Report - alihk.steamproxy.vip/

Report Overview

Submitted URL
alihk.steamproxy.vip/
IP
8.217.145.66
ASN
#45102 Alibaba US Technology Co., Ltd.
Submitted
2024-04-24 23:25:09
Access
public
Website Title
Steam Community
Final URL
alihk.steamproxy.vip/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
298

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.cloudflare.steamstatic.com	9505	2013-11-07	2020-06-12	2024-04-20	2.6 kB	47 kB	172.64.145.151
alihk.steamproxy.vip	unknown	2022-04-12	2023-11-09	2023-12-14	62 kB	5.5 MB	8.217.145.66
steamcommunity.com	4728	2006-05-28	2014-03-11	2024-04-24	15 kB	313 kB	2.16.174.204
img.youtube.com	3087	2005-02-15	2012-05-30	2024-04-23	4.4 kB	136 kB	142.250.74.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam
2024-03-29	medium	alihk.steamproxy.vip/	Steam

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed
2024-04-24	medium	steamproxy.vip	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	alihk.steamproxy.vip/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e	18 kB	2024-02-15	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-15 04:04:07 Last Seen2024-04-30 19:10:42 Times Seen163 Hash 48b546bab618497b37de775b2595b5c8 79d9f52dc406057947d3615fed0f6231f18ea706 75373ea9632bdc4ee2ceabc0d94500dc5f6642bc06fec386ecba2285a120d6db Loading...

	alihk.steamproxy.vip/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english	14 kB	2023-11-10	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 02:08:22 Last Seen2024-04-25 01:25:14 Times Seen10 Hash 7e41b2b26edb574e0fd795b7f8af7d4f e08431ca7f63e7c43b87fd041f7d9cab4e4a015b f8b06f5a4391b01192abdf5f8b9d52632a43bab17d51c2cfa3c4b3fd6124ebe0 Loading...

	alihk.steamproxy.vip/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english	1.1 kB	2023-11-10	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 02:08:22 Last Seen2024-04-25 01:25:15 Times Seen10 Hash 57e9443afc0109744ee29ba402237c07 b53db898d6e36306739e4111c9066a24583aa35c 5d41755d51460bc0bee79a7f57df853e6e0a001c8922e0ee5de67a4eccf5c427 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english	457 B	2023-03-26	2024-05-01
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:00:05 Last Seen2024-05-01 18:38:59 Times Seen376 Hash 1fc0e266e0c35f24bf232e1015ca7064 dcfa89f38d3bac32a02f28c662cfa4f4855ec8b7 c5527d218ab87fb08c01dbdb65039651a55be1bf70fb19aef70930c2e81c7698 Loading...

	alihk.steamproxy.vip/	374 B	2023-03-12	2024-05-04
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 09:45:05 Last Seen2024-05-04 09:54:17 Times Seen1225 Hash b70da133ca779ab3e43a34b27582022a 43c146ab15416cc77dadea9d17dbd69b4b001b4b 9b7266c903d26b60f47edbf7647ebe6fe6810e4e06c0cf06f1348944ee585b2c Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=28f31dbe47f6b6412c17	60 kB	2024-04-20	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=28f31dbe47f6b6412c17 IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-20 23:26:36 Last Seen2024-04-30 19:10:42 Times Seen12 Hash d0d459d4d4df61a0fab32223833fd78b 96cbd6172bd1cb434ad72d530c70b6c6c351d72d 46f33dac5be5905239dad727fe9ddafc1ec4c9de0963334c85fd4ebb62290df2 Loading...

	alihk.steamproxy.vip/	521 B	2023-03-12	2024-05-04
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 09:45:05 Last Seen2024-05-04 09:54:17 Times Seen1224 Hash 1ca437221076a602c053146ac451e9a2 605ca877765dcd8a7420d4e3df5a644f5468b5e7 1ce28f3f9525bda804d49ef59149ff51b079c28dfdee7a6b86107bcd0350538f Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/chunk~4b330692b.js?contenthash=555ff2496b7cbfc4085c	36 kB	2024-02-15	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/chunk~4b330692b.js?contenthash=555ff2496b7cbfc4085c IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-15 04:04:07 Last Seen2024-04-30 19:10:42 Times Seen154 Hash 451f8e7d6f95c349625abc0e94b4adca 8f34df4239961cc0236f729bb968b4132d41543e 45a8dea1a8daf298239e156eb4325ea8b1fc594deefda87faa2d3f73fe3f3aa0 Loading...

	alihk.steamproxy.vip/	63 B	2023-11-10	2024-04-25
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-10 02:08:22 Last Seen2024-04-25 01:25:13 Times Seen5 Hash 4fdc7568e748129dd676ac85a7274265 a6022ef32107d28e5ca677fd685afd1a3552082f ef85382c7218203643515b075ae5cba5cd35761a51aa4517f8e4129a9246bc39 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/communityawardsapp.js?contenthash=afc3d1cf46d793a7e76b	404 B	2024-01-13	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/communityawardsapp.js?contenthash=afc3d1cf46d793a7e76b IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-13 12:24:59 Last Seen2024-04-30 19:10:42 Times Seen84 Hash b2f6a8c5b3eaaa783bdf855768b01107 05e67f0f4d77d2b5aca615304997506cfcdf62e8 443006c451aa8fecf8082b78d4a2444486cd15e334caf1205af4a99e7a892d40 Loading...

	alihk.steamproxy.vip/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw	169 kB	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-05-04 09:54:17 Times Seen4571 Hash 6a39e0b509fecb928d47b8a2643fed2a f67fa6cb1d09963d10ba117d6553c8e7d5bc7863 d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96 Loading...

	alihk.steamproxy.vip/	114 B	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:51 Last Seen2024-05-04 09:54:17 Times Seen1377 Hash 16f8c3f24c03dd22c268f120ecbb7d9c 0fc91d904a8d38ad4588344a0191af727fd09311 61c71b0ebf72ea0d8fc27d307870302ea163aa9bd344b3ba1402a2e894721925 Loading...

	alihk.steamproxy.vip/	268 B	2023-11-10	2024-04-25
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-10 02:08:22 Last Seen2024-04-25 01:25:13 Times Seen5 Hash f97204695a87f590a579034114452323 3d82323646a1fede58f652371ee6cf72a5ead81c ebfec9b64e38634bfedc4ab25ac93c411bbdea583c0f862dcb52039979a43f34 Loading...

	alihk.steamproxy.vip/	138 B	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:51 Last Seen2024-05-04 09:54:17 Times Seen1178 Hash 9f44e1f62e772303b2e525ddb1612081 e4a96a617321364bc3a043575388a6ceb1c0f4c9 9bde39c62b2614c2823a872c6c9d049d0752a22d1ed9474b8bf0cd318001d288 Loading...

	alihk.steamproxy.vip/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english	15 kB	2024-03-30	2024-04-30
Pretty URL alihk.steamproxy.vip/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-30 07:21:38 Last Seen2024-04-30 19:10:41 Times Seen57 Hash 2d1b367142b90f78fbeac7b838ba0f74 bb5ce0be68ac8e10548ec29dba57142186ff9dfe 6309753e975222eb6fc8582092237ea3dad2b1b5a18693b35581c4855894dcc9 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5	172 kB	2024-01-20	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5 IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 13:16:38 Last Seen2024-04-30 19:10:41 Times Seen101 Hash 84a0daef888e515baf564c0bf6ea2f78 2666efb180de16ed27b5cbc43ba11268a8199dd1 6718f62d6106a0c8ca204a937a88cee77faf5025c1d4ad5cbee395e5f88410b5 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac	216 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:13 Last Seen2024-04-25 01:25:15 Times Seen2 Hash 7b5ab9ccf90fe3fb2c29a2e872b17867 519549b19f5f36d438ba999d6e3e98565d8a8085 b3f281d912e7fcc3b278ffdf3568d3fcaa8fc3e50cbf6c3219ac0e361f14a0ef Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/libraries~4b330692b.js?contenthash=32fdb0c2c16cbd1f7255	26 kB	2024-01-13	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/libraries~4b330692b.js?contenthash=32fdb0c2c16cbd1f7255 IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-13 12:24:59 Last Seen2024-04-30 19:10:42 Times Seen161 Hash 9da7864b460064cdf22a8136256e4e3b 2b0ba7b2898437a7165bf7a39ecd55bf3fd0b9bd 055f45fa4d73dae60d6608a620a51c4d39799380dc1230ac19cd6a0b94f0fb78 Loading...

	alihk.steamproxy.vip/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop	122 kB	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-05-04 09:54:17 Times Seen4120 Hash 39e34882ba4417cb4b1b84916dabb770 0d0ca081fb60c8aad337091bafcbe84f966c38b0 da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c Loading...

	alihk.steamproxy.vip/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC	96 kB	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-05-04 09:54:17 Times Seen6208 Hash 4dc834d16a0d219d5c2b8a5b814569e4 4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef Loading...

	alihk.steamproxy.vip/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english	3.9 kB	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-05-04 09:54:17 Times Seen3346 Hash 75f321bb2f8bae9ca8e5c4c6d72521bd 8ed540dc9da8c5d7c2bbe390fc663e6de0b1ef0c 92a217685eda5e8319d193142aeadf80ae7a9c9e04a9a365d9cf01078d459985 Loading...

	alihk.steamproxy.vip/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english	18 kB	2023-11-10	2024-04-25
Pretty URL alihk.steamproxy.vip/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 02:08:22 Last Seen2024-04-25 01:25:14 Times Seen10 Hash 86342ffa9098af24171ddc3d75c4519e e6d7bb0d93876842bef32c9bd4dc79692748106a 976e89f2a9ad3478872eab087d56efab6b34ed6d81803f6c9a2893c11fe29b09 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b	186 kB	2024-04-25	2024-04-30
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:13 Last Seen2024-04-30 19:10:42 Times Seen6 Hash 60c10b9abbe5656168a720c2e7f1b0e1 1a7736039bd90ef256e75ea163ccf9bfa39a88d7 e0e99c89d83102183596223ee92a92679822701995a4182e84485a22776c08d2 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85	14 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85 IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:13 Last Seen2024-04-25 01:25:15 Times Seen2 Hash 308513cd7ca43945fa1deee02515c9a1 8ba5433f073b855f0d30e09e8619bcc193924f4d cba9ae0a2844b3caa01e094c56e6439758bd20f4f3515626b86b56d5867a0ac3 Loading...

	alihk.steamproxy.vip/	295 B	2023-06-21	2024-05-04
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 01:00:33 Last Seen2024-05-04 09:54:17 Times Seen1140 Hash 6004c14868a256e4cae4dec3db42e6d7 48b9c9cef4ebb49a77da2a00b57c3b2c9d86472b 2c550300a61671a67a72219fc89acad93ea8c8cb54d5468ec6f891eda7f30e96 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english	927 kB	2024-04-13	2024-05-04
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 07:37:03 Last Seen2024-05-04 06:18:32 Times Seen31 Hash 546b6f3cb36f8aeacf0c062ed04e05cf 37c9b1fc5bbba9ce3b3913c84cd7f9d12dea1590 5b0e3f0781dc6c4ce40972f6cc4548e366caf16c58d5ab344b9a7086ddb42503 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english	16 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:13 Last Seen2024-04-25 01:25:15 Times Seen3 Hash d9860852a7fc1ce92b83804962a3021f 4e4a963caa19e572577f36a5b31a9d6c1210b92f 9e5090eed96d3d5d0e1a2a693c0b33bf1ad8314140413ff05ffbe93a9502b6cb Loading...

	alihk.steamproxy.vip/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english	2.9 kB	2023-11-10	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 02:08:22 Last Seen2024-04-25 01:25:15 Times Seen10 Hash ea5ea760708de1b1b0be26c3b40c94c9 df655f117fa8d90d53f6bcb3cae49d9f75fa11ba 383292fe603fe05140870b38f37fb98851b19816f5c1d984501309105c44bb96 Loading...

	alihk.steamproxy.vip/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english	588 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:13 Last Seen2024-04-25 01:25:15 Times Seen3 Hash fd6b96a2f1d2b402837e714654cee3b1 5ed839a29c3f65c21242673b4f5678d94a9edf5b 89d11e3287a1dcdb134fc2d13f06d9c4b6330c1467a5c8f19739850b78b5fd51 Loading...

	alihk.steamproxy.vip/	814 B	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 01:25:14 Last Seen2024-04-25 01:25:14 Times Seen1 Hash bcbebba1ed865589d0cd894f471bccb7 409c8827d3ad1d6fb611e88cf4cb2d18017e1d8f b3a064e5b4723fd26dd336b53ba21d45f69aea0d387a7bdea24855baa9d48549 Loading...

	alihk.steamproxy.vip/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0	16 kB	2023-03-07	2024-05-04
Pretty URL alihk.steamproxy.vip/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-05-04 09:54:17 Times Seen5196 Hash 72938851e7c2ef7b63299eba0c6752cb b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661 Loading...

	alihk.steamproxy.vip/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english	154 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:14 Last Seen2024-04-25 01:25:15 Times Seen2 Hash b703af42985d6630197079ea43fe6b77 d5ec02b2e3c01a1b4d446f27f79754116169a9f0 ca7fd591224f875d1c5d6eb25137b00ded24845194d0b3bdccaa146f77195984 Loading...

	alihk.steamproxy.vip/	158 B	2023-03-08	2024-05-02
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:23:05 Last Seen2024-05-02 00:10:52 Times Seen150 Hash 876d8dfa35d272f923bd6c74b5fadda6 ead0d2543eb5cec28d37d3f1ba64165972bbb33c 56e5d3b4faa73eed6bcb3646991980521731d7786d8226d5e7d132d6f477b8d6 Loading...

	alihk.steamproxy.vip/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english	12 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:14 Last Seen2024-04-25 01:25:15 Times Seen2 Hash 07b8d36cd34ca4b4e42cfc8b1e5f8931 1e2ec6b9a96b0bdc6e3bad5a54e14f2aa32a0ea5 e407e2ec446d92b6f5ccc9feba1752b1ae84d55b5bc8f86e4ce4d3ee1fb4f20b Loading...

	alihk.steamproxy.vip/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english	25 kB	2023-03-08	2024-05-04
Pretty URL alihk.steamproxy.vip/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:04:23 Last Seen2024-05-04 09:54:17 Times Seen2995 Hash a52bc800ab6e9df5a05a5153eea29ffb 8661643fcbc7498dd7317d100ec62d1c1c6886ff 57cfaf9b92c98541f769090cd0229a30013cea7cfafc18519ca654bfae29e14e Loading...

	alihk.steamproxy.vip/	46 B	2023-03-08	2024-05-02
Pretty URL alihk.steamproxy.vip/ IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:23:05 Last Seen2024-05-02 00:10:52 Times Seen150 Hash c8fe540b1a80ea9061274096d1a895e7 c1762692504af73e2769e61f2b8d618ea9655ada 95eef46f501e4037e8ea0520631718089341740893db9a127aae77d477ccbeaf Loading...

	alihk.steamproxy.vip/public/javascript/global.js?v=PyuRtGtUpR0t&l=english	104 kB	2024-04-25	2024-04-25
Pretty URL alihk.steamproxy.vip/public/javascript/global.js?v=PyuRtGtUpR0t&l=english IP 8.217.145.66 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 01:25:14 Last Seen2024-04-25 01:25:14 Times Seen2 Hash a68bf5f17202ba4d60b534c32f4ce535 abd8a11a644da9cbc08b376f3c67f9ce1949547f 14b8b228802ffe602bf55716127e2d273253bf0bc26c61c509ad38570bf35e6c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 97391b2e0838b53b231472226779e051	581 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 01:25:14 Last Seen2024-04-25 01:25:14 Times Seen1 Hash 97391b2e0838b53b231472226779e051 4f1fa4e97a42215a2462870916e5b2c6585e794e 8373cae1f8938c18182e643f3db07d0b484290c10860ce44b24649b8ffc01bc5 Loading...

	#2 Eval - 990583dab5b6565264a16e1cd4e2b311	111 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 01:25:14 Last Seen2024-04-25 01:25:14 Times Seen1 Hash 990583dab5b6565264a16e1cd4e2b311 fefc1e3f8c766319dbb3f7727b4f7a52202f1c1c 9fef1379203e10a9897f1506c46aa749617c26a8c96a63e4ff7a72cf837523a8 Loading...

HTTP Transactions (146)

URL IP Response Size

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/2161700/2aeb189b126f766bb5930f725fbdcdd171a93c56.jpg

172.64.145.151

200 OK

811 B

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/2161700/2aeb189b126f766bb5930f725fbdcdd171a93c56.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
Fingerprint93:35:92:83:13:20:24:C4:7E:7D:FB:1E:FB:23:34:01:4C:4E:A3:35
ValidityWed, 17 Apr 2024 02:31:33 GMT - Tue, 16 Jul 2024 02:31:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 32x32, components 3
Size
811 B (811 bytes)
Hash
b61d7d847e5fc5c36eae14d2d5c9599b
c37640260be695187420f579b7c5c14cd0e81151
15f64209ac6d62629de22f73d1c21e32bb65193f165455b15a3beb33680afeba

HTTP Headers

GET /steamcommunity/public/images/apps/2161700/2aeb189b126f766bb5930f725fbdcdd171a93c56.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:24:41 GMT
content-type: image/jpeg
content-length: 811
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "6579a730-32b"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 13 Dec 2023 12:44:32 GMT
cf-cache-status: HIT
age: 11520663
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799d928b95756ae-OSL
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1113000/295e86f2d5393325f38f33777b357d86e23c751d.jpg

172.64.145.151

200 OK

1.3 kB

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1113000/295e86f2d5393325f38f33777b357d86e23c751d.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
Fingerprint93:35:92:83:13:20:24:C4:7E:7D:FB:1E:FB:23:34:01:4C:4E:A3:35
ValidityWed, 17 Apr 2024 02:31:33 GMT - Tue, 16 Jul 2024 02:31:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 32x32, components 3
Size
1.3 kB (1333 bytes)
Hash
f6203f531234ed82f1858fa4d44e7261
295e86f2d5393325f38f33777b357d86e23c751d
33dddf3070be8211e4738af4d4ccd573429e63193bfbd79f5e09c3a3c9d86339

HTTP Headers

GET /steamcommunity/public/images/apps/1113000/295e86f2d5393325f38f33777b357d86e23c751d.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:24:41 GMT
content-type: image/jpeg
content-length: 1333
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "63c8ceb4-535"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 19 Jan 2023 05:01:40 GMT
cf-cache-status: HIT
age: 99084
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799d928b95856ae-OSL
X-Firefox-Spdy: h2

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1364780/5e1421a150aaded0c7c175bc6f6843eab9a4d27d.jpg

172.64.145.151

200 OK

868 B

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/1364780/5e1421a150aaded0c7c175bc6f6843eab9a4d27d.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
Fingerprint93:35:92:83:13:20:24:C4:7E:7D:FB:1E:FB:23:34:01:4C:4E:A3:35
ValidityWed, 17 Apr 2024 02:31:33 GMT - Tue, 16 Jul 2024 02:31:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 32x32, components 3
Size
868 B (868 bytes)
Hash
3271a6de0f4fbf7e4915dc80ebeeb5a5
80a15bf9c4695cb4dd00f46a2c27a1ba0c519af4
50c10586deca746ceb65bad4447fc06f54c5968082db26954195e3e777e6ce3f

HTTP Headers

GET /steamcommunity/public/images/apps/1364780/5e1421a150aaded0c7c175bc6f6843eab9a4d27d.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:24:41 GMT
content-type: image/jpeg
content-length: 868
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "64f7de67-364"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 06 Sep 2023 02:05:27 GMT
cf-cache-status: HIT
age: 13383100
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799d928b95956ae-OSL
X-Firefox-Spdy: h2

alihk.steamproxy.vip/

8.217.145.66

200 OK

43 kB

URL User Request GET HTTP/1.1
alihk.steamproxy.vip/
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2954), with CRLF, LF line terminators
Size
43 kB (42838 bytes)
Hash
1a3b3ccd28cf38cc82ee5c052334d541
996f8764df743eb50c306e4ae042f99abddda191
70a614569c5ca316f32a39f29fda47e10729adf3a1bc8b36025d848e0c7bdd8b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: sessionid=311e6f0557590b4a3bbdc4a9; Path=/; Secure; SameSite=None
steamCountry=HK%7Ce211b5a36723601efb886f925f398014; Path=/; Secure; HttpOnly; SameSite=None
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/352720/eaa8b85f7f7f5549e45607f48178164906db73de.jpg

172.64.145.151

200 OK

877 B

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steamcommunity/public/images/apps/352720/eaa8b85f7f7f5549e45607f48178164906db73de.jpg
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
Fingerprint93:35:92:83:13:20:24:C4:7E:7D:FB:1E:FB:23:34:01:4C:4E:A3:35
ValidityWed, 17 Apr 2024 02:31:33 GMT - Tue, 16 Jul 2024 02:31:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 32x32, components 3
Size
877 B (877 bytes)
Hash
1dd7b0edf93b9a0a49faeb1bf3314c8d
eaa8b85f7f7f5549e45607f48178164906db73de
919d9999823366bedeab0e2df0d2c53480502cc0fa38f985615181525192bbb4

HTTP Headers

GET /steamcommunity/public/images/apps/352720/eaa8b85f7f7f5549e45607f48178164906db73de.jpg HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:24:41 GMT
content-type: image/jpeg
content-length: 877
cache-control: max-age=315360000, public, max-age=315360000
cf-bgj: h2pri
etag: "65aeb208-36d"
edge-control: !no-store,!bypass-cache,cache-maxage=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 22 Jan 2024 18:20:56 GMT
cf-cache-status: HIT
age: 1175313
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799d929498c56ae-OSL
X-Firefox-Spdy: h2

alihk.steamproxy.vip/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english

8.217.145.66

200 OK

2.6 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2574 bytes)
Hash
f6dad0a6fca1fe01d6fccdc1e19f69ba
3abcdc374ff3f93c6c98470d1892ca96595e2934
6073c39df56c3be0a325c95e17c8fd98ea7c6d25e3d8931b04b33a651e6e4371

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:41 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:41 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english

8.217.145.66

200 OK

34 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
34 kB (33706 bytes)
Hash
d3dcd1803dca5fa03a5e9b08b8d1c2e8
3a56b580f75c3f10249938d4128768e6a0463c80
5116c4d17c581b383c3a2850ad794d80f0bea958935835b2fa5d48fddadbf71d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:41 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:41 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english

8.217.145.66

200 OK

16 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (16439 bytes)
Hash
9a29b4c8a6bc4964c7f9229810051160
55217700513ff6dd3c8516ff183b2aa6f2f28906
bc9284c4e7880d51569710418c2207cc7a68f5e0794b2f320b40921935ce158e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/skin_1/apphub_home.css?v=XOa7G-BGp2xZ&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:42 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:42 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh

8.217.145.66

200 OK

2.5 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2465 bytes)
Hash
8db2ffc24354dbc4b5a7bebbc2b3cdaf
311653110625167fdb4ce22e8f147b717bce6649
e888e754e20a1b354bb45b59a05d7b281fee588a445854116b2bc84620fbf7f0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:42 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:42 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english

8.217.145.66

200 OK

11 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
11 kB (10886 bytes)
Hash
42edc356085581bd2a41a51a660025d7
acbbb77f9d29a8c1aea9b207bb18440338662714
6d7cad088670bbbbb189259f4d2c1e2e7f12eaca712f0331dc506d794dc8659f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/skin_1/apphubs.css?v=roMLV7kDn_sN&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:42 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:42 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english

8.217.145.66

200 OK

6.8 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
6.8 kB (6808 bytes)
Hash
832fad54143eae1a0e30dec4e8fce645
d27e83a431a57d2aba221043bd0f24d55debdbed
e438b52b6547d9428a98edc7d3b40dab4c05362f08b5a7c0e812e118e8561756

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/skin_1/communityhome.css?v=EC98biDaoKUh&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english

8.217.145.66

200 OK

28 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
28 kB (28396 bytes)
Hash
76e075867d3a15b1e49c626b1b6a0ff5
69bb35f379aa5107a81789affa73bb9a47b5224f
26e89c3199fc1d8e54db72c37b0fa5c15a90e151513c11b41a7465e0e229b54d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:42 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:42 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english

8.217.145.66

200 OK

1.1 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1105 bytes)
Hash
e13b66b40ca3d60f58e75e520035c82d
3e0ad520b094c5a6f8dabe50a61275d7efd6ea41
cada2849636e329150348bdee27b6842c31fd4a2a74afc2291ed031cbfaf3c4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/skin_1/apphub_broadcast.css?v=Szj_0XBV602A&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&l=english

8.217.145.66

200 OK

19 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1667), with CRLF, LF line terminators
Size
19 kB (19084 bytes)
Hash
1e489374e776e7258e7278784505cebe
e2f345cdd19a60e659d7540be571cf287ea72dbc
e7d48ecb69042a35dec578ff6f0d26cb4cec58d303738c8f277dbfbc12f604e9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/css/shared_responsive.css?v=eghn9DNyCY67&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english

8.217.145.66

200 OK

3.3 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
3.3 kB (3322 bytes)
Hash
17d6f31eb1efab52da7b1a4372bca30e
d9be26a23727e5358062893df25ddf09e6dfa91a
18a159fdd1e77456faefb7d528c68027e3a8c7edf7c2b96d80c6b73015a8ec01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english

8.217.145.66

200 OK

40 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (4009), with CRLF, LF line terminators
Size
40 kB (39478 bytes)
Hash
17e8d58583510a31ed1fdc5b8024abea
221b4051d36a380541221f2f7618c0c80f928ef0
a154905d8006e686b6be460253c3ae2fcb30b4d8cac0938a9dabce234da4b91e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/globalv2.css?v=pwVcIAtHNXwg&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/applications/community/main.css?v=EyWBqDQS-6jg&l=english

8.217.145.66

200 OK

120 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/applications/community/main.css?v=EyWBqDQS-6jg&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (26986), with CRLF, LF line terminators
Size
120 kB (120179 bytes)
Hash
132581a83412fba8e0fc7e66a84b6ffb
5586269078c874f74b513b2b6aa29ffd2fa8f57e
8ea529711fbd58d915bae3c1905b0676fe1464c2173620576a3e188273e502b0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/applications/community/main.css?v=EyWBqDQS-6jg&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english

8.217.145.66

200 OK

13 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (629), with CRLF line terminators
Size
13 kB (12644 bytes)
Hash
6245f27639db1a62d6f715c3506e943e
650fa9e5f529f1e995dab07ae89236f05aec21ed
5fceb2fe8a42073d506ae69ef6627b6f4ab2e9773bea99e9db8791b8d27b18af

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english

8.217.145.66

200 OK

86 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1819), with CRLF, LF line terminators
Size
86 kB (86096 bytes)
Hash
edefe857f5c422fb7b6a81b4ac41d963
140bc26d5209c521cffe7ce4b3fe90264c9f921c
dc246ee5f7ed1f3282f7794de1fcf8a3153f3181652bf9b39ddc130504ef3a2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw

8.217.145.66

200 OK

169 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
169 kB (169399 bytes)
Hash
6a39e0b509fecb928d47b8a2643fed2a
f67fa6cb1d09963d10ba117d6553c8e7d5bc7863
d8bdea7fff893dbdbeaf6c2affec091a77483b9ec10e7958486bc3b6cc170c96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/prototype-1.7.js?v=.55t44gwuwgvw HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC

8.217.145.66

200 OK

96 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32086), with CRLF line terminators
Size
96 kB (95790 bytes)
Hash
4dc834d16a0d219d5c2b8a5b814569e4
4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0

8.217.145.66

200 OK

16 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
16 kB (16087 bytes)
Hash
72938851e7c2ef7b63299eba0c6752cb
b75196bd3a6f9f4dfc1bbf5e43e96874bcd9ce4e
e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/global.js?v=PyuRtGtUpR0t&l=english

8.217.145.66

200 OK

104 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/global.js?v=PyuRtGtUpR0t&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (9521), with CRLF line terminators
Size
104 kB (103683 bytes)
Hash
a68bf5f17202ba4d60b534c32f4ce535
abd8a11a644da9cbc08b376f3c67f9ce1949547f
14b8b228802ffe602bf55716127e2d273253bf0bc26c61c509ad38570bf35e6c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/global.js?v=PyuRtGtUpR0t&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english

8.217.145.66

200 OK

3.9 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.9 kB (3869 bytes)
Hash
75f321bb2f8bae9ca8e5c4c6d72521bd
8ed540dc9da8c5d7c2bbe390fc663e6de0b1ef0c
92a217685eda5e8319d193142aeadf80ae7a9c9e04a9a365d9cf01078d459985

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop

8.217.145.66

200 OK

122 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
122 kB (122171 bytes)
Hash
39e34882ba4417cb4b1b84916dabb770
0d0ca081fb60c8aad337091bafcbe84f966c38b0
da708635da162ea493874627775c3520a42145b79c73bf787b5113bf87c0b27c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&load=effects,controls,slider,dragdrop HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:43 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:43 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english

8.217.145.66

200 OK

14 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (963), with CRLF line terminators
Size
14 kB (13874 bytes)
Hash
7e41b2b26edb574e0fd795b7f8af7d4f
e08431ca7f63e7c43b87fd041f7d9cab4e4a015b
f8b06f5a4391b01192abdf5f8b9d52632a43bab17d51c2cfa3c4b3fd6124ebe0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/modalContent.js?v=Wd0kCESeJquW&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english

8.217.145.66

200 OK

18 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (342), with CRLF line terminators
Size
18 kB (17729 bytes)
Hash
86342ffa9098af24171ddc3d75c4519e
e6d7bb0d93876842bef32c9bd4dc79692748106a
976e89f2a9ad3478872eab087d56efab6b34ed6d81803f6c9a2893c11fe29b09

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/javascript/apphub.js?v=JSwdk0x7aW5O&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english

8.217.145.66

200 OK

12 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
12 kB (11548 bytes)
Hash
07b8d36cd34ca4b4e42cfc8b1e5f8931
1e2ec6b9a96b0bdc6e3bad5a54e14f2aa32a0ea5
e407e2ec446d92b6f5ccc9feba1752b1ae84d55b5bc8f86e4ce4d3ee1fb4f20b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/apphub_home.js?v=8OrLYcA-XZ3m&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english

8.217.145.66

200 OK

154 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2636), with CRLF line terminators
Size
154 kB (154436 bytes)
Hash
b703af42985d6630197079ea43fe6b77
d5ec02b2e3c01a1b4d446f27f79754116169a9f0
ca7fd591224f875d1c5d6eb25137b00ded24845194d0b3bdccaa146f77195984

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/javascript/shared_global.js?v=XPgJuNunk65I&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english

8.217.145.66

200 OK

15 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
15 kB (14771 bytes)
Hash
2d1b367142b90f78fbeac7b838ba0f74
bb5ce0be68ac8e10548ec29dba57142186ff9dfe
6309753e975222eb6fc8582092237ea3dad2b1b5a18693b35581c4855894dcc9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/javascript/user_reviews.js?v=LRs2cUK5D3j7&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english

8.217.145.66

200 OK

2.9 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.9 kB (2858 bytes)
Hash
ea5ea760708de1b1b0be26c3b40c94c9
df655f117fa8d90d53f6bcb3cae49d9f75fa11ba
383292fe603fe05140870b38f37fb98851b19816f5c1d984501309105c44bb96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/user_reviews_community.js?v=st0tzXwxiGks&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:44 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english

8.217.145.66

200 OK

1.1 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1063 bytes)
Hash
57e9443afc0109744ee29ba402237c07
b53db898d6e36306739e4111c9066a24583aa35c
5d41755d51460bc0bee79a7f57df853e6e0a001c8922e0ee5de67a4eccf5c427

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/communityhome.js?v=8-RwlLlPLHOa&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:45 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:45 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english

8.217.145.66

200 OK

16 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15579), with CRLF, LF line terminators
Size
16 kB (15744 bytes)
Hash
d9860852a7fc1ce92b83804962a3021f
4e4a963caa19e572577f36a5b31a9d6c1210b92f
9e5090eed96d3d5d0e1a2a693c0b33bf1ad8314140413ff05ffbe93a9502b6cb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:45 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:45 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english

8.217.145.66

200 OK

457 B

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (455), with CRLF line terminators
Size
457 B (457 bytes)
Hash
1fc0e266e0c35f24bf232e1015ca7064
dcfa89f38d3bac32a02f28c662cfa4f4855ec8b7
c5527d218ab87fb08c01dbdb65039651a55be1bf70fb19aef70930c2e81c7698

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/localization/loyaltyrewards_manifest.js?v=H8DiZuDDXyS_&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:45 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:45 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english

8.217.145.66

200 OK

25 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
25 kB (24657 bytes)
Hash
a52bc800ab6e9df5a05a5153eea29ffb
8661643fcbc7498dd7317d100ec62d1c1c6886ff
57cfaf9b92c98541f769090cd0229a30013cea7cfafc18519ca654bfae29e14e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunfWg&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:45 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:45 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english

8.217.145.66

200 OK

588 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65371), with CRLF, LF line terminators
Size
588 kB (587784 bytes)
Hash
fd6b96a2f1d2b402837e714654cee3b1
5ed839a29c3f65c21242673b4f5678d94a9edf5b
89d11e3287a1dcdb134fc2d13f06d9c4b6330c1467a5c8f19739850b78b5fd51

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:45 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:45 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english

8.217.145.66

200 OK

927 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65371), with CRLF, LF line terminators
Size
927 kB (926672 bytes)
Hash
546b6f3cb36f8aeacf0c062ed04e05cf
37c9b1fc5bbba9ce3b3913c84cd7f9d12dea1590
5b0e3f0781dc6c4ce40972f6cc4548e366caf16c58d5ab344b9a7086ddb42503

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:45 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:45 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/responsive/header_logo.png

8.217.145.66

200 OK

11 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/responsive/header_logo.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced
Size
11 kB (10863 bytes)
Hash
a4e79c73ee13cb25b60fc4b0ba1f690c
b690c31b2eb1b0eb085e91aaae7e79f03debe7c1
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/responsive/header_logo.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/images/skin_1/ico_external_link.gif

8.217.145.66

200 OK

63 B

URL GET HTTP/1.1
alihk.steamproxy.vip/public/images/skin_1/ico_external_link.gif
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 8 x 8
Size
63 B (63 bytes)
Hash
d1c5aa274c0f681d02317d33026e93d2
07ce7ddd50b6c56dc35a08128a161cdd78c08be4
563401248387cb3cf47d04e1dda78508467889ce4ebb80d24a074e0c24a0183c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/images/skin_1/ico_external_link.gif HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/images/x9x9.gif

8.217.145.66

200 OK

58 B

URL GET HTTP/1.1
alihk.steamproxy.vip/public/images/x9x9.gif
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 9 x 9
Size
58 B (58 bytes)
Hash
c85b970b4c832e361445c1b446cc2343
57e60c2f1f1f919a871b7c171c6d59d42e3adbe5
5ce28d7cf05f0e6eeaa3788a393d9980e9b51130963c6b9672d3447b6b11de6d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/images/x9x9.gif HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/header/logo_steam.svg?t=962016

8.217.145.66

200 OK

3.7 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/header/logo_steam.svg?t=962016
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3684 bytes)
Hash
b7a7e43284e2ffe806ac1bc27c1f6a87
e8196489e2ae99ec6eb33995b5a3e108d6e44de0
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/header/logo_steam.svg?t=962016 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Expires: Fri, 24 May 2024 23:24:46 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/images/login/throbber.gif

8.217.145.66

200 OK

3.2 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/images/login/throbber.gif
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 32 x 32
Size
3.2 kB (3208 bytes)
Hash
928e54c4c9683d8dd32867ee992d73c4
83b3252952e1e8c98deb5e6eb64e150c594dd97b
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/images/login/throbber.gif HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-N: S
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/responsive/header_menu_hamburger.png

8.217.145.66

200 OK

3.8 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/responsive/header_menu_hamburger.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3777 bytes)
Hash
eabc76eb57feae44add7faead028521e
4e3e53938fad15661d2d046a868338841a95db19
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/header/btn_header_installsteam_download.png?v=1

8.217.145.66

200 OK

291 B

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/header/btn_header_installsteam_download.png?v=1
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced
Size
291 B (291 bytes)
Hash
a2796187c58c7e948159e37d6990ecc2
4209cd85add507247f9ce5a87a8c9095b54ee417
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/responsive/logo_valve_footer.png

8.217.145.66

200 OK

1.8 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/responsive/logo_valve_footer.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1846 bytes)
Hash
574c350c7b23ae794d5276f8580e0838
235c7b35c3468f8915eca01f7abdb43d34079609
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/responsive/logo_valve_footer.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:46 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english

8.217.145.66

200 OK

16 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15579), with CRLF, LF line terminators
Size
16 kB (15744 bytes)
Hash
d9860852a7fc1ce92b83804962a3021f
4e4a963caa19e572577f36a5b31a9d6c1210b92f
9e5090eed96d3d5d0e1a2a693c0b33bf1ad8314140413ff05ffbe93a9502b6cb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/manifest.js?v=2YYIUqf8HOkr&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:46 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:46 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english

8.217.145.66

200 OK

927 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65371), with CRLF, LF line terminators
Size
927 kB (926672 bytes)
Hash
546b6f3cb36f8aeacf0c062ed04e05cf
37c9b1fc5bbba9ce3b3913c84cd7f9d12dea1590
5b0e3f0781dc6c4ce40972f6cc4548e366caf16c58d5ab344b9a7086ddb42503

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/libraries~b28b7af69.js?v=VGtvPLNviurP&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:47 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:47 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english

8.217.145.66

200 OK

588 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65371), with CRLF, LF line terminators
Size
588 kB (587784 bytes)
Hash
fd6b96a2f1d2b402837e714654cee3b1
5ed839a29c3f65c21242673b4f5678d94a9edf5b
89d11e3287a1dcdb134fc2d13f06d9c4b6330c1467a5c8f19739850b78b5fd51

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/main.js?v=c4UneKQJS7M3&l=english HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:48 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:48 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015

8.217.145.66

200 OK

124 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansMedium4.015;Plau;MotivaSans
Size
124 kB (124048 bytes)
Hash
2d64caa5ecbf5e42cbb766ca4d85e90e
147420abceb4a7fd7e486dddcfe68cda7ebb3a18
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/fonts/MotivaSans-Medium.ttf?v=4.015 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:47 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Expires: Fri, 24 May 2024 23:24:47 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

cdn.cloudflare.steamstatic.com/steam/apps/1364780/page_bg_generated_v6b.jpg?t=1713234725

172.64.145.151

200 OK

40 kB

URL GET HTTP/2
cdn.cloudflare.steamstatic.com/steam/apps/1364780/page_bg_generated_v6b.jpg?t=1713234725
IP
172.64.145.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerLet's Encrypt
Subjectcloudflare.steamstatic.com
Fingerprint93:35:92:83:13:20:24:C4:7E:7D:FB:1E:FB:23:34:01:4C:4E:A3:35
ValidityWed, 17 Apr 2024 02:31:33 GMT - Tue, 16 Jul 2024 02:31:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1438x810, components 3
Size
40 kB (40328 bytes)
Hash
0e8be6f5076629a21de01cfb79ea5636
42c17ef23ef744ac014dc2b7817cfae1fdf96862
7d3030b4bec38d090479c129c77ef4b79d41545d48a53a921d1518cda6a1adb5

HTTP Headers

GET /steam/apps/1364780/page_bg_generated_v6b.jpg?t=1713234725 HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:24:48 GMT
content-type: image/jpeg
content-length: 40328
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-bgj: h2pri
etag: "661de323-9d88"
expires: Tue, 30 Apr 2024 02:33:05 GMT
last-modified: Tue, 16 Apr 2024 02:32:03 GMT
cf-cache-status: HIT
age: 145885
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799d952dfd956ae-OSL
X-Firefox-Spdy: h2

alihk.steamproxy.vip/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015

8.217.145.66

200 OK

123 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright � 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansRegular4.015;Plau;MotivaSan
Size
123 kB (122684 bytes)
Hash
57613e143ff3dae10f282e84a066de28
88756cc8c6db645b5f20aa17b14feefb4411c25f
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:47 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Expires: Fri, 24 May 2024 23:24:47 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/images//sharedfiles/searchbox_workshop_submit.gif

8.217.145.66

200 OK

1.4 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/images//sharedfiles/searchbox_workshop_submit.gif
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 23 x 18
Size
1.4 kB (1418 bytes)
Hash
05fb65c97a9a5a8ae214129b1179cd41
b9646bed2952c2a908ee7bbba96331919cd6e43a
ecb79b1ea1675b180662b87e2eb7236ac5fe55ee3f37cbb5432202d3a17232a0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/images//sharedfiles/searchbox_workshop_submit.gif HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-N: S
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:48 GMT
proxy: 1
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b

8.217.145.66

200 OK

186 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65256), with CRLF, LF line terminators
Size
186 kB (186346 bytes)
Hash
60c10b9abbe5656168a720c2e7f1b0e1
1a7736039bd90ef256e75ea163ccf9bfa39a88d7
e0e99c89d83102183596223ee92a92679822701995a4182e84485a22776c08d2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/localization/shared_english-json.js?contenthash=5ecf6a2294724519e96b HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:48 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:48 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1

8.217.145.66

200 OK

124 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (987), with CRLF line terminators
Size
124 kB (124182 bytes)
Hash
3ffefb603966e1ae6dec75c27c5dd713
7b66ece2bba78ce0d2ca20dcec8a268bd6cf389b
b0370a98a92ff89edb2836d7182c617c921f1a19d51dfe26ef1568ea4b47fe43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apps/allcontenthome?l=english&browsefilter=trend&appHubSubSection=11&forceanon=1 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.7
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 24 Apr 2024 23:25:06 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5

8.217.145.66

200 OK

172 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64904), with CRLF, LF line terminators
Size
172 kB (171828 bytes)
Hash
a99aa0016856b81bf5b861c09e2069ef
88b0b42e87b8728cda331e8a6974793f8d96c937
8ec82f426012eee212dcd2fc1c68106023ecaf5f38c1ad84b1033ffab4c65c00

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/localization/sales_english-json.js?contenthash=78c2664709aeddc975e5 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:48 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:48 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac

8.217.145.66

200 OK

216 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65358), with CRLF, LF line terminators
Size
216 kB (216070 bytes)
Hash
7b5ab9ccf90fe3fb2c29a2e872b17867
519549b19f5f36d438ba999d6e3e98565d8a8085
b3f281d912e7fcc3b278ffdf3568d3fcaa8fc3e50cbf6c3219ac0e361f14a0ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/localization/main_english-json.js?contenthash=981ff3a076acb28928ac HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:48 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:48 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/userreviews/icon_thumbsUp.png?v=1

8.217.145.66

200 OK

2.1 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/userreviews/icon_thumbsUp.png?v=1
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2103 bytes)
Hash
70dd94db2cc784ee7d1d4e711e1c4260
f04a6007da546006b008b1a7d143b4dcb4a3147a
16d0421c9b126ba66695653318780cbd30fef1fe2093f9135eeb323a37143a1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/userreviews/icon_thumbsUp.png?v=1 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:49 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images//award_icon_blue.svg

8.217.145.66

200 OK

2.4 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images//award_icon_blue.svg
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2386 bytes)
Hash
ffbf4a94d94a5fd3849d3583f2567f54
58be3d7cdd61e323c08b5986b8d89b71167e4f85
06f503b84511c712ac8105d8c0cbb72923ed4b53ff67fead87c6415209a8aa06

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images//award_icon_blue.svg HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Expires: Fri, 24 May 2024 23:24:49 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/play_icon80.png

8.217.145.66

200 OK

2.2 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/play_icon80.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 80 x 55, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2184 bytes)
Hash
080c457af88ef213cf315af1221f74c2
44c7475d69e1f3d8780b6f638960b670c2c0fa58
47cca726b04188ab33a403ac206822b96d6789fe5ff568ddcbd9ba972688f6d4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/play_icon80.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:49 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2479870538038204291/41D783C4DBB19EAF25EB8DBFA6EFE980C8E3FCD8/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2479870538038204291/41D783C4DBB19EAF25EB8DBFA6EFE980C8E3FCD8/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2479870538038204291/41D783C4DBB19EAF25EB8DBFA6EFE980C8E3FCD8/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2465233205275156075/CA15247D9E6E58B8F36BE5B55E11DB40993700C6/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2465233205275156075/CA15247D9E6E58B8F36BE5B55E11DB40993700C6/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2465233205275156075/CA15247D9E6E58B8F36BE5B55E11DB40993700C6/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2467485005100792190/6F392A67AE95DA842351D96ACDC0202AD15C598E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2467485005100792190/6F392A67AE95DA842351D96ACDC0202AD15C598E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2467485005100792190/6F392A67AE95DA842351D96ACDC0202AD15C598E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images//award_icon.svg

8.217.145.66

200 OK

2.4 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images//award_icon.svg
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2386 bytes)
Hash
a18a9120d299fbf5953c745b46a06b8f
0cfaed4059d25bf42acb01b720c0afcfe75282c6
aa429f60089cc6fa4f5157ac0a842c5295740280f69f156f68898849beff799d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images//award_icon.svg HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Expires: Fri, 24 May 2024 23:24:49 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2509143301638183227/5F5129B755D8903B2284A985C4D4061512A430FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2509143301638183227/5F5129B755D8903B2284A985C4D4061512A430FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2509143301638183227/5F5129B755D8903B2284A985C4D4061512A430FF/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2495633136734386304/3EB3980E9B361D5B3D2D07191661A8DB1970CA34/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2495633136734386304/3EB3980E9B361D5B3D2D07191661A8DB1970CA34/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2495633136734386304/3EB3980E9B361D5B3D2D07191661A8DB1970CA34/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2487751913646202088/27353D6E4FAFE2C8C6EB04866E4178E5F23494E7/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2487751913646202088/27353D6E4FAFE2C8C6EB04866E4178E5F23494E7/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2487751913646202088/27353D6E4FAFE2C8C6EB04866E4178E5F23494E7/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=28f31dbe47f6b6412c17

8.217.145.66

200 OK

60 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=28f31dbe47f6b6412c17
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (59433), with CRLF, LF line terminators
Size
60 kB (59598 bytes)
Hash
d0d459d4d4df61a0fab32223833fd78b
96cbd6172bd1cb434ad72d530c70b6c6c351d72d
46f33dac5be5905239dad727fe9ddafc1ec4c9de0963334c85fd4ebb62290df2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/libraries~c7a3fa389.js?contenthash=28f31dbe47f6b6412c17 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:49 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/libraries~4b330692b.js?contenthash=32fdb0c2c16cbd1f7255

8.217.145.66

200 OK

26 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/libraries~4b330692b.js?contenthash=32fdb0c2c16cbd1f7255
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (25789), with CRLF, LF line terminators
Size
26 kB (25954 bytes)
Hash
9da7864b460064cdf22a8136256e4e3b
2b0ba7b2898437a7165bf7a39ecd55bf3fd0b9bd
055f45fa4d73dae60d6608a620a51c4d39799380dc1230ac19cd6a0b94f0fb78

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/libraries~4b330692b.js?contenthash=32fdb0c2c16cbd1f7255 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:49 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e

8.217.145.66

200 OK

18 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17427), with CRLF, LF line terminators
Size
18 kB (17592 bytes)
Hash
48b546bab618497b37de775b2595b5c8
79d9f52dc406057947d3615fed0f6231f18ea706
75373ea9632bdc4ee2ceabc0d94500dc5f6642bc06fec386ecba2285a120d6db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/chunk~906a41d8e.js?contenthash=bc65a674fca36dfbad5e HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:49 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/css/applications/community/communityawardsapp.css?contenthash=9697f81cbeeb8cd9b3dc

8.217.145.66

200 OK

18 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/css/applications/community/communityawardsapp.css?contenthash=9697f81cbeeb8cd9b3dc
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (10476), with CRLF, LF line terminators
Size
18 kB (18020 bytes)
Hash
31869693d352d644e6f5ec47a6fbde6b
89dbb3cc6afb83288d55a2f19907f7791ba7a06f
32fe829a2100907418aa0c1339794071d5c9ffd1de8117e4e519c0628eb7e082

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/css/applications/community/communityawardsapp.css?contenthash=9697f81cbeeb8cd9b3dc HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:50 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/chunk~4b330692b.js?contenthash=555ff2496b7cbfc4085c

8.217.145.66

200 OK

36 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/chunk~4b330692b.js?contenthash=555ff2496b7cbfc4085c
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (36120), with CRLF, LF line terminators
Size
36 kB (36285 bytes)
Hash
451f8e7d6f95c349625abc0e94b4adca
8f34df4239961cc0236f729bb968b4132d41543e
45a8dea1a8daf298239e156eb4325ea8b1fc594deefda87faa2d3f73fe3f3aa0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/chunk~4b330692b.js?contenthash=555ff2496b7cbfc4085c HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:49 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:49 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/javascript/applications/community/communityawardsapp.js?contenthash=afc3d1cf46d793a7e76b

8.217.145.66

200 OK

404 B

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/communityawardsapp.js?contenthash=afc3d1cf46d793a7e76b
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF, LF line terminators
Size
404 B (404 bytes)
Hash
b2f6a8c5b3eaaa783bdf855768b01107
05e67f0f4d77d2b5aca615304997506cfcdf62e8
443006c451aa8fecf8082b78d4a2444486cd15e334caf1205af4a99e7a892d40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/communityawardsapp.js?contenthash=afc3d1cf46d793a7e76b HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:50 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8581 bytes)
Hash
d492e9e260f306a0227da1aa3692c9b3
768b835c8d92192bfe8c694bb5c3d601f8a8340e
7dfc737b8256f5e40988bc1d547e68c88964245b41aeb83026fc7aa3671cff52

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8581
Date: Wed, 24 Apr 2024 23:24:50 GMT
Connection: keep-alive
Set-Cookie: sessionid=d44dd021f777a5a99c7c9528; Path=/; Secure; SameSite=None
steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439; Path=/; Secure; HttpOnly; SameSite=None

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8593 bytes)
Hash
f5f5dfcf2617776e83801416e009f5c5
8d96c9b1e8e02262c59825912007867d427e3368
73b2b3310bc710bbdf0d14514ae0b56f509eba0c7712c53659696faa52bac5dd

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8593
Date: Wed, 24 Apr 2024 23:24:50 GMT
Connection: keep-alive
Set-Cookie: sessionid=a641be873137a73c84b15d8c; Path=/; Secure; SameSite=None
steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439; Path=/; Secure; HttpOnly; SameSite=None

alihk.steamproxy.vip/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85

8.217.145.66

200 OK

14 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14143), with CRLF, LF line terminators
Size
14 kB (14308 bytes)
Hash
308513cd7ca43945fa1deee02515c9a1
8ba5433f073b855f0d30e09e8619bcc193924f4d
cba9ae0a2844b3caa01e094c56e6439758bd20f4f3515626b86b56d5867a0ac3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/javascript/applications/community/navevents.js?contenthash=637ad4060aaa08d3ae85 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:50 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
474d6fe3d1ea6927e2fffaea20723456
aea87d53b7c0998fc9512b3edde0744a39cf2ad4
dab2d9ce51746ecb31c536b79eabe586f36cb9baec2cf3b8179d5aac5a34f666

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:50 GMT
Connection: keep-alive
Set-Cookie: sessionid=b86820985daa55e5ec4eaf11; Path=/; Secure; SameSite=None
steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439; Path=/; Secure; HttpOnly; SameSite=None

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8581 bytes)
Hash
4a07afd28ff797ca543e6f026e2302be
5f61120006f7efc7d524435a9a4f92dbc2ef49d1
f2f20b8d7595f1b59d34fcaf78c829a36b61c85418f5aa62dc4bb9bfdbdfc054

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8581
Date: Wed, 24 Apr 2024 23:24:50 GMT
Connection: keep-alive
Set-Cookie: sessionid=5ca8b5b98248ea08fb07601b; Path=/; Secure; SameSite=None
steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439; Path=/; Secure; HttpOnly; SameSite=None

alihk.steamproxy.vip/ugc/2520402300708949198/FF0A21C4B4DA14893DD0E6A742450028F41CB87E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2520402300708949198/FF0A21C4B4DA14893DD0E6A742450028F41CB87E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2520402300708949198/FF0A21C4B4DA14893DD0E6A742450028F41CB87E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2492254803037774146/7343831F74CE594584E0B0EDCF644AE7CD98FFB0/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2492254803037774146/7343831F74CE594584E0B0EDCF644AE7CD98FFB0/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2492254803037774146/7343831F74CE594584E0B0EDCF644AE7CD98FFB0/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2527157700149982484/29C1DB3D20878DCF62A939D53FECAE7BA6E0360E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2527157700149982484/29C1DB3D20878DCF62A939D53FECAE7BA6E0360E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2527157700149982484/29C1DB3D20878DCF62A939D53FECAE7BA6E0360E/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2465233205274445019/10A89336FAE057F58D56AFC82E2BEFBDE6A56981/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2465233205274445019/10A89336FAE057F58D56AFC82E2BEFBDE6A56981/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2465233205274445019/10A89336FAE057F58D56AFC82E2BEFBDE6A56981/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8580 bytes)
Hash
60071d8efb0046815625d8ffeeefd964
4de0080b4a7e75817f08e129b7de826b9ce7f328
efe0ca8ac98e51020f6a636b780bace2bce50fadbd2ceab98faac6c50c0b4886

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8580
Date: Wed, 24 Apr 2024 23:24:50 GMT
Connection: keep-alive
Set-Cookie: sessionid=aecb2cbf7f593f0690fe0d71; Path=/; Secure; SameSite=None
steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439; Path=/; Secure; HttpOnly; SameSite=None

alihk.steamproxy.vip/ugc/2468610904973101004/DF3C343AE45635F94891C268E2A236386DC4B9F2/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2468610904973101004/DF3C343AE45635F94891C268E2A236386DC4B9F2/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2468610904973101004/DF3C343AE45635F94891C268E2A236386DC4B9F2/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8577 bytes)
Hash
e8e8a60eccf0d85c01e13e467a67357d
ac5d58ca2f760e97fadef446efda056438dbefd0
577a6fc7bc779463c759149816f096d0ccc1f6f19d4988dcf06d66f3c850e311

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=5ca8b5b98248ea08fb07601b; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8577
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
0c9450ae1ef46f6f6b10339ad8f9225e
2cb1005bf4108a284a4dd7b8a8f3b0c66f26ac65
e37f3afb78242b346f610155334ad8c16b45cc9a8bf5a7522642280038f5c2d8

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=5ca8b5b98248ea08fb07601b; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
9fd8408ebed17899595c94c955fe9e17
e0be10a916b5751c5633cfe53e8a6f934860169b
9f4e0e2bbf1c5b81ab36e667b6e2dcfcf819733035fda56874f8a153feeec3f7

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=5ca8b5b98248ea08fb07601b; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
89944bf137ce649c0910357ae29a659d
945b6556ddaa84fb7f46794341e8aab16fab06ab
37a4b2260d00f7fcd5263ae1cde3dfe4e098885245ec9034c5a5c213a5194470

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8581 bytes)
Hash
b851d7d4ddeaa1acd2d429d4f35c3cc6
72cfba3814d8e6814295c929fba59f75ecb66851
eeeb5c6bb925338ef7b5b47ca37e6cca1b5c53bdf558e928d46a01c3ec41012e

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=5ca8b5b98248ea08fb07601b; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8581
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2467485715234421658/9B32A353B0F43E8DAA6CCA7530D8A0F9C82F54BA/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2467485715234421658/9B32A353B0F43E8DAA6CCA7530D8A0F9C82F54BA/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2467485715234421658/9B32A353B0F43E8DAA6CCA7530D8A0F9C82F54BA/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2492255437017714949/FBEC80586794896CB6896819A0428DDF3EBCC562/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2492255437017714949/FBEC80586794896CB6896819A0428DDF3EBCC562/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2492255437017714949/FBEC80586794896CB6896819A0428DDF3EBCC562/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8575 bytes)
Hash
42ed00743406a6de40bd826114aed6d2
816a0ae642669a41230a76ad101c881a5f75b3a5
91d1aca4659462eecd0be0e004655ab849dba6bd29a348dc58d239a8a2531c98

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8575
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2492255437017722431/BFEC2F9976E6C7EBBEDD66D327568C67CF5F7F72/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2492255437017722431/BFEC2F9976E6C7EBBEDD66D327568C67CF5F7F72/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2492255437017722431/BFEC2F9976E6C7EBBEDD66D327568C67CF5F7F72/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2492255437017685841/37E17FEEDB21C8693F6A9CDCFF5C7C50F5C36747/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2492255437017685841/37E17FEEDB21C8693F6A9CDCFF5C7C50F5C36747/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2492255437017685841/37E17FEEDB21C8693F6A9CDCFF5C7C50F5C36747/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2492255437017697984/37E17FEEDB21C8693F6A9CDCFF5C7C50F5C36747/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2492255437017697984/37E17FEEDB21C8693F6A9CDCFF5C7C50F5C36747/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2492255437017697984/37E17FEEDB21C8693F6A9CDCFF5C7C50F5C36747/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2515899411265518080/561B2F5ABF7FD2566D0B6EA09AA9719C560168A3/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2515899411265518080/561B2F5ABF7FD2566D0B6EA09AA9719C560168A3/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2515899411265518080/561B2F5ABF7FD2566D0B6EA09AA9719C560168A3/?imw=512&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8587 bytes)
Hash
ae29af1ca8fc6eade11a511788ce665b
803d3ebd5d50d27259fd1d96cd98f04cc6b9eda8
eb487e76403cad0f14020d07f83973958da98f50bae4bef7259064b081863734

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8587
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
28cb6f5ee10a1bd0fecc497e8d1e67a1
0be2dec7338f35ec5e70b0c7d8c5a5f156336957
87349c5f1aeb21848acd07e9141017a927048838d0e31d426337bd4ebd39cc93

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8577 bytes)
Hash
4a638d02548cecd6a07370d043c7412f
94dcf020d2940702bf38f1b3aa8bb72254989623
b556ae4c31e62b02d80866d48cc4e5fece169cd819d80bc1a37e969896893dea

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8577
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
26e6dea476924f1a19da4ec57a7c659a
967fb0ac933c55d0e007c8ddbfe38a69a39a2dc2
139b659d08514c04ff9b0434cca9fa89471f2beb3eccc530a7e2387a9f57d207

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2494507309730984519/0E6AF1322649762082384C2A52214F70B2BE7949/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2494507309730984519/0E6AF1322649762082384C2A52214F70B2BE7949/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2494507309730984519/0E6AF1322649762082384C2A52214F70B2BE7949/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8578 bytes)
Hash
cc8db93381e9a333a06f31f87950e62b
7a9ff4d35baa527e3ccf8e1ca5842c6d7926c2e1
7ae872c5f855fbb35d5c5f7814bef3d60e021ee3c59d7195b1b6a441e6cc2395

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8578
Date: Wed, 24 Apr 2024 23:24:51 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8581 bytes)
Hash
aaf64d10dc35df11ed82b3ca32a14d97
7ed1d3a8b515fc0e497968043fa5cf00c6401120
3e44ab8aa8c5f393b457b59b86f352c6635ced3bc4ceb22663ee3a6bd32831c6

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8581
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2488877813550356057/397C099D56FD5BBD7BBF398E85E74ADAEDD6A4CC/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2488877813550356057/397C099D56FD5BBD7BBF398E85E74ADAEDD6A4CC/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2488877813550356057/397C099D56FD5BBD7BBF398E85E74ADAEDD6A4CC/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2511395811689664147/C39FD294948E8A1A23793560F0764D5CA5D3858A/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2511395811689664147/C39FD294948E8A1A23793560F0764D5CA5D3858A/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2511395811689664147/C39FD294948E8A1A23793560F0764D5CA5D3858A/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2509144011939108274/D49B5324B74CB45B4EA6ABEE79E658D0B61B80D8/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2509144011939108274/D49B5324B74CB45B4EA6ABEE79E658D0B61B80D8/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2509144011939108274/D49B5324B74CB45B4EA6ABEE79E658D0B61B80D8/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2460730315830590300/41ABC64C9C7095CAD05B9AAFE7E969CFB5C7EB6D/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2460730315830590300/41ABC64C9C7095CAD05B9AAFE7E969CFB5C7EB6D/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2460730315830590300/41ABC64C9C7095CAD05B9AAFE7E969CFB5C7EB6D/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2486626013583238319/7CFDE638B14041C0A91C5CD293F2609DB1AD4BFF/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2486626013583238319/7CFDE638B14041C0A91C5CD293F2609DB1AD4BFF/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2486626013583238319/7CFDE638B14041C0A91C5CD293F2609DB1AD4BFF/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8575 bytes)
Hash
03d7579ad2ce08ba37c15164c3d1dc27
04d8e5ab8eb9650672b81b36e8eaa6a341e9915d
60f915f22c70d096262d7140a16d87f606383f35d3e2a772b41b966d9341b9ba

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8575
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8574 bytes)
Hash
eacf6a373499c5c715218220fc215958
4e0bd26180fb429b00a30e7554547ae3e8d4637c
1302ca28018f48527f7efe9dcbe6ac3d60b80fd6d5fd9a6fdf3db014e3ec73ce

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8574
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8579 bytes)
Hash
e5087550c45b17154a60e2af2568d63a
3b0891a6dfed76617f50f70991fc192464e6ac62
8ef99504c0d67c6de1c1914f78b5eb37ea7f430e269d41769ce39011d9e34a75

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8579
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8585 bytes)
Hash
09e5fe1d911bcc134a902f62eb1b2ed8
5ecd7c3ec8433f5c9cc4c40812a8225a1a59454e
183573c74a627a1ac3a278286e1dc292533f0de6ccc2e3fa623dd18bdb317978

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8585
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8587 bytes)
Hash
34ea69777146a541b76fa6eb92080f34
f0289e8716927d19e9c44c4eab5194e2f6da60dc
19e3c69be1914c51835df5990b2764d498d5da382d143793a16df7916cc307b0

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8587
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2486626013583235565/814E58254CFBFF5891B9878A463876789B568E21/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2486626013583235565/814E58254CFBFF5891B9878A463876789B568E21/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2486626013583235565/814E58254CFBFF5891B9878A463876789B568E21/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8574 bytes)
Hash
81e663513e56b007a59803a6d9cd0140
5c48722c0d66f4bccb32d5a7b73db1b66b15a2d6
17ed696f53fa85b64253168e6b66501798ed8a153b50ae8777bb72462a958994

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8574
Date: Wed, 24 Apr 2024 23:24:52 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2486626013583237016/3EF6A2E83DC6E16AC22B26E6E133A491EF8F4568/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2486626013583237016/3EF6A2E83DC6E16AC22B26E6E133A491EF8F4568/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2486626013583237016/3EF6A2E83DC6E16AC22B26E6E133A491EF8F4568/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2486626013583237728/1679031569187618CB346AF35DB496A1F3E3E901/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2486626013583237728/1679031569187618CB346AF35DB496A1F3E3E901/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2486626013583237728/1679031569187618CB346AF35DB496A1F3E3E901/?imw=1920&&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2521528200609867172/B75A639903634656CF2A5DDDBD3908930B7974A1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2521528200609867172/B75A639903634656CF2A5DDDBD3908930B7974A1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2521528200609867172/B75A639903634656CF2A5DDDBD3908930B7974A1/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2513646901259555059/EF67BBC3C8B07EDF41A2E361F48AD8EBE68BDD2F/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2513646901259555059/EF67BBC3C8B07EDF41A2E361F48AD8EBE68BDD2F/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2513646901259555059/EF67BBC3C8B07EDF41A2E361F48AD8EBE68BDD2F/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/ugc/2496758402660041612/BE58F4535583986331FC60402555E85AD9BD9D27/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2496758402660041612/BE58F4535583986331FC60402555E85AD9BD9D27/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2496758402660041612/BE58F4535583986331FC60402555E85AD9BD9D27/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8575 bytes)
Hash
8fb82fabbd9193f7fd99941cfa9a32ec
9b09aa9c4a060aae2cfa9edb148be35324922bc0
82dfa962a607b5db141fd42d40f0ffd7dceaae7cf78162e3c1e1f31e4b1114f8

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8575
Date: Wed, 24 Apr 2024 23:24:53 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8586 bytes)
Hash
5e8119a743264221807c5bc61818e956
ef4831975e65b22d79c3c2e6942b7dc93844a353
7a8ad5b94136c26011f7f723435765667c0b1bd052a751c13052af8031562339

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8586
Date: Wed, 24 Apr 2024 23:24:53 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8578 bytes)
Hash
e1865c9c629cf3d97840fe4a6135198f
ae44e5ba820c1465ad62a559541a6e4409bbee9c
891d487aec5fd276b3acada01b18249ebb8e75620201b88653c5d043b91879ca

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8578
Date: Wed, 24 Apr 2024 23:24:53 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8580 bytes)
Hash
e6dd33ffeb19a18eb269e9d13fe83acc
8b5c6f45a20698149528731128da7a767508e1f9
b3ea56af75a0643c4c8a024e14a18376348db85c66da2d5a483e10a55ef8b096

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8580
Date: Wed, 24 Apr 2024 23:24:53 GMT
Connection: keep-alive

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8578 bytes)
Hash
396b916c9f9594c5eafc0090b2f19039
54ba45b3a91671d018afdfa082f28fa661f3a673
f2f2573bff31ce4844cf0e3d8cda0b875bc9869105d5b9afdd118866affd5537

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8578
Date: Wed, 24 Apr 2024 23:24:53 GMT
Connection: keep-alive

alihk.steamproxy.vip/ugc/2492254803043329711/18B3EFBE9AA7236CDA4C8B85FF7045C4972891F5/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true

8.217.145.66

0 B

URL GET
alihk.steamproxy.vip/ugc/2492254803043329711/18B3EFBE9AA7236CDA4C8B85FF7045C4972891F5/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true
IP
8.217.145.66:0
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ugc/2492254803043329711/18B3EFBE9AA7236CDA4C8B85FF7045C4972891F5/?imw=128&imh=128&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=true HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://steamcommunity.com
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: 
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

img.youtube.com/vi/BEBL3rRzCuw/0.jpg

142.250.74.110

200 OK

7.7 kB

URL GET HTTP/2
img.youtube.com/vi/BEBL3rRzCuw/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
7.7 kB (7660 bytes)
Hash
d74fa1103f0c13fd32427765a9175357
da63e5b5091c53e903172b81e756ff5455167e3d
6ff66290ce60446937b28f2dd7d019dc21f0326078c4fa206196ad23972ff940

HTTP Headers

GET /vi/BEBL3rRzCuw/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 7660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:24:43 GMT
expires: Wed, 24 Apr 2024 23:29:43 GMT
cache-control: public, max-age=300
age: 10
etag: "0"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/zfs0D5Ai444/0.jpg

142.250.74.110

200 OK

4.5 kB

URL GET HTTP/2
img.youtube.com/vi/zfs0D5Ai444/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
4.5 kB (4464 bytes)
Hash
1d9b759251d84a921135d90bb7d90c4b
57fad442814e97751d20def70ba782bdd56ce30a
c6f6417c07fd43feb4edf8365186a82512c09f9b48b3c6940eaebeb41e769479

HTTP Headers

GET /vi/zfs0D5Ai444/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 4464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:23:13 GMT
expires: Wed, 24 Apr 2024 23:28:13 GMT
cache-control: public, max-age=300
age: 100
etag: "0"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/AlVs1SAVQww/0.jpg

142.250.74.110

200 OK

35 kB

URL GET HTTP/2
img.youtube.com/vi/AlVs1SAVQww/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
35 kB (35226 bytes)
Hash
75883d22faa44609e2f56dafd7fc2d76
eda5acbcb699dbc39059ad3cc1ff78c8eeef1db4
e1a2adc7985890d77299f959be45253669e86665e27676ca3d50586ec76d4685

HTTP Headers

GET /vi/AlVs1SAVQww/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 35226
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:21:57 GMT
expires: Thu, 25 Apr 2024 01:21:57 GMT
cache-control: public, max-age=7200
etag: "1713706686"
content-type: image/jpeg
vary: Origin
age: 176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/tWliLYZbDwI/0.jpg

142.250.74.110

200 OK

7.0 kB

URL GET HTTP/2
img.youtube.com/vi/tWliLYZbDwI/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
7.0 kB (7023 bytes)
Hash
eb0e23524cf152d6cb8e0988d900d225
99ee6a8775d60741978f113d3a4c353b5d4c8d4e
b9e4ed2ab8053ee39feda567ac17352e5dc62629ae530933138464045dd0edac

HTTP Headers

GET /vi/tWliLYZbDwI/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 7023
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:24:43 GMT
expires: Wed, 24 Apr 2024 23:29:43 GMT
cache-control: public, max-age=300
age: 10
etag: "0"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/Oi41CzxhodE/0.jpg

142.250.74.110

200 OK

26 kB

URL GET HTTP/2
img.youtube.com/vi/Oi41CzxhodE/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
26 kB (26225 bytes)
Hash
8a3be02e80a699bfa6e38a7c62ad4229
e6936141e4939acd158040c8f7778aaa6b94ad0c
d7252007a384397396f4167a4474309d796bfe35d4f77712817852241076c523

HTTP Headers

GET /vi/Oi41CzxhodE/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26225
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:15:47 GMT
expires: Thu, 25 Apr 2024 01:15:47 GMT
cache-control: public, max-age=7200
etag: "1713374551"
content-type: image/jpeg
vary: Origin
age: 546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/YfCnPDQ0338/0.jpg

142.250.74.110

200 OK

13 kB

URL GET HTTP/2
img.youtube.com/vi/YfCnPDQ0338/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
13 kB (12739 bytes)
Hash
14709856a438cd97c50f73e7bf3f9653
f4bf82bf1df4917721db006f7eb505a67f1f46dc
73b5a764192c1586b0570a0fa4f28b396d70dd5d1c6b3ebfbcec0719afae3d77

HTTP Headers

GET /vi/YfCnPDQ0338/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 12739
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:21:57 GMT
expires: Thu, 25 Apr 2024 01:21:57 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/uhCmrxOJJz8/0.jpg

142.250.74.110

200 OK

9.4 kB

URL GET HTTP/2
img.youtube.com/vi/uhCmrxOJJz8/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
9.4 kB (9432 bytes)
Hash
01071c45833863909add83da2a0f0f37
08bb60457c455b8f7830e1f5a94a9051f2db71eb
1d80274e7a78f9cc17e4a26e97f170f8f85728840da334220147e94449a4271d

HTTP Headers

GET /vi/uhCmrxOJJz8/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 9432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 22:37:56 GMT
expires: Thu, 25 Apr 2024 00:37:56 GMT
cache-control: public, max-age=7200
age: 2817
etag: "0"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/kCLIq1_LAZ4/0.jpg

142.250.74.110

200 OK

14 kB

URL GET HTTP/2
img.youtube.com/vi/kCLIq1_LAZ4/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
14 kB (13457 bytes)
Hash
fae5196fed19105053ad427e871e5941
da4cd9f14a6f9e4ac55c7bacad8ced6b2db5d49b
9c629282d15a5958bbfa5a0fb900e5b944107cfb8252eff48a037f770943e8c7

HTTP Headers

GET /vi/kCLIq1_LAZ4/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 13457
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:17:46 GMT
expires: Thu, 25 Apr 2024 01:17:46 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/k4IkTc0FQoo/0.jpg

142.250.74.110

200 OK

7.7 kB

URL GET HTTP/2
img.youtube.com/vi/k4IkTc0FQoo/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
7.7 kB (7708 bytes)
Hash
987e92f8f2e155f11786c2962d2bde5e
4a568fbdc9f8dcfd185468b17eb6c84bba40f0c9
97600e3dcb360e75429eacb6e35bb3c91b708c55a47095bb3bf86ea3f9e31521

HTTP Headers

GET /vi/k4IkTc0FQoo/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 7708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:03:25 GMT
expires: Thu, 25 Apr 2024 01:03:25 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 1288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/bG8EtdubkAM/0.jpg

142.250.74.110

200 OK

5.5 kB

URL GET HTTP/2
img.youtube.com/vi/bG8EtdubkAM/0.jpg
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
5.5 kB (5504 bytes)
Hash
27e56bb46173d32bbb93570b923bb3e2
82bed83e57566649a3cc007e928a73b3a0186376
22b02c854f8517dbd1f4fecc0643634df5685a038e85a580ce870381db618240

HTTP Headers

GET /vi/bG8EtdubkAM/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 5504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:18:47 GMT
expires: Thu, 25 Apr 2024 01:18:47 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8581 bytes)
Hash
a63180b78d8fe6f2a2d6df0c2150c5e2
873d855a4147730b7214d81a3a5a858176e4bbb7
4ee6ea4e5e79aaba32000af83f8742b4e3c3ab896431799e753956af983a38a7

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Cookie: sessionid=aecb2cbf7f593f0690fe0d71; steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8581
Date: Wed, 24 Apr 2024 23:24:53 GMT
Connection: keep-alive

alihk.steamproxy.vip/favicon.ico

8.217.145.66

200 OK

39 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/favicon.ico
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Size
39 kB (38554 bytes)
Hash
231913fdebabcbe65f4b0052372bde56
553909d080e4f210b64dc73292f3a111d5a0781f
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:53 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 24 May 2024 23:24:53 GMT
Agent: MTcyLjE2LjE5My4yMDkK
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
proxy: 1
Cache-Control: max-age=2592000
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

steamcommunity.com/

2.16.174.204

8.6 kB

URL GET
steamcommunity.com/
IP
2.16.174.204:0
ASN
#16625 AKAMAI-AS

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert Inc
Subjectstore.steampowered.com
Fingerprint03:15:62:D2:00:87:A3:66:F2:B1:19:C5:E4:F1:A5:48:63:D8:80:91
ValidityTue, 05 Dec 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3034), with CRLF, LF line terminators
Size
8.6 kB (8589 bytes)
Hash
7d52aaadf23c8aa187d13f5555568ccc
43a3337e2fccbded49be9a379ec735c8a6940715
236a1d3a1fc934691fbc7cd241008e49c6f42574a9a3fd495a57d4bf91144136

HTTP Headers

GET / HTTP/1.1
Host: steamcommunity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alihk.steamproxy.vip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060 https://steamvideo-a.akamaihd.net/; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8589
Date: Wed, 24 Apr 2024 23:24:54 GMT
Connection: keep-alive
Set-Cookie: sessionid=9eaff04cc7839a8636787ef1; Path=/; Secure; SameSite=None
steamCountry=NO%7Cd7cfb5f1dfa69eeeff168d015a9b3439; Path=/; Secure; HttpOnly; SameSite=None

alihk.steamproxy.vip/public/shared/images/comment_quoteicon.png

8.217.145.66

200 OK

417 B

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/comment_quoteicon.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
417 B (417 bytes)
Hash
2e6556310cf788abcc905dc522fe8375
f721b02abedca660d17f7c7d2f38aac2a89e4155
32285e351f9647f9b357aa997d5e1f6c1c521dac197bee998b17041ee5297d7d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/comment_quoteicon.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/4-star.png

8.217.145.66

200 OK

3.5 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/4-star.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3475 bytes)
Hash
99b0b7ce794818eb24dd6d5287588936
ae4ad007ad10371bf4a35f1d4ae2b871d2b809e7
e957985b47c64e1d65ec3c377170d5c0bbea810eab863824f305838493be7427

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/4-star.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/buttons/icons_16.png?v=5

8.217.145.66

200 OK

6.7 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/buttons/icons_16.png?v=5
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 320 x 32, 8-bit/color RGBA, non-interlaced
Size
6.7 kB (6719 bytes)
Hash
49b920ca1495fc302a0ed1515ce53491
6cce254202c4dc378cf31aaa7d05c8538267f078
472165755644972c17e4bbaf1300926ab99724d95599415b2ea7f9c16a27737c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/buttons/icons_16.png?v=5 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/item_type_hover.png?v=1

8.217.145.66

200 OK

2.8 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/item_type_hover.png?v=1
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2792 bytes)
Hash
2024f24380b48b22d0d1dd5664452b7a
120a6cbbb2c3f97099b573978b810d6d33389e40
9f60fa47c8e46e872dbdd2b8b2c4bfeed0f1db835ac3c6cb83740ffc17b9015c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/item_type_hover.png?v=1 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/icons/icon_rate.png

8.217.145.66

200 OK

1.1 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/icons/icon_rate.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1131 bytes)
Hash
96c60098e888af1bc5ae43c93034b017
44317b6e92c020c7b467737df6702858972830d8
101dcaab2ad4a31c11dbd87a661b1324c5dd52b43a1ea814234f5bbc78993286

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/icons/icon_rate.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/not-yet.png

8.217.145.66

200 OK

2.4 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/not-yet.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2441 bytes)
Hash
9467cd36fa8d637f6025e405a8a8ee81
8d028c12f3ef3edbecfafe5217c734003b739967
1396ffd3fdda47e9634bbaaffa5c1b8fa3dafbeef347fa2504e2c636ef316636

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/not-yet.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/5-star.png

8.217.145.66

200 OK

3.6 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/5-star.png
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 81 x 14, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3607 bytes)
Hash
956d1961cfd6b92681f8dc0dc564d926
c0cd9a97d29d1c01741b6041abead05dd50bdfdd
bbb200e8e328fc92a566bca5227e0cdcf7121a15f4dc1bb88184d8efe661b79e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/5-star.png HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub_images.css?v=_0CllnFpmuY6&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

alihk.steamproxy.vip/public/shared/images/apphubs/bg_workshopitem.png?v=1

8.217.145.66

200 OK

24 kB

URL GET HTTP/1.1
alihk.steamproxy.vip/public/shared/images/apphubs/bg_workshopitem.png?v=1
IP
8.217.145.66:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://alihk.steamproxy.vip/
Certificate
IssuerDigiCert, Inc.
Subject*.steamproxy.vip
Fingerprint0B:6C:33:41:A0:B2:F1:40:7B:FF:02:6D:ED:BB:26:BE:A3:60:14:88
ValidityWed, 10 Jan 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type
PNG image data, 305 x 126, 8-bit/color RGBA, non-interlaced
Size
24 kB (24341 bytes)
Hash
480ab236d2cca062e8d1e623887e465e
6c16204ee617e33b7472dd0010d7f5f3dfaadc7c
bff63013b4aeb2d2a71f3fbdca0360da66289022fb70ac9914db529113bc7e9e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/shared/images/apphubs/bg_workshopitem.png?v=1 HTTP/1.1
Host: alihk.steamproxy.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alihk.steamproxy.vip/public/shared/css/apphub.css?v=VZMHNMxv89Ym&l=english
Cookie: sessionid=311e6f0557590b4a3bbdc4a9; steamCountry=HK%7Ce211b5a36723601efb886f925f398014; timezoneOffset=0,0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.19.3.2
Date: Wed, 24 Apr 2024 23:24:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Agent: MTcyLjE2LjE5My4yMDkK
Cache-Control: max-age=2592000
x-proxy-agent: true
strict-transport-security: max-age=15724800; includeSubDomains
Expires: Fri, 24 May 2024 23:24:54 GMT
proxy: 1
access-control-allow-origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML