| sp.aircsgo.com/moderation/ajaxgetresetcontentmodal/login/home/login/home/login/home/?goto=/moderation//login/home/?goto=/moderation/ | 210.74.226.164 | 302 | 0 B |
URL User Request GET HTTP/1.1sp.aircsgo.com/moderation/ajaxgetresetcontentmodal/login/home/login/home/login/home/?goto=/moderation//login/home/?goto=/moderation/ IP210.74.226.164:443 ASN#4812 China Telecom Group
CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /moderation/ajaxgetresetcontentmodal/login/home/login/home/login/home/?goto=/moderation//login/home/?goto=/moderation/ HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:03 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: no-cache
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: /login/home/?goto=%2Fmoderation%2F
Origin: https://sp.aircsgo.com
Set-Cookie: sessionid=8b01f16e1452c7504f3504d4; Path=/; Secure; SameSite=None;Domain=sp.aircsgo.com
steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; Path=/; Secure; HttpOnly; SameSite=None;Domain=sp.aircsgo.com
uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3ac17139826827374858d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F | 210.74.226.164 | 200 | 9.4 kB |
URL User Request GET HTTP/1.1sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F IP210.74.226.164:443 ASN#4812 China Telecom Group
CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2988), with CRLF, LF line terminators Hash08ad731ad318492a80d047c8da621157 788c33436c0d21bb012281fa99c14e30d14fbad6 457463d93f49e6f863ff8123337c86a66322c08f537642fced986b2c4e32b948
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login/home/?goto=%2Fmoderation%2F HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:04 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 9433
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: no-cache
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Origin: https://sp.aircsgo.com
Set-Cookie: uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3af17139826839653660d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/ | 210.74.226.164 | | 169 B |
IP210.74.226.164:0 ASN#4812 China Telecom Group
CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash31f605b34950fcda1508ccc78a285d43 f62879764a0443fc190d18b1e03c0c9783af2ace 67180b05f481365831569891ea36474e79e2f7dd63ccf717a50b8afe067b6d23
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:04 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://sp.aircsgo.com/
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=english | 210.74.226.164 | 200 | 2.7 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashf831f4c536299d57b63c0d0ead9c09f0 43f71d89a47bdd1869ff4d411f04357926d21be8 e2c41580fda72865b4c75053f974ee6c0f4ff7034f1c97fbd6d55a88e7fc55fe
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:05 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 2682
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "-DH0xTYpnVe2"
Vary: Accept-Encoding
Cache-Control: public, max-age=11003339
Expires: Tue, 20 Aug 2024 11:35:35 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17131513967081759d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english | 210.74.226.164 | 200 | 34 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with CRLF, LF line terminators Hash3d42487e1b5c427ed66f2be54948561b 450b970e36aeb1375844c48a412be7caf5d5c447 60a5b96dd853a80363de37ae72b72ceada056cf781cd9dd2ac74869030d6f76d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:05 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 33754
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "PUJIfhtcQn7W"
Vary: Accept-Encoding
Cache-Control: public, max-age=11493902
Expires: Mon, 26 Aug 2024 03:51:39 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3b017131513973498735d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/shared_global.css?v=SPpMitTYp6ku&l=english | 210.74.226.164 | 200 | 87 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/shared_global.css?v=SPpMitTYp6ku&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (1819), with CRLF, LF line terminators Hash48fa4c8ad4d8a7a92eaebdb95672b9b3 588360ab7833fc79333286df86626afec74957e6 9c0be6f47b381e31d7feeb42a035ca4b32ef2990c15724e589a74ec2d3293b1e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/css/shared_global.css?v=SPpMitTYp6ku&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:05 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 87128
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "SPpMitTYp6ku"
Vary: Accept-Encoding
Cache-Control: public, max-age=15103863
Expires: Sun, 06 Oct 2024 22:37:40 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17131513975578188d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english | 210.74.226.164 | 200 | 13 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (629), with CRLF line terminators Hash345a026b83a403145ba4bc5e12256354 cd76023c54c8e6dec853441088c388ca6a0bdecd 7585f3131ab2ebf7fd36a5a239f4b1089f9a70869099cb0f073c605941ace3fc
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 12764
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "NFoCa4OkAxRb"
Vary: Accept-Encoding
Cache-Control: public, max-age=11493750
Expires: Mon, 26 Aug 2024 03:49:08 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17131513982448192d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/login.css?v=q2b2ZBI1X2Yj&l=english | 210.74.226.164 | 200 | 18 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/login.css?v=q2b2ZBI1X2Yj&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text, with CRLF, LF line terminators Hashab66f66412355f6623d31b87b391e4a3 071daed245dba7d1ee2dfe990ff3d36876fff43b fee753fb2578225fc36d43fcd266a52371e723ab45321de9ce473c89847f2df3
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/css/login.css?v=q2b2ZBI1X2Yj&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 18015
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "q2b2ZBI1X2Yj"
Vary: Accept-Encoding
Cache-Control: public, max-age=13576997
Expires: Thu, 19 Sep 2024 06:29:54 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17131513975641761d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english | 210.74.226.164 | 200 | 40 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (4009), with CRLF, LF line terminators Hash3c0715db3301cf349532fa80d8e7b2cc 972aa75768e81dfd5d52c0c5de148e2163dd4c3d ceeb54d7faf219eaddfc96a4f88e85e8905b216f84419645312b45128d3c1792
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 39562
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "PAcV2zMBzzSV"
Vary: Accept-Encoding
Cache-Control: public, max-age=13895173
Expires: Sun, 22 Sep 2024 22:52:50 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ac17131513975581760d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/skin_1/home.css?v=pTH-Ya7jG3VB&l=english | 210.74.226.164 | 200 | 15 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/skin_1/home.css?v=pTH-Ya7jG3VB&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with CRLF, LF line terminators Hasha531fe61aee31b7541223b0191cada79 ab7bdf44b91e067ac02378dbeb9380cb1618d878 0d79433fbf1fd92a6010b9af93e8da20774483c2b79efaedc8fed3782c9239d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/css/skin_1/home.css?v=pTH-Ya7jG3VB&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 14878
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "pTH-Ya7jG3VB"
Vary: Accept-Encoding
Cache-Control: public, max-age=13088658
Expires: Fri, 13 Sep 2024 14:50:55 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ad17131513975592315d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&l=english | 210.74.226.164 | 200 | 19 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (1667), with CRLF, LF line terminators Hashb0720870ccc27df5fa6d1669cc098251 8800fa19f2eca67bbdd0cde15ac5e300f0240382 ed913aa6f584d262be7eae0f789e88bcfd93bbaddd59a37a3fe39d6ee96880d5
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 19096
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "sHIIcMzCffX6"
Vary: Accept-Encoding
Cache-Control: public, max-age=15551036
Expires: Sun, 20 Oct 2024 23:31:06 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3b017139160308255274d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 | 210.74.226.164 | 200 | 16 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash72938851e7c2ef7b63299eba0c6752cb b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 16087
Connection: keep-alive
Last-Modified: Tue, 22 Mar 2022 23:23:42 GMT
ETag: ".zYHOpI1L3Rt0"
Vary: Accept-Encoding
Cache-Control: public, max-age=6449167
Expires: Fri, 28 Jun 2024 18:09:27 GMT
Content-Disposition: inline;filename=f.txt
traceId: 296c9ead-f0b4-4328-90a8-28bf3690686e
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw | 210.74.226.164 | 200 | 169 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size169 kB (169399 bytes) Hash6a39e0b509fecb928d47b8a2643fed2a f67fa6cb1d09963d10ba117d6553c8e7d5bc7863 d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 169399
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: ".55t44gwuwgvw"
Vary: Accept-Encoding
Cache-Control: public, max-age=5607580
Expires: Wed, 19 Jun 2024 00:22:58 GMT
Content-Disposition: inline;filename=f.txt
traceId: 99efa78b-e11f-479e-a465-ab88e8e02ecd
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC | 210.74.226.164 | 200 | 96 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32086), with CRLF line terminators Hash4dc834d16a0d219d5c2b8a5b814569e4 4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 95790
Connection: keep-alive
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: ".isFTSRckeNhC"
Vary: Accept-Encoding
Cache-Control: public, max-age=9870935
Expires: Wed, 07 Aug 2024 08:38:54 GMT
Content-Disposition: inline;filename=f.txt
traceId: b8b32412-49f2-4966-a82e-201ce728b794
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop | 210.74.226.164 | 200 | 122 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Size122 kB (122171 bytes) Hash39e34882ba4417cb4b1b84916dabb770 0d0ca081fb60c8aad337091bafcbe84f966c38b0 da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 122171
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "OeNIgrpEF8tL"
Vary: Accept-Encoding
Cache-Control: public, max-age=11667332
Expires: Wed, 28 Aug 2024 03:38:50 GMT
Content-Disposition: inline;filename=f.txt
traceId: d3a1be91-74fb-4aed-a2fb-ef05d999d19e
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english | 210.74.226.164 | 200 | 25 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hasha52bc800ab6e9df5a05a5153eea29ffb 8661643fcbc7498dd7317d100ec62d1c1c6886ff 57cfaf9b92c98541f769090cd0229a30013cea7cfafc18519ca654bfae29e14e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:07 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 24657
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "pSvIAKtunfWg"
Vary: Accept-Encoding
Cache-Control: public, max-age=13678542
Expires: Fri, 20 Sep 2024 10:19:03 GMT
Content-Disposition: inline;filename=f.txt
traceId: d5c2ce3d-9ffb-4635-88a9-056524c4adea
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/global.js?v=B7Vsdo1okyaC&l=english | 210.74.226.164 | 200 | 104 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/global.js?v=B7Vsdo1okyaC&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (9521), with CRLF line terminators Size104 kB (103580 bytes) Hashff1d6d837c38a4455ec02329e006c041 45995f4ad83db529d4ec95fef761d33122d0fb3b 827f7bff31767b77325b53136fefca9204406b65ec4c9c77b622ce536140de88
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/global.js?v=B7Vsdo1okyaC&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 103580
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "B7Vsdo1okyaC"
Vary: Accept-Encoding
Cache-Control: public, max-age=13896484
Expires: Sun, 22 Sep 2024 22:51:23 GMT
Content-Disposition: inline;filename=f.txt
traceId: 1e09f8bd-8df1-4cf2-b151-ffd5b7611e2f
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/ | 210.74.226.164 | | 8.6 kB |
IP210.74.226.164:0 ASN#4812 China Telecom Group
CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2997), with CRLF, LF line terminators Hashc0c3b4e6124f73687ea5e4ed76e95e61 7cd2f62757e1ebd10753a005e7a61011b5da67ed ea96511d1c9878a6547cb6cc7923fbaae320fbb3c21346f2fb6c5d579151f6b0
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:07 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 8605
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: no-cache
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Origin: https://sp.aircsgo.com
Set-Cookie: sessionid=81d47a3de59dddd3b0bc822b; Path=/; Secure; SameSite=None;Domain=sp.aircsgo.com
steamCountry=HK%7C394c02094053b294138b04442cb95ddf; Path=/; Secure; HttpOnly; SameSite=None;Domain=sp.aircsgo.com
uid=6537c0d9-18cb-433f-b74f-a3026143c5f5; Path=/; Domain=sp.aircsgo.com
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-8x8zp
traceId: eaac1cf3ac17139826864084871d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/login.js?v=0BCNfXbnL2BC&l=english | 210.74.226.164 | 200 | 61 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/login.js?v=0BCNfXbnL2BC&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (24693), with CRLF line terminators Hash2e0a557ac3cf7dc7e922d8f2586171aa 910e79ff84f755b99b61554df334ced7b0b856d0 a68e8eeab3d2af3cb502f6d0b773d7c46e49120528aa456f298eae5140dfdbd6
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/javascript/login.js?v=0BCNfXbnL2BC&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 60910
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "0BCNfXbnL2BC"
Vary: Accept-Encoding
Cache-Control: public, max-age=15381828
Expires: Mon, 14 Oct 2024 12:10:13 GMT
Content-Disposition: inline;filename=f.txt
traceId: d6660dc6-4513-4a56-8c1d-ff99a41d8129
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/shared_global.js?v=1_BxDGVvfXwv&l=english | 210.74.226.164 | 200 | 154 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/shared/javascript/shared_global.js?v=1_BxDGVvfXwv&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2642), with CRLF line terminators Size154 kB (154429 bytes) Hash95a93c0abf311a8d351f7586edb7b6be 85a3b6dce0be73fa2e230e5f84a0d8d9f032676a b5223bb90e03e750512b0a3d7c0bc3ba53738755ed8d6fc24ca807067d1bebcd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/shared/javascript/shared_global.js?v=1_BxDGVvfXwv&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 154429
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "1_BxDGVvfXwv"
Vary: Accept-Encoding
Cache-Control: public, max-age=15105221
Expires: Sun, 06 Oct 2024 22:37:01 GMT
Content-Disposition: inline;filename=f.txt
traceId: 8e175a7a-85aa-4ebe-84be-1561d92ce0bb
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english | 210.74.226.164 | 200 | 16 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15579), with CRLF, LF line terminators Hasha3d759dc49f9cb53c8514378a3eaa89b a0cfcffffc94597c5432389c2f3813c0bd684da5 6a26430d49e9defb17b22e294d0b4d3d701b36f4c55ffa098150a395b1ef40f5
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:07 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 15747
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "2YYIUqf8HOkr"
Vary: Accept-Encoding
Cache-Control: public, max-age=15551603
Expires: Sun, 20 Oct 2024 23:30:59 GMT
Content-Disposition: inline;filename=f.txt
traceId: d8636a1e-5bc0-4831-a939-c7d7af5b6bb0
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/applications/community/main.css?v=EyWBqDQS-6jg&l=english | 210.74.226.164 | 200 | 120 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/applications/community/main.css?v=EyWBqDQS-6jg&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (26986), with CRLF, LF line terminators Size120 kB (120179 bytes) Hash132581a83412fba8e0fc7e66a84b6ffb 5586269078c874f74b513b2b6aa29ffd2fa8f57e 8ea529711fbd58d915bae3c1905b0676fe1464c2173620576a3e188273e502b0
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/css/applications/community/main.css?v=EyWBqDQS-6jg&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:07 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 120179
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "EyWBqDQS-6jg"
Vary: Accept-Encoding
Cache-Control: public, max-age=15550338
Expires: Sun, 20 Oct 2024 23:29:46 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17139166484347953d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 | 23.36.76.241 | 200 OK | 1.7 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeSVG Scalable Vector Graphics image Hashb7a7e43284e2ffe806ac1bc27c1f6a87 e8196489e2ae99ec6eb33995b5a3e108d6e44de0 c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
GET /public/shared/images/header/logo_steam.svg?t=962016 HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/svg+xml
Last-Modified: Tue, 17 Nov 2020 23:34:54 GMT
ETag: "5fb45e1e-e64"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1736
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 | 23.36.76.241 | 200 OK | 123 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeTrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansRegular4.015;Plau;MotivaSan Size123 kB (122684 bytes) Hash57613e143ff3dae10f282e84a066de28 88756cc8c6db645b5f20aa17b14feefb4411c25f 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/octet-stream
Content-Length: 122684
Last-Modified: Tue, 28 Jul 2020 23:16:28 GMT
ETag: "5f20b1cc-1df3c"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 | 23.36.76.241 | 200 OK | 124 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeTrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansMedium4.015;Plau;MotivaSans Size124 kB (124048 bytes) Hash2d64caa5ecbf5e42cbb766ca4d85e90e 147420abceb4a7fd7e486dddcfe68cda7ebb3a18 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
GET /public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/octet-stream
Content-Length: 124048
Last-Modified: Tue, 28 Jul 2020 23:16:28 GMT
ETag: "5f20b1cc-1e490"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 | 23.36.76.241 | 200 OK | 3.7 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typePNG image data, 96 x 26, 8-bit/color RGBA, non-interlaced Hash1626f52addb7c56fe3679d82108c62e9 2b414092d66ecff528950093a655f755c3c7f3b5 ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
GET /public/images/skin_1/footerLogo_valve.png?v=1 HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 3737
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
ETag: "5a4ed63b-e99"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1 | 23.36.76.241 | 200 OK | 291 B |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1 IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typePNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced Hasha2796187c58c7e948159e37d6990ecc2 4209cd85add507247f9ce5a87a8c9095b54ee417 23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 291
Last-Modified: Wed, 21 Mar 2018 00:07:17 GMT
ETag: "5ab1a235-123"
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png | 23.36.76.241 | 200 OK | 3.8 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typePNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced Hasheabc76eb57feae44add7faead028521e 4e3e53938fad15661d2d046a868338841a95db19 fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 3777
Last-Modified: Fri, 05 Jan 2018 01:35:16 GMT
ETag: "5a4ed654-ec1"
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png | 23.36.76.241 | 200 OK | 11 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typePNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced Hasha4e79c73ee13cb25b60fc4b0ba1f690c b690c31b2eb1b0eb085e91aaae7e79f03debe7c1 6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
GET /public/shared/images/responsive/header_logo.png HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 10863
Last-Modified: Fri, 05 Jan 2018 01:35:16 GMT
ETag: "5a4ed654-2a6f"
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png | 23.36.76.241 | 200 OK | 1.8 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typePNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced Hash574c350c7b23ae794d5276f8580e0838 235c7b35c3468f8915eca01f7abdb43d34079609 8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
GET /public/shared/images/responsive/logo_valve_footer.png HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 1846
Last-Modified: Fri, 05 Jan 2018 01:35:16 GMT
ETag: "5a4ed654-736"
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:07 GMT
Connection: keep-alive
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english | 210.74.226.164 | 200 | 927 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65368), with CRLF, LF line terminators Size927 kB (926675 bytes) Hashf134d10fcb01e179db9cf3099df3836a 731099750f391092c83afa5f1bd2b7477fede1e9 fba2af31de6ee1204b27e564b9a77aeff8bb8550e23df80837ba7baf1f18c8d8
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:07 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 926675
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "VGtvPLNviurP"
Vary: Accept-Encoding
Cache-Control: public, max-age=15104393
Expires: Sun, 06 Oct 2024 22:37:50 GMT
Content-Disposition: inline;filename=f.txt
traceId: 2467617f-3f72-4c5c-9ea9-5612720aa357
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english | 210.74.226.164 | 200 | 588 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65368), with CRLF, LF line terminators Size588 kB (587803 bytes) Hash3a7c0a45f7a8b6eff22e82cd7294f3eb 31be23fbfd228f783a64fd8f12939b62e67c6511 c44f49e587c1532faab98404bdf6dedd08decfc3986d63fd75294f0877304568
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:07 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 587803
Connection: keep-alive
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
ETag: "c4UneKQJS7M3"
Vary: Accept-Encoding
Cache-Control: public, max-age=15551584
Expires: Sun, 20 Oct 2024 23:30:40 GMT
Content-Disposition: inline;filename=f.txt
traceId: ceac03cb-0f74-4e8e-90f0-fd9db5c6afd5
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| community.akamai.steamstatic.com/public/shared/images/joinsteam/new_login_bg_strong_mask.jpg | 23.36.76.241 | 200 OK | 124 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/images/joinsteam/new_login_bg_strong_mask.jpg IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3 Size124 kB (124529 bytes) Hash48b805d8fa321668db4ce8dfd96db5b9 e0ded2606559c8100ef544c1f1c704e878a29b92 9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954
GET /public/shared/images/joinsteam/new_login_bg_strong_mask.jpg HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 124529
Last-Modified: Wed, 24 Aug 2022 00:07:59 GMT
ETag: "63056bdf-1e671"
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:08 GMT
Connection: keep-alive
|
|
| community.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Black.ttf?v=4.015 | 23.36.76.241 | 200 OK | 121 kB |
URL GET HTTP/1.1community.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Black.ttf?v=4.015 IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeTrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansBlack4.015;Plau;MotivaSans- Size121 kB (120816 bytes) Hash4f7c668ae0988bf759b831769bfd0335 280a11e29d10bb78d6a5b4a1f512bf3c05836e34 32d4c8dc451e11db315d047306feea0376fbdc3a77c0ab8f5a8ab154164734d1
GET /public/shared/fonts/MotivaSans-Black.ttf?v=4.015 HTTP/1.1
Host: community.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/octet-stream
Content-Length: 120816
Last-Modified: Tue, 28 Jul 2020 23:16:27 GMT
ETag: "5f20b1cb-1d7f0"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Wed, 24 Apr 2024 18:18:08 GMT
Connection: keep-alive
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b | 210.74.226.164 | 200 | 186 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65253), with CRLF, LF line terminators Size186 kB (186349 bytes) Hash0f676b67f7fecc8dd50eda3c3d4db27a 9ceaf58e36b8671f990b9e197bd3d3ab435459e0 c73b9f8d0e49e33444d8c984d28d624e4627f38de270259177b94557eca5e758
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 23:29:53 GMT
ETag: "2n42joPoAF7E"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=257562
Expires: Fri, 26 Apr 2024 23:30:11 GMT
Content-Disposition: inline;filename=f.txt
traceId: a19c3819-0dac-4e0c-8008-a36400550d94
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac | 210.74.226.164 | 200 | 216 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65355), with CRLF, LF line terminators Size216 kB (216082 bytes) Hash074854cf64e9166d4e5a74972d4471fe 9280f48a12d355e73a3be5522ff2ca42679d9898 7f50fe1f9cdf75de8228d80e3b43447a2a2b8c1b2eb4595ff7788d08ebfdbfa8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 23:29:53 GMT
ETag: "AOTJMm_M7wPV"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=257547
Expires: Fri, 26 Apr 2024 23:29:56 GMT
Content-Disposition: inline;filename=f.txt
traceId: 7946331f-2693-4f6d-b6b5-ca440b55b6d2
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5 | 210.74.226.164 | 200 | 172 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64901), with CRLF, LF line terminators Size172 kB (171845 bytes) Hashe8ef31f20d4694cc3c34d5a74cb6f53d 6fca93922426824dc8aeee9de37f0b3d00f76269 202eb2aed6333ca9e76ce9059a639e59e454eb466a7fa3b8582e8bd3aeea726a
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:08 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 171845
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:35 GMT
ETag: "U2Px6UXjBWDe"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=232514
Expires: Fri, 26 Apr 2024 09:18:56 GMT
Content-Disposition: inline;filename=f.txt
traceId: eef36f10-fcb4-4958-967c-c6fb10998bec
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e | 210.74.226.164 | 200 | 18 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17427), with CRLF, LF line terminators Hashde07a97736d0565d5fe887fa36d88af1 24931254ff239c3305e0c5698e857d6a0ec821ef 8ccb525de647cc8dffb0423b7a5c9d548977e41926d1ea77b840d4f9c6c80c3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 17595
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:35 GMT
ETag: "EMncs5O5KwPb"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=228968
Expires: Fri, 26 Apr 2024 09:20:13 GMT
Content-Disposition: inline;filename=f.txt
traceId: 1202e49c-3c21-4030-a70b-1f8f2ddbc785
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/libraries~f036ce556.js?contenthash=4aeaa7f3e9a9fc232310 | 210.74.226.164 | 200 | 90 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/libraries~f036ce556.js?contenthash=4aeaa7f3e9a9fc232310 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65368), with CRLF, LF line terminators Hash92d36a6e072993c0285b9831df7d4529 7b2c9c2799ded1dbc6cf4176121b48f9ed8af064 30a57f4987a86582c8d3e49fa7bc267234c89ba0d2df180c458a81efa0d1f9b2
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/libraries~f036ce556.js?contenthash=4aeaa7f3e9a9fc232310 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 90126
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:34 GMT
ETag: "zMcnvrKcq8yZ"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=228908
Expires: Fri, 26 Apr 2024 09:19:08 GMT
Content-Disposition: inline;filename=f.txt
traceId: 62ff33b0-e7db-412d-8302-bcd266529bae
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/login.js?contenthash=3f5d4d1eea08fcdfe1a3 | 210.74.226.164 | 200 | 845 B |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/login.js?contenthash=3f5d4d1eea08fcdfe1a3 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (677), with CRLF, LF line terminators Hash0234bbe987117b96ab3b77f0350da17c b7026a13fa81177b88b87032e760c5695dc09782 dbc6224d30b885cc0dda6332be1b0b6ba6747ee21907749b23b525f805559836
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/login.js?contenthash=3f5d4d1eea08fcdfe1a3 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 845
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:35 GMT
ETag: "34GAzMeymb_o"
Cache-Control: public, must-revalidate, max-age=211251
Expires: Fri, 26 Apr 2024 09:24:29 GMT
Content-Disposition: inline;filename=f.txt
traceId: 9fc4d541-2b5e-4ada-91c0-64383ea3f720
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/applications/community/chunk~f036ce556.css?contenthash=65008c72e7e5586e0c2d | 210.74.226.164 | 200 | 31 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/applications/community/chunk~f036ce556.css?contenthash=65008c72e7e5586e0c2d IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (19112), with CRLF, LF line terminators Hash668d9b56f55f6d79ddd295267b68518a ad521277e7ba515feee28e4fb3cd62afdb6ca218 ddc12eff57a9e957968af6b2b8619545dd26f3fec3d85c4c607e5d0560fed7d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/css/applications/community/chunk~f036ce556.css?contenthash=65008c72e7e5586e0c2d HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 30770
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:35 GMT
ETag: "x8Yg4STls09_"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=229018
Expires: Fri, 26 Apr 2024 09:21:01 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3af17138942430104542d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/applications/community/login.css?contenthash=a66289e969ece5d1faad | 210.74.226.164 | 200 | 229 B |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/css/applications/community/login.css?contenthash=a66289e969ece5d1faad IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeASCII text, with CRLF, LF line terminators Hash765173ac8de1cce3cadf7aa1ab36cfc0 8e18b33836c896184f3707a99be446cd30e4bf59 4bc34175da3bcdbdfb64489ee946dd77beeee5505349243f12a44766dc5217af
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/css/applications/community/login.css?contenthash=a66289e969ece5d1faad HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 229
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:34 GMT
ETag: "GrUtQabOSHsW"
Cache-Control: public, must-revalidate, max-age=206501
Expires: Fri, 26 Apr 2024 08:05:19 GMT
Content-Disposition: inline;filename=f.txt
traceId: eaac1cf3ae17139122184976830d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85 | 210.74.226.164 | 200 | 14 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14143), with CRLF, LF line terminators Hash111a47157df97cd1dc2fbcf3f045c870 809cc243c03b8d5778b5b3d929624556781f9b2d c1229094551fd0b3d3f021cc0005ea28af2c64059e78adbe940367416bbeb680
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 14311
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:35 GMT
ETag: "MsgvU2O4ZYEo"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=229055
Expires: Fri, 26 Apr 2024 09:21:42 GMT
Content-Disposition: inline;filename=f.txt
traceId: c749350c-cc85-4f67-9caf-acdcf74f9226
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/favicon.ico | 210.74.226.164 | 200 | 39 kB |
URL GET HTTP/1.1sp.aircsgo.com/favicon.ico IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hash231913fdebabcbe65f4b0052372bde56 553909d080e4f210b64dc73292f3a111d5a0781f 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: image/x-icon
Content-Length: 38554
Connection: keep-alive
Last-Modified: Tue, 18 Sep 2018 23:32:59 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: public,max-age=86400
Expires: Thu, 18 Jan 2024 05:45:28 GMT
Origin: https://sp.aircsgo.com
Set-Cookie: uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3ae17139826890183711d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/chunk~f036ce556.js?contenthash=2ce1adc8a382f77bdf57 | 210.74.226.164 | 200 | 89 kB |
URL GET HTTP/1.1sp.aircsgo.com/community-akamai-steamstatic-com/js/public/javascript/applications/community/chunk~f036ce556.js?contenthash=2ce1adc8a382f77bdf57 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65366), with CRLF, LF line terminators Hash331e362a15fd19b8a81383293f048b12 1507937111e38c45a4f399d38bc328946e82cd45 89e9a40739d670d439d0c7a190691f68cd6e8b96fe8c1d92a0866ca449cc82bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /community-akamai-steamstatic-com/js/public/javascript/applications/community/chunk~f036ce556.js?contenthash=2ce1adc8a382f77bdf57 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:09 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 88814
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 23:43:35 GMT
ETag: "sRCTFvr5PRbP"
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=208014
Expires: Fri, 26 Apr 2024 03:30:59 GMT
Content-Disposition: inline;filename=f.txt
traceId: 0bcdfc8f-196f-4b28-b0cb-405ae8444540
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/steamlogin/jwt/ajaxrefresh | 210.74.226.164 | 200 | 28 B |
URL POST HTTP/1.1sp.aircsgo.com/steamlogin/jwt/ajaxrefresh IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hashb6eba0b6a257c7225bc3b8ce1a80d0ef fdcf96d96483272ca0b622e917e581e5fd202c48 f3156716f54db738fbbf203495f9f0dae5de30bcf4c46855422f9525fea9752a
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
POST /steamlogin/jwt/ajaxrefresh HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------267504463113033601142291325
Content-Length: 202
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:11 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Access-Control-Max-Age: 604800
Origin: https://sp.aircsgo.com
Set-Cookie: ak_bmsc=B625249443A421F9B3CA05698E3FD0FD~000000000000000000000000000000~YAAQSVLNF0f35/KOAQAAWldUERdHdzAzCvgdh9BiTnJLGLIEoA9u+HgWgZZRf5ISBl8GzkOWXH/8Hg3rTp53+2ac+Oi+lIvZDXnVnMqL3hiJCNtexcFbNPd+weuWA5qslsVFrL7lKOaZMBDvcxoJbEDsBIaX2NZ7sIa0KmLA06iMTGO5o7P9dOtQ1OjzyG/+rgd3+dsdEz2wtAJEagzO3GPQ6L18ZCZG+ATbVflje2ZSCeMQaHPAHaLEW9Z6qzzE7YR7qsNUPQKWEexbLjrTuvdrfGFqQktUz2mAWN8dyi+hA+4lE6EDNqZ+xk1yw7uhf0/nAaX12EqdQxT3Y/dlXIFuIoEh2rPwLwCgV0pawhXGegtHTWJp8JzhkThY+F+MihZz; Domain=.steampowered.com; Path=/; Expires=Wed, 24 Apr 2024 20:18:10 GMT; Max-Age=7199; HttpOnly;Domain=sp.aircsgo.com
uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Strict-Transport-Security: max-age=15724800; includeSubDomains
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3af17139826906993683d0001
|
|
| sp.aircsgo.com/steamapi/IAuthenticationService/BeginAuthSessionViaQR/v1 | 210.74.226.164 | 200 | 85 B |
URL POST HTTP/1.1sp.aircsgo.com/steamapi/IAuthenticationService/BeginAuthSessionViaQR/v1 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hash5bed77a47e939c69f9f1cb86e19e353a ac0146206880290e587fa708eb44f9d8cfe44e4c e4c3fbe3dad92e5c0d4fae6b890841c6f2d5f25c10152ca0af3cf4a9540fe903
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
POST /steamapi/IAuthenticationService/BeginAuthSessionViaQR/v1 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------283124046836479757632947943684
Content-Length: 307
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0; ak_bmsc=B625249443A421F9B3CA05698E3FD0FD~000000000000000000000000000000~YAAQSVLNF0f35/KOAQAAWldUERdHdzAzCvgdh9BiTnJLGLIEoA9u+HgWgZZRf5ISBl8GzkOWXH/8Hg3rTp53+2ac+Oi+lIvZDXnVnMqL3hiJCNtexcFbNPd+weuWA5qslsVFrL7lKOaZMBDvcxoJbEDsBIaX2NZ7sIa0KmLA06iMTGO5o7P9dOtQ1OjzyG/+rgd3+dsdEz2wtAJEagzO3GPQ6L18ZCZG+ATbVflje2ZSCeMQaHPAHaLEW9Z6qzzE7YR7qsNUPQKWEexbLjrTuvdrfGFqQktUz2mAWN8dyi+hA+4lE6EDNqZ+xk1yw7uhf0/nAaX12EqdQxT3Y/dlXIFuIoEh2rPwLwCgV0pawhXGegtHTWJp8JzhkThY+F+MihZz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:12 GMT
Content-Type: application/octet-stream
Content-Length: 85
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Expires: Wed, 24 Apr 2024 18:18:12 GMT
Origin: https://sp.aircsgo.com
Set-Cookie: uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Vary: Origin
X-eresult: 1
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3ae17139826922123722d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/steamapi/IAuthenticationService/PollAuthSessionStatus/v1 | 210.74.226.164 | 200 | 2 B |
URL POST HTTP/1.1sp.aircsgo.com/steamapi/IAuthenticationService/PollAuthSessionStatus/v1 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hashe9f962233595f8a9eaceb6e5d490a15c a3dfc0c77acade0ee48dcc73e795a597d0270a73 e4ab5012eff32a5171b3672b59d29950fe8b3dcb4d2dadf971ebbcbc2fbb0d41
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
POST /steamapi/IAuthenticationService/PollAuthSessionStatus/v1 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------361785917942433381033681325556
Content-Length: 231
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0; ak_bmsc=B625249443A421F9B3CA05698E3FD0FD~000000000000000000000000000000~YAAQSVLNF0f35/KOAQAAWldUERdHdzAzCvgdh9BiTnJLGLIEoA9u+HgWgZZRf5ISBl8GzkOWXH/8Hg3rTp53+2ac+Oi+lIvZDXnVnMqL3hiJCNtexcFbNPd+weuWA5qslsVFrL7lKOaZMBDvcxoJbEDsBIaX2NZ7sIa0KmLA06iMTGO5o7P9dOtQ1OjzyG/+rgd3+dsdEz2wtAJEagzO3GPQ6L18ZCZG+ATbVflje2ZSCeMQaHPAHaLEW9Z6qzzE7YR7qsNUPQKWEexbLjrTuvdrfGFqQktUz2mAWN8dyi+hA+4lE6EDNqZ+xk1yw7uhf0/nAaX12EqdQxT3Y/dlXIFuIoEh2rPwLwCgV0pawhXGegtHTWJp8JzhkThY+F+MihZz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:19 GMT
Content-Type: application/octet-stream
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Expires: Wed, 24 Apr 2024 18:18:19 GMT
Origin: https://sp.aircsgo.com
Set-Cookie: uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Vary: Origin
X-eresult: 1
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3af17139826986513715d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| sp.aircsgo.com/steamapi/IClientMetricsService/ReportClientError/v1 | 210.74.226.164 | 200 | 0 B |
URL POST HTTP/1.1sp.aircsgo.com/steamapi/IClientMetricsService/ReportClientError/v1 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
POST /steamapi/IClientMetricsService/ReportClientError/v1 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------154142726938673877622860804206
Content-Length: 3375
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0; ak_bmsc=B625249443A421F9B3CA05698E3FD0FD~000000000000000000000000000000~YAAQSVLNF0f35/KOAQAAWldUERdHdzAzCvgdh9BiTnJLGLIEoA9u+HgWgZZRf5ISBl8GzkOWXH/8Hg3rTp53+2ac+Oi+lIvZDXnVnMqL3hiJCNtexcFbNPd+weuWA5qslsVFrL7lKOaZMBDvcxoJbEDsBIaX2NZ7sIa0KmLA06iMTGO5o7P9dOtQ1OjzyG/+rgd3+dsdEz2wtAJEagzO3GPQ6L18ZCZG+ATbVflje2ZSCeMQaHPAHaLEW9Z6qzzE7YR7qsNUPQKWEexbLjrTuvdrfGFqQktUz2mAWN8dyi+hA+4lE6EDNqZ+xk1yw7uhf0/nAaX12EqdQxT3Y/dlXIFuIoEh2rPwLwCgV0pawhXGegtHTWJp8JzhkThY+F+MihZz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:19 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Cache-Control: max-age=0, no-cache, no-store
Expires: Wed, 24 Apr 2024 18:18:19 GMT
Origin: https://sp.aircsgo.com
Pragma: no-cache
Set-Cookie: uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Vary: Origin
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3ad17139826990796219d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=FdSxNvCsMJMbvW3WNAp1uZk0k-pDgAxJ8kaPEac0XZzHMMKkmq7gKQiKCr6pWo08mchtZ4jxvaf4Mx3cmPgs1YB_K2zHQ8cGEqbvIs2q1LcB5aO9U1a4mQ0MCHkwweoa
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Wed, 24 Apr 2024 18:17:40 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 40
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| normandy.cdn.mozilla.net/api/v1/ | 35.201.103.21 | | 598 B |
URL normandy.cdn.mozilla.net/api/v1/ IP35.201.103.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: object-src 'none'; frame-src 'none'; block-all-mixed-content; default-src 'self' https://normandy.cdn.mozilla.net/; worker-src 'none'; base-uri 'none'; form-action 'self'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Tue, 23 Apr 2024 23:22:35 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 68147
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| classify-client.services.mozilla.com/api/v1/classify_client/ | 34.98.75.36 | | 64 B |
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP34.98.75.36:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash17a72c3281fd5b0c390ff33154d6620a 6796a7cac74d50180da22f0c896f45e91fdd65cb cec686458b6426c01bbc7a987b5aed5c73932e4a77f8df0bbd5927c26ff2a775
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:18:23 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sp.aircsgo.com/steamapi/IAuthenticationService/PollAuthSessionStatus/v1 | 210.74.226.164 | 200 | 2 B |
URL POST HTTP/1.1sp.aircsgo.com/steamapi/IAuthenticationService/PollAuthSessionStatus/v1 IP210.74.226.164:443 ASN#4812 China Telecom Group
Requested byhttps://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F CertificateIssuerDigiCert Inc Subjectsp.aircsgo.com Fingerprint64:41:3B:3F:FB:51:45:4A:A8:80:A5:EE:D0:D9:53:BC:C1:76:67:D3 ValidityWed, 23 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
Hashe9f962233595f8a9eaceb6e5d490a15c a3dfc0c77acade0ee48dcc73e795a597d0270a73 e4ab5012eff32a5171b3672b59d29950fe8b3dcb4d2dadf971ebbcbc2fbb0d41
Analyzer | Verdict | Alert | OpenPhish | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
POST /steamapi/IAuthenticationService/PollAuthSessionStatus/v1 HTTP/1.1
Host: sp.aircsgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------34248421217498927871039910913
Content-Length: 229
Origin: https://sp.aircsgo.com
DNT: 1
Connection: keep-alive
Referer: https://sp.aircsgo.com/login/home/?goto=%2Fmoderation%2F
Cookie: sessionid=8b01f16e1452c7504f3504d4; steamCountry=HK%7C45a9b97111f15e81413ba0db01d49d5e; uid=ea6b661f-a479-42ce-9536-33ad331de719; timezoneOffset=0,0; ak_bmsc=B625249443A421F9B3CA05698E3FD0FD~000000000000000000000000000000~YAAQSVLNF0f35/KOAQAAWldUERdHdzAzCvgdh9BiTnJLGLIEoA9u+HgWgZZRf5ISBl8GzkOWXH/8Hg3rTp53+2ac+Oi+lIvZDXnVnMqL3hiJCNtexcFbNPd+weuWA5qslsVFrL7lKOaZMBDvcxoJbEDsBIaX2NZ7sIa0KmLA06iMTGO5o7P9dOtQ1OjzyG/+rgd3+dsdEz2wtAJEagzO3GPQ6L18ZCZG+ATbVflje2ZSCeMQaHPAHaLEW9Z6qzzE7YR7qsNUPQKWEexbLjrTuvdrfGFqQktUz2mAWN8dyi+hA+4lE6EDNqZ+xk1yw7uhf0/nAaX12EqdQxT3Y/dlXIFuIoEh2rPwLwCgV0pawhXGegtHTWJp8JzhkThY+F+MihZz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 18:18:25 GMT
Content-Type: application/octet-stream
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Method: *
Access-Control-Allow-Methods: POST, GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://sp.aircsgo.com
Access-Control-Expose-Headers: X-eresult,X-error_message
Expires: Wed, 24 Apr 2024 18:18:25 GMT
Origin: https://sp.aircsgo.com
Set-Cookie: uid=ea6b661f-a479-42ce-9536-33ad331de719; Path=/; Domain=sp.aircsgo.com
Vary: Origin
X-eresult: 1
X-Proxy-Hostname: steam-session-cluster-6c6fc676d6-f2qcm
traceId: eaac1cf3ae17139827049003767d0001
Strict-Transport-Security: max-age=15724800; includeSubDomains
|
|