960f2312a45175feb68e7598a970c7d
d8b9b474313e91e3a7a3edc3031c2e777cea2eae
0fa01a5743a1f3a4b13a7798969dfc53f79331704e6f7b7e3ff0110584722bbf

HTTP Headers

GET /ugc/2466358640182369299/BBEB0C98903F6E06149F18630C4DE1830031FA44/?imw=640&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:11:49 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2E0891BEB7"
server: Akamai Image Manager
x-serial: 1802
content-length: 89223
content-type: image/jpeg
cache-control: private, no-transform, max-age=602583
expires: Tue, 23 Apr 2024 16:20:54 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images//award_icon_blue.svg

172.64.145.151

200 OK

357 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images//award_icon_blue.svg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
357 kB (357121 bytes)
Hash
42bff6b1c454ca44c18411a34e68677d
0d7e1d9cb42267a24bb5da66369bee16e3ba8cf1
401b835b7342a1d96650cd0ef9f2437be8d392fb1f5d038f027026b884fe932d

HTTP Headers

GET /public/shared/images//award_icon_blue.svg HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jun 2020 22:53:14 GMT
etag: W/"5ee94d5a-952"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 6155
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77dfbbd0b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2466358640182364068/E0439E536ACA2011E664A835C52B7D2701FFC674/?imw=1024&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

188 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2466358640182364068/E0439E536ACA2011E664A835C52B7D2701FFC674/?imw=1024&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 798x943, components 3
Size
188 kB (188175 bytes)
Hash
a68f7b40f9b3535344829a3b6e96012c
cea6ee9028a40e5f24edcc54e00a9a255a069eb1
0e9175f750cd4ef380c1f8e89e21353b20291f9e7e87c110a590c6c96d98320a

HTTP Headers

GET /ugc/2466358640182364068/E0439E536ACA2011E664A835C52B7D2701FFC674/?imw=1024&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Akamai Image Server
last-modified: Tue, 16 Apr 2024 15:57:14 GMT
etag: "0x8DC5E2DE2349537"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/jpeg
content-length: 188175
cache-control: private, max-age=601606
expires: Tue, 23 Apr 2024 16:04:37 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2469736339902791944/A93032510EC8657CDB1CDFEB046DB26B207E10ED/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

234 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2469736339902791944/A93032510EC8657CDB1CDFEB046DB26B207E10ED/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x810, components 3
Size
234 kB (233702 bytes)
Hash
38ed87ca5ef3769e705518a303a5a197
9d3b280ac5da1e0fd8e5844e24b2e50e9a76556d
040ecb5e2fa2cefe5eba1885d0862ff053b53cfcaabb1b7c8c55d46a782c5e10

HTTP Headers

GET /ugc/2469736339902791944/A93032510EC8657CDB1CDFEB046DB26B207E10ED/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:19:38 GMT
access-control-expose-headers: origin
etag: "1ac2ed803763835298ad9cf8ae2a3f96"
server: Akamai Image Manager
content-length: 233702
content-type: image/jpeg
cache-control: private, no-transform, max-age=602530
expires: Tue, 23 Apr 2024 16:20:01 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2469736339902776957/6B881CC37010EA21852054360C8CF39FFD489CB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

112 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2469736339902776957/6B881CC37010EA21852054360C8CF39FFD489CB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x810, components 3
Size
112 kB (112248 bytes)
Hash
85f1c38ac700dc982e7186659bc49cfe
120c4cc7358537d527aca006667518ae62fa0f20
7fe761814ed8ac11e70f600322c73abfb8f1f0091d41939ee2a8d1bedfa57095

HTTP Headers

GET /ugc/2469736339902776957/6B881CC37010EA21852054360C8CF39FFD489CB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:14:19 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2FAAC0E448"
server: Akamai Image Manager
x-serial: 838
content-length: 112248
content-type: image/jpeg
cache-control: private, no-transform, max-age=602557
expires: Tue, 23 Apr 2024 16:20:28 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2469736339902779902/A0A5DC100136E570EBD5EE5FC99A01539676B615/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

246 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2469736339902779902/A0A5DC100136E570EBD5EE5FC99A01539676B615/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1240x1080, components 3
Size
246 kB (245875 bytes)
Hash
afff9a6e0e72bf420a6853dc1a6734c2
087b4b68bd03fecac86549c3baa93d9250621a44
461a0c9e794ff7e161b6892170318f2eee6a1c14cce1b4fa48c0d3d940f7072f

HTTP Headers

GET /ugc/2469736339902779902/A0A5DC100136E570EBD5EE5FC99A01539676B615/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:18:04 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2FC35008AE"
server: Akamai Image Manager
content-length: 245875
content-type: image/jpeg
cache-control: private, no-transform, max-age=602580
expires: Tue, 23 Apr 2024 16:20:51 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2519275938102152565/5E7713C7F2C643BB374032BD4B670B3D76680501/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

180 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2519275938102152565/5E7713C7F2C643BB374032BD4B670B3D76680501/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 1920x527, components 3
Size
180 kB (179688 bytes)
Hash
c1ac50d5f30a61671d79315bb525cb8d
f9de2a414e802439724d333e471feaf53d1a6aa8
ae8054a3de05030e25321261cba08f1542ca13d68e20cc457a0030f065eef451

HTTP Headers

GET /ugc/2519275938102152565/5E7713C7F2C643BB374032BD4B670B3D76680501/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 15:44:11 GMT
access-control-expose-headers: origin
etag: "d8f82b5390aaa14c3903fe398fc86e54"
server: Akamai Image Manager
content-length: 179688
content-type: image/jpeg
cache-control: private, no-transform, max-age=600385
expires: Tue, 23 Apr 2024 15:44:16 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2506891038477796803/6889A8B1247F2E2D3AD979EC720CFAECFA5FD7DB/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

70 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2506891038477796803/6889A8B1247F2E2D3AD979EC720CFAECFA5FD7DB/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 128 x 128
Size
70 kB (69962 bytes)
Hash
ccdb99a165d826e12ca588b75018fbb8
8883a3fc70587e08b1253fe94935ac4ab5899e60
37ccb402f96ea4af163c70befbe470d7483057a8cdc452a92fe03c072fad97aa

HTTP Headers

GET /ugc/2506891038477796803/6889A8B1247F2E2D3AD979EC720CFAECFA5FD7DB/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Akamai Image Server
last-modified: Sun, 14 Apr 2024 22:52:20 GMT
etag: "0x8DC5CD58AEC8669"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/gif
content-length: 69962
cache-control: private, max-age=453287
expires: Sun, 21 Apr 2024 22:52:38 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2509142838286174380/6FEE9F22A9E8C604517869722B23B1421751AA79/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

5.8 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2509142838286174380/6FEE9F22A9E8C604517869722B23B1421751AA79/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3
Size
5.8 kB (5838 bytes)
Hash
42a99105e7e96473d7016105360857d3
19441845fcf478fe23901896f56b1ae446a8d2c7
340b87f546e0e4805019bf291887dbc2b0d18001ff0b1c2244ca5b343061849b

HTTP Headers

GET /ugc/2509142838286174380/6FEE9F22A9E8C604517869722B23B1421751AA79/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Sun, 14 Apr 2024 02:41:52 GMT
access-control-expose-headers: origin
etag: "33547722dd12817a3e73e59b0055f88b"
server: Akamai Image Manager
x-serial: 1740
content-length: 5838
content-type: image/jpeg
cache-control: private, no-transform, max-age=409091
expires: Sun, 21 Apr 2024 10:36:02 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/764896052077847401/0D885690960BBB3DF5532C755C6D3BE2728046ED/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

7.3 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/764896052077847401/0D885690960BBB3DF5532C755C6D3BE2728046ED/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 128x128, components 3
Size
7.3 kB (7281 bytes)
Hash
42f90b45dc017610b2cdca2aa8246136
fe33a3dc6f80fbc6d20b847f856ce9c589c34795
b1898ff22ea2e6fd0300a80b73d2d00ece52e2c6c3d1e42d4ee23fb7a21fb7be

HTTP Headers

GET /ugc/764896052077847401/0D885690960BBB3DF5532C755C6D3BE2728046ED/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Mon, 15 Apr 2024 07:25:49 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8D4A27F7607C195"
server: Akamai Image Manager
content-length: 7281
content-type: image/jpeg
cache-control: private, no-transform, max-age=484597
expires: Mon, 22 Apr 2024 07:34:28 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2520401838009130195/7A630A59D504588123A165E6DC8A9CA3C8DF2FB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

672 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2520401838009130195/7A630A59D504588123A165E6DC8A9CA3C8DF2FB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1080x1948, components 3
Size
672 kB (671791 bytes)
Hash
2076d0f998b1df7025fe6b855f523ada
6204dccb9166e977fef736fb6a1d7eb6e86ec271
fb55558d39520079a7e95d320416c01ae41bd16d45eac1f9c39235d12c8bca60

HTTP Headers

GET /ugc/2520401838009130195/7A630A59D504588123A165E6DC8A9CA3C8DF2FB1/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:18:56 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E30AE1ADA8D"
server: Akamai Image Manager
content-length: 671791
content-type: image/jpeg
cache-control: private, no-transform, max-age=602556
expires: Tue, 23 Apr 2024 16:20:27 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2500135638369736852/AD89895259B959C7206F057435DC98855775E581/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

95.101.11.35

200 OK

6.9 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2500135638369736852/AD89895259B959C7206F057435DC98855775E581/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 128x128, components 3
Size
6.9 kB (6868 bytes)
Hash
6fccd0637634bb13b689e39136570996
1d4c4f36ae95744d2883605adb07694072d7d320
966c5498b0d9318ba0cf25bf68a42556719000afceb0f2d423c08b06e337efc4

HTTP Headers

GET /ugc/2500135638369736852/AD89895259B959C7206F057435DC98855775E581/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-akamai-im-skip-dlr: 1
server: Akamai Image Server
last-modified: Sat, 13 Apr 2024 17:47:15 GMT
etag: "0x8DC5BE1C1C416C6"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-type: image/jpeg
content-length: 6868
cache-control: private, max-age=349982
expires: Sat, 20 Apr 2024 18:10:53 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2520401838007163800/0E75C908B8B13CDBD32E824D52F18E5708ABD4FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

58 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2520401838007163800/0E75C908B8B13CDBD32E824D52F18E5708ABD4FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 512x288, components 3
Size
58 kB (58390 bytes)
Hash
e77d36f7639608c6ec8b111b59af541d
47981de18ed4f35cc4e9aa63367e8412d45eeb24
6e455b579ac4e6f7ff12f90dabe41b405549ca197de86bfc6d4e1fca766414cf

HTTP Headers

GET /ugc/2520401838007163800/0E75C908B8B13CDBD32E824D52F18E5708ABD4FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 08:51:10 GMT
access-control-expose-headers: origin
etag: "14d881aeec8dae0f14deb1587a3a4ffd"
server: Akamai Image Manager
content-length: 58390
content-type: image/jpeg
cache-control: private, no-transform, max-age=575911
expires: Tue, 23 Apr 2024 08:56:22 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656

210.74.226.164

200

172 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64895), with CRLF, LF line terminators
Size
172 kB (171857 bytes)
Hash
770f28bc44b902bc87bf7d43fc089359
d860bd7d7beee0b83d78d43e1db9816a5ab599dd
978f491c58e9b75220f568e3ca172c1cbc5e79940933981016eb814d2b7a9ba4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=3a48c74f345c81079656 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:53 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b77afc27211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 890c357d-fd53-4465-abfc-fc8beb90a77b
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0

210.74.226.164

200

185 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65245), with CRLF, LF line terminators
Size
185 kB (184975 bytes)
Hash
c023e4c06c828c36b044b6290ad4fa38
b95f05bcec10296fe7e45481e84b4a05f1f2a80f
57b9fb4a5d43760a96aea3984dcef7aff72427f6f4775c8505c749d7914420eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=c0c039f86de12d103cd0 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Apr 2024 22:36:15 GMT
Cache-Control: public,max-age=15552000
Expires: Sun, 06 Oct 2024 22:37:22 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 584403
Vary: Accept-Encoding
CF-RAY: 8755b77b0c8384cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: 2e899821-6c7f-4f9b-8435-30bc55f810c8
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d

210.74.226.164

200

216 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65349), with CRLF, LF line terminators
Size
216 kB (215736 bytes)
Hash
853ee23dcdf650baacddda80e05e36bb
60104b174ada73ae6845f5def564c5f9428548fa
00026ec6d14e33a96aefb38fc8a7e741eb8cc3a35600467991b576f5ba98a2f3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=9ae2f2968e5dde1caa1d HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:54 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b77af8eb8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: afe58936-a854-4f0b-82c6-cc46bbf64173
Strict-Transport-Security: max-age=15724800; includeSubDomains

img.youtube.com/vi/R7lFaigt5Ow/0.jpg

142.250.74.78

200 OK

18 kB

URL GET HTTP/2
img.youtube.com/vi/R7lFaigt5Ow/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
18 kB (18061 bytes)
Hash
de12beeeaa5790a2989807defe3e8fa6
2bb4893758997e98ae13c85ba69dc753997e4994
e4514ad0c445171f89d242867b952aa9ad3900f0544de4ee71e84f3ac7085e27

HTTP Headers

GET /vi/R7lFaigt5Ow/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 18061
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:54:24 GMT
expires: Tue, 16 Apr 2024 16:59:24 GMT
cache-control: public, max-age=300
etag: "1713040851"
content-type: image/jpeg
vary: Origin
age: 208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/skWgIg4OsG4/0.jpg

142.250.74.78

200 OK

3.6 kB

URL GET HTTP/2
img.youtube.com/vi/skWgIg4OsG4/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
3.6 kB (3558 bytes)
Hash
45a49bd55576794d3b387c79e1e1be99
6ec9cb09119b656422fce1f54902f76bcc335d6f
584db0030ea71591ccb0aab8d7d6045ae7d52422cff900bc935adda95fd88222

HTTP Headers

GET /vi/skWgIg4OsG4/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 3558
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:28 GMT
expires: Tue, 16 Apr 2024 17:02:28 GMT
cache-control: public, max-age=300
etag: "0"
content-type: image/jpeg
vary: Origin
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/qooZx_kVD8A/0.jpg

142.250.74.78

200 OK

27 kB

URL GET HTTP/2
img.youtube.com/vi/qooZx_kVD8A/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
27 kB (26677 bytes)
Hash
334bf1ab7d9ba4bd083ef57c59a1cdab
c8428cbd652a31fb581c9fcfa62faf9f47abd3ab
03e1eefd43fcd4bbd8e3793c87fd3e740daa7a4c2ff5c19f0d6b617605ee70e7

HTTP Headers

GET /vi/qooZx_kVD8A/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26677
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:56:25 GMT
expires: Tue, 16 Apr 2024 18:56:25 GMT
cache-control: public, max-age=7200
etag: "1711295504"
content-type: image/jpeg
vary: Origin
age: 87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/7xOe_y6Mz5A/0.jpg

142.250.74.78

200 OK

32 kB

URL GET HTTP/2
img.youtube.com/vi/7xOe_y6Mz5A/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
32 kB (32291 bytes)
Hash
8a18e18bbfc968a8a6cc9a75e67d1aeb
8550477e1d1e2f9ad11571489abfaf6f201ec2e1
b76e8dcbdc2ed2a22ad148a87465c32dad0f3ce9d757cbebc0ee1254a62185fb

HTTP Headers

GET /vi/7xOe_y6Mz5A/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 32291
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:55:13 GMT
expires: Tue, 16 Apr 2024 18:55:13 GMT
cache-control: public, max-age=7200
etag: "1712924827"
content-type: image/jpeg
vary: Origin
age: 159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/vu6yvYyjidg/0.jpg

142.250.74.78

200 OK

24 kB

URL GET HTTP/2
img.youtube.com/vi/vu6yvYyjidg/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
24 kB (24373 bytes)
Hash
7c6a582ae54b34f32803a687fad97622
7e8803b4296c00ec5aef7c2d50454c0df092de36
ad71a3489ffa9cc59d76134545f75e065d9e9517207158346b4e039306af679f

HTTP Headers

GET /vi/vu6yvYyjidg/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 24373
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:38 GMT
expires: Tue, 16 Apr 2024 18:57:38 GMT
cache-control: public, max-age=7200
etag: "1711787278"
content-type: image/jpeg
vary: Origin
age: 14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/GB6V0QjLhYg/0.jpg

142.250.74.78

200 OK

24 kB

URL GET HTTP/2
img.youtube.com/vi/GB6V0QjLhYg/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
24 kB (23563 bytes)
Hash
d2a7e2bd94551d7e5810c8b5b251037d
089aae722ed96ae325f42792c395f755d20cd96b
3b0f3a95237dd20e58ab3b6b93e3e264722d17b29db70f460228ce4555a5b9d0

HTTP Headers

GET /vi/GB6V0QjLhYg/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 23563
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:42 GMT
expires: Tue, 16 Apr 2024 18:57:42 GMT
cache-control: public, max-age=7200
etag: "1711857003"
content-type: image/jpeg
vary: Origin
age: 10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/F_sLmzXqlxo/0.jpg

142.250.74.78

200 OK

22 kB

URL GET HTTP/2
img.youtube.com/vi/F_sLmzXqlxo/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
22 kB (22499 bytes)
Hash
2519c00f3c0f554abfd29dd00794ed56
fbf9a04f7c22685532af0b5d76a53c932d4b3dda
54a79196240c495f4bdcf3018386b0f9b32b9862614b4a862724b177bdb6405e

HTTP Headers

GET /vi/F_sLmzXqlxo/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 22499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:53:41 GMT
expires: Tue, 16 Apr 2024 18:53:41 GMT
cache-control: public, max-age=7200
etag: "1711814009"
content-type: image/jpeg
vary: Origin
age: 251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/-yaFPrAEKXw/0.jpg

142.250.74.78

200 OK

19 kB

URL GET HTTP/2
img.youtube.com/vi/-yaFPrAEKXw/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
19 kB (19176 bytes)
Hash
5520b47c3302632c1d3dc33b5501bf74
0c3e8167e23c216d67f8c3924d806041cbba91ff
649011ebe21bd8ced633754f7d5ff82494cd797d4520e2885fded18720b541b0

HTTP Headers

GET /vi/-yaFPrAEKXw/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 19176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:50 GMT
expires: Tue, 16 Apr 2024 18:57:50 GMT
cache-control: public, max-age=7200
etag: "1668275284"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d

210.74.226.164

200

413 B

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF, LF line terminators
Size
413 B (413 bytes)
Hash
8a1b0b2a98ac8f20dfcf085c127e7e03
6d12a4e8c5e6e9aaf740bf834059511442d9550a
ee3e4329cb688bf42a8bfce72de3ac4c127dcd6231186873c1b93fcbbfb73ae5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/communityawardsapp.js?contenthash=19055018e0af77c9315d HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:56 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621526
Vary: Accept-Encoding
CF-RAY: 8755b7858b4785ed-HKG
Content-Disposition: inline;filename=f.txt
traceId: da36ad94-5a79-4ea0-9cd7-39f786b63979
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280

210.74.226.164

200

18 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17427), with CRLF, LF line terminators
Size
18 kB (17601 bytes)
Hash
aaa33178361679569b06631439eefa8b
19c33edb9e15a917faf8852aca133db6a5dba5aa
8155a9cff7831b9962ce870baab32394e3662e8834bf0f88ae887b50b522ec90

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=851ba7bd45199e250280 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:56 GMT
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b7859b9a84f0-HKG
Content-Disposition: inline;filename=f.txt
traceId: 1a082622-5ef8-49db-a65e-dc4850af5e9d
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/communityawardsapp.css?contenthash=8e020fa3bf0449a24cbd

210.74.226.164

200

18 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/css/applications/community/communityawardsapp.css?contenthash=8e020fa3bf0449a24cbd
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (10476), with CRLF, LF line terminators
Size
18 kB (18020 bytes)
Hash
31869693d352d644e6f5ec47a6fbde6b
89dbb3cc6afb83288d55a2f19907f7791ba7a06f
32fe829a2100907418aa0c1339794071d5c9ffd1de8117e4e519c0628eb7e082

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/css/applications/community/communityawardsapp.css?contenthash=8e020fa3bf0449a24cbd HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Feb 2024 22:14:59 GMT
Cache-Control: public,max-age=15552000
Expires: Sat, 31 Aug 2024 20:15:14 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 3703358
Vary: Accept-Encoding
CF-RAY: 8755b78598275e00-HKG
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17132866722492548d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985

210.74.226.164

200

36 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (36120), with CRLF, LF line terminators
Size
36 kB (36294 bytes)
Hash
0c6e056220f2cc2bba5d6c2824a1bf5b
5250dd3a2216ff3138ca8fea93d7795dc152a2b7
01e883447b1170ce2da7f3e327ea2c37cbeada1b39e61f8ee1999201e69eb5f3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/chunk~4b330692b.js?contenthash=4deddc09ed6d2035c985 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:31:08 GMT
X-Cache: MISS
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b785acf9044a-HKG
Content-Disposition: inline;filename=f.txt
traceId: 55514c32-3121-4ea2-b16b-2accc7fdafd4
Strict-Transport-Security: max-age=15724800; includeSubDomains

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d

210.74.226.164

200

60 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (59366), with CRLF, LF line terminators
Size
60 kB (59540 bytes)
Hash
1e06b714c4138494a69b7e6b5cba60d2
2bf619c3e0dd462e0583fd6aa96649e613c5f08a
c549b4336a4c68a1563498184f45bec294af07e2e3815d663cab691b47dadce2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=839200ab4e91e017ce1d HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:53 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621603
Vary: Accept-Encoding
CF-RAY: 8755b7859bd084cd-HKG
Content-Disposition: inline;filename=f.txt
traceId: 5440bdc3-e754-4e6c-afe0-405d5182da45
Strict-Transport-Security: max-age=15724800; includeSubDomains

img.youtube.com/vi/cRglf_VElO8/0.jpg

142.250.74.78

200 OK

16 kB

URL GET HTTP/2
img.youtube.com/vi/cRglf_VElO8/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
16 kB (15574 bytes)
Hash
31ea99753b84c6366883592a114c9096
76d20108a691026aafd2a359026a2d97fdcb72d2
17c3344c68fac809e6978040c095e66f8d40091accd7bd9d446eb945369be671

HTTP Headers

GET /vi/cRglf_VElO8/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 15574
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:51 GMT
expires: Tue, 16 Apr 2024 18:57:51 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/HyVjwo4aDVA/0.jpg

142.250.74.78

200 OK

34 kB

URL GET HTTP/2
img.youtube.com/vi/HyVjwo4aDVA/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://steam.guesskings.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
34 kB (33585 bytes)
Hash
810a8950c4d89f39ca99a8c0b809d0ce
d7f12802dcbd4d3025aa47ad7ed30eb4ee06f81f
c3c87045f9f7a6ed5ce1507745d90259e395e6bf0b67983a46b6f26d3026da46

HTTP Headers

GET /vi/HyVjwo4aDVA/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 33585
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:57:34 GMT
expires: Tue, 16 Apr 2024 18:57:34 GMT
cache-control: public, max-age=7200
etag: "1659537195"
content-type: image/jpeg
vary: Origin
age: 18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440

210.74.226.164

200

26 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (25789), with CRLF, LF line terminators
Size
26 kB (25963 bytes)
Hash
9f8996d885d01fca43b666a5077f3337
9380a54c75cfb85fc31a5c4297333faf21ce7168
527644336ab44c46f478aa183d31a86957d4fae2aadd74673b71f6d191e473c9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/libraries~4b330692b.js?contenthash=d8cd6c05bb82e81cf440 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:52 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b785892d8514-HKG
Content-Disposition: inline;filename=f.txt
traceId: 1e820496-6f56-40fa-918e-77fb9fe74bc9
Strict-Transport-Security: max-age=15724800; includeSubDomains

community.cloudflare.steamstatic.com/public/shared/images/comment_quoteicon.png

172.64.145.151

200 OK

417 B

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/comment_quoteicon.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
417 B (417 bytes)
Hash
2e6556310cf788abcc905dc522fe8375
f721b02abedca660d17f7c7d2f38aac2a89e4155
32285e351f9647f9b357aa997d5e1f6c1c521dac197bee998b17041ee5297d7d

HTTP Headers

GET /public/shared/images/comment_quoteicon.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 417
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-1a1"
x-cache: MISS
cf-cache-status: HIT
age: 6533
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7896db60b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/apphubs/4-star.png

172.64.145.151

200 OK

3.5 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/apphubs/4-star.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3475 bytes)
Hash
99b0b7ce794818eb24dd6d5287588936
ae4ad007ad10371bf4a35f1d4ae2b871d2b809e7
e957985b47c64e1d65ec3c377170d5c0bbea810eab863824f305838493be7427

HTTP Headers

GET /public/shared/images/apphubs/4-star.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 3475
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-d93"
x-cache: MISS
cf-cache-status: HIT
age: 1179
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7897dcb0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/apphubs/item_type_hover.png?v=1

172.64.145.151

200 OK

2.8 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/apphubs/item_type_hover.png?v=1
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2792 bytes)
Hash
2024f24380b48b22d0d1dd5664452b7a
120a6cbbb2c3f97099b573978b810d6d33389e40
9f60fa47c8e46e872dbdd2b8b2c4bfeed0f1db835ac3c6cb83740ffc17b9015c

HTTP Headers

GET /public/shared/images/apphubs/item_type_hover.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 2792
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-ae8"
x-cache: MISS
cf-cache-status: HIT
age: 6105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7898dda0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/apphubs/icons/icon_rate.png

172.64.145.151

200 OK

1.1 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/apphubs/icons/icon_rate.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1131 bytes)
Hash
96c60098e888af1bc5ae43c93034b017
44317b6e92c020c7b467737df6702858972830d8
101dcaab2ad4a31c11dbd87a661b1324c5dd52b43a1ea814234f5bbc78993286

HTTP Headers

GET /public/shared/images/apphubs/icons/icon_rate.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 1131
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-46b"
x-cache: MISS
cf-cache-status: HIT
age: 3862
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7898de10b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/iconholder_inactive.png

172.64.145.151

200 OK

967 B

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/iconholder_inactive.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
967 B (967 bytes)
Hash
8de9529afbb3519ac8f5994776e78fd0
c06318fef84fa2955ee0c54f8607c4ac8a8e0d54
2641bea3a22453d5d7cbae49bbb0414fce0ddd6ce39d067c3b7f2311846e46cd

HTTP Headers

GET /public/shared/images/iconholder_inactive.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 967
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-3c7"
x-cache: MISS
cf-cache-status: HIT
age: 2892
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7899de80b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/apphubs/not-yet.png

172.64.145.151

200 OK

2.4 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/apphubs/not-yet.png
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2441 bytes)
Hash
9467cd36fa8d637f6025e405a8a8ee81
8d028c12f3ef3edbecfafe5217c734003b739967
1396ffd3fdda47e9634bbaaffa5c1b8fa3dafbeef347fa2504e2c636ef316636

HTTP Headers

GET /public/shared/images/apphubs/not-yet.png HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 2441
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-989"
x-cache: MISS
cf-cache-status: HIT
age: 1580
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b7899ded0b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/buttons/icons_16.png?v=5

172.64.145.151

200 OK

6.7 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/buttons/icons_16.png?v=5
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 320 x 32, 8-bit/color RGBA, non-interlaced
Size
6.7 kB (6719 bytes)
Hash
49b920ca1495fc302a0ed1515ce53491
6cce254202c4dc378cf31aaa7d05c8538267f078
472165755644972c17e4bbaf1300926ab99724d95599415b2ea7f9c16a27737c

HTTP Headers

GET /public/shared/images/buttons/icons_16.png?v=5 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 6719
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-1a3f"
x-cache: MISS
cf-cache-status: HIT
age: 2895
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b789ae060b59-OSL
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images/apphubs/bg_workshopitem.png?v=1

172.64.145.151

200 OK

24 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/apphubs/bg_workshopitem.png?v=1
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
PNG image data, 305 x 126, 8-bit/color RGBA, non-interlaced
Size
24 kB (24341 bytes)
Hash
480ab236d2cca062e8d1e623887e465e
6c16204ee617e33b7472dd0010d7f5f3dfaadc7c
bff63013b4aeb2d2a71f3fbdca0360da66289022fb70ac9914db529113bc7e9e

HTTP Headers

GET /public/shared/images/apphubs/bg_workshopitem.png?v=1 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:52 GMT
content-type: image/png
content-length: 24341
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-5f15"
x-cache: MISS
cf-cache-status: HIT
age: 1179
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b789be140b59-OSL
X-Firefox-Spdy: h2

steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34

210.74.226.164

200

14 kB

URL GET HTTP/1.1
steam.guesskings.com/community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34
IP
210.74.226.164:443
ASN
#4812 China Telecom Group

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjectsteam.guesskings.com
FingerprintE4:5A:82:D3:48:9B:09:6B:61:D4:F5:19:EF:97:1C:D5:00:4A:6E:E9
ValidityThu, 21 Sep 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14161), with CRLF, LF line terminators
Size
14 kB (14335 bytes)
Hash
aa4dd4fca6bf426c7e8f50d1ca669be7
180b969aa6948c1967dd1838a5c270d5e88c5295
71fc1143b0819165eb9616f8dd6fd2f9c7d068becace38a522aa63a75413a225

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /community-cloudflare-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=b592f187eec4505a4d34 HTTP/1.1
Host: steam.guesskings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Cookie: sessionid=1c85d23f566c26ea9cdfbe2e; steamCountry=HK%7Ca7bb317427bfb6b44c7830f9f6f2dae0; uid=4ebed8b8-d460-4cf0-b8ea-5b747f0a674c; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.25.4
Date: Tue, 16 Apr 2024 16:57:52 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 22:29:53 GMT
Cache-Control: public,max-age=15552000
Expires: Tue, 24 Sep 2024 22:30:55 GMT
Edge-Control: !no-store,!bypass-cache,max-age=15552000
X-Cache: HIT
CF-Cache-Status: HIT
Age: 1621604
Vary: Accept-Encoding
CF-RAY: 8755b787dbf6211e-HKG
Content-Disposition: inline;filename=f.txt
traceId: 2b6dcc2a-ad07-4ff1-9e39-36bbd178e6de
Strict-Transport-Security: max-age=15724800; includeSubDomains

community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016

172.64.145.151

200 OK

3.7 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3684 bytes)
Hash
ca81bf2f0d99757a6f97b0fec3cf5ab5
de4b8d0953809e4687fa45f95092c9c5e92ca146
b83d5a05f79f53d2945fe89bee2239fad2761c2eccee6ad655bbec92a85a80e1

HTTP Headers

GET /public/shared/images/header/logo_steam.svg?t=962016 HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:43 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Nov 2020 23:34:54 GMT
etag: W/"5fb45e1e-e64"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 3078
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b74e9c5f0b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

community.cloudflare.steamstatic.com/public/shared/images//award_icon.svg

172.64.145.151

200 OK

2.4 kB

URL GET HTTP/2
community.cloudflare.steamstatic.com/public/shared/images//award_icon.svg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steam.guesskings.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint25:01:38:4A:05:F5:3D:DF:F1:06:FF:A9:71:BC:C2:60:0C:C7:A0:D0
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2386 bytes)
Hash
4a5fc8aeab8927b9b0f77e3f42b84985
79bd26f8c7651d31ebb505e32001ef01a5e8a9c8
8b20f27831d4d86e404f0eac6ba0915e0d584fcc92ef580297db2da74293b123

HTTP Headers

GET /public/shared/images//award_icon.svg HTTP/1.1
Host: community.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 16:57:51 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jun 2020 22:53:14 GMT
etag: W/"5ee94d5a-952"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 1289
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755b77e6cb10b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

steamuserimages-a.akamaihd.net/ugc/2466358640182369850/A8459A9CD88BE7D65EA2AB75926A5D4965A6FFC2/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

95.101.11.35

200 OK

356 kB

URL GET HTTP/2
steamuserimages-a.akamaihd.net/ugc/2466358640182369850/A8459A9CD88BE7D65EA2AB75926A5D4965A6FFC2/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
95.101.11.35:443
ASN
#20940 Akamai International B.V.

Requested by
https://steam.guesskings.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1366x768, components 3
Size
356 kB (356037 bytes)
Hash
35ce8c816fc2f6aed202e21b912b18b4
febfbf2244e1633ec9d0a5a60c2d33e98d142967
abb902ab22134b7fea8c9d154ac699340f7c0a702562a98b0805f26ca1928016

HTTP Headers

GET /ugc/2466358640182369850/A8459A9CD88BE7D65EA2AB75926A5D4965A6FFC2/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: steamuserimages-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steam.guesskings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 16 Apr 2024 16:09:23 GMT
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
etag: "0x8DC5E2E0D810E6D"
server: Akamai Image Manager
content-length: 356037
content-type: image/jpeg
cache-control: private, no-transform, max-age=602302
expires: Tue, 23 Apr 2024 16:16:13 GMT
date: Tue, 16 Apr 2024 16:57:51 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML