urlscan.io logo urlscan.io
SecurityTrails logo

www.steamheihao.tk Open in urlscan Pro
107.173.70.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.steamheihao.tk/
Submission Tags: @phishunt_io
Submission: On October 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 20 HTTP transactions. The main IP is 107.173.70.131, located in United States and belongs to AS-COLOCROSSING, US. The main domain is www.steamheihao.tk.
TLS certificate: Issued by R3 on October 6th 2022. Valid for: 3 months.
This is the only time www.steamheihao.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 107.173.70.131 36352 (AS-COLOCR...)
1 39.156.66.111 9808 (CHINAMOBI...)
1 2600:9000:230... 16509 (AMAZON-02)
2 240e:ff:f100:... 4816 (CHINANET-...)
1 120.52.95.235 133119 (UNICOM-CN...)
1 2a00:1450:400... 15169 (GOOGLE)
1 220.185.164.250 136190 (CHINATELE...)
1 1 123.99.198.123 58461 (CT-HANGZH...)
1 2.18.168.46 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 113.96.208.98 4134 (CHINANET-...)
20 11
7    107.173.70.131 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-173-70-131-host.colocrossing.com
www.steamheihao.tk
1    39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
libs.baidu.com
1    2600:9000:2304:5600:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
lib.baomitu.com
2    240e:ff:f100:8019::ae (China)

ASN4816 (CHINANET-IDC-GD China Telecom Group, CN)
yzf.qq.com
1    120.52.95.235 (China)

ASN133119 (UNICOM-CN China Unicom IP network, CN)
cdn.bootcss.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    220.185.164.250 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
v1.cnzz.com
1    123.99.198.123 (China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)
api.uomg.com
1    2.18.168.46 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-46.deploy.static.akamaitechnologies.com
ae01.alicdn.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    113.96.208.98 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
yzf.qq.com
Apex Domain
Subdomains		 Transfer
7 steamheihao.tk
www.steamheihao.tk
20 KB
3 qq.com
yzf.qq.com — Cisco Umbrella Rank: 786725
7 KB
2 gstatic.com
fonts.gstatic.com
26 KB
1 alicdn.com
ae01.alicdn.com — Cisco Umbrella Rank: 5576
601 B
1 uomg.com
api.uomg.com
369 B
1 cnzz.com
v1.cnzz.com — Cisco Umbrella Rank: 68888
438 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 bootcss.com
cdn.bootcss.com — Cisco Umbrella Rank: 44308
7 KB
1 baomitu.com
lib.baomitu.com — Cisco Umbrella Rank: 121018
37 KB
1 baidu.com
libs.baidu.com — Cisco Umbrella Rank: 50597
34 KB
0 ilt.me Failed
player.ilt.me Failed
0 qlogo.cn Failed
q1.qlogo.cn Failed
20 12
Domain Requested by
7 www.steamheihao.tk www.steamheihao.tk
3 yzf.qq.com www.steamheihao.tk
yzf.qq.com
2 fonts.gstatic.com fonts.googleapis.com
1 ae01.alicdn.com www.steamheihao.tk
1 api.uomg.com 1 redirects
1 v1.cnzz.com www.steamheihao.tk
1 fonts.googleapis.com www.steamheihao.tk
1 cdn.bootcss.com www.steamheihao.tk
1 lib.baomitu.com www.steamheihao.tk
1 libs.baidu.com www.steamheihao.tk
0 player.ilt.me Failed www.steamheihao.tk
0 q1.qlogo.cn Failed www.steamheihao.tk
20 12

This site contains links to these domains. Also see Links.

Domain
jq.qq.com
www.fkwfz.tk
www.d24f1.tk
Subject Issuer Validity Valid
www.steamheihao.tk
R3		 2022-10-06 -
2023-01-04		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.baomitu.com
WoTrus DV Server CA [Run by the Issuer]		 2022-04-26 -
2023-04-26		 a year crt.sh
yzf.qq.com
DigiCert Secure Site CN CA G3		 2022-03-09 -
2023-04-09		 a year crt.sh
*.bootcss.com
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-01-11 -
2023-02-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.steamheihao.tk/
Frame ID: FED1C2EF2CF184F60A36C2A5C15BC250
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

d24f1导航页 - 专业steam账号

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

36 %
IPv6

12
Domains

12
Subdomains

11
IPs

4
Countries

132 kB
Transfer

271 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://api.uomg.com/api/rand.img2?sort=%E7%BE%8E%E5%A5%B3 HTTP 302
  • https://ae01.alicdn.com/kf/HTB1vOP_Xq1s3KVjSZFt761LOpXa1.png

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.steamheihao.tk/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
64ce30fc1118866d227e613abea2f2c8442d6cda3cb28454b6b9785407e367e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 06 Oct 2022 19:55:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
main.css
www.steamheihao.tk/assets/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.steamheihao.tk/assets/css/main.css
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
9ca5d20860366747d7ae9ac33a8f2518efb11e9e5e473cf753370632c4bd3942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 07 May 2020 15:53:54 GMT
server
nginx
etag
W/"5eb42f12-83b5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 07 Oct 2022 07:55:18 GMT
g
q1.qlogo.cn/ 		0
0
jquery.min.js
libs.baidu.com/jquery/1.11.3/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.baidu.com/jquery/1.11.3/jquery.min.js
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
Security Headers
Name Value
Strict-Transport-Security max-age=87600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 19:55:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=87600
Last-Modified
Wed, 03 Jun 2015 05:58:22 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sat, 05 Nov 2022 19:55:19 GMT
skel.min.js
www.steamheihao.tk/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.steamheihao.tk/assets/js/skel.min.js
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
f7ba1190cd3e49ae94ce72079d2c485fd9e923cd1d8082151f57ff740739c0a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 07 May 2020 15:53:54 GMT
server
nginx
etag
W/"5eb42f12-237f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 07 Oct 2022 07:55:18 GMT
util.js
www.steamheihao.tk/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.steamheihao.tk/assets/js/util.js
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
a65af6f23a3a9c5829455cf4d3c6a124256615d3e780bed0d9018262cb397af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 07 May 2020 15:53:54 GMT
server
nginx
etag
W/"5eb42f12-32db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 07 Oct 2022 07:55:18 GMT
main.js
www.steamheihao.tk/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.steamheihao.tk/assets/js/main.js
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
043f259b4cadf85e855d3aa797ffab31fbcafea85d79382e135d005b047764c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 07 May 2020 15:53:54 GMT
server
nginx
etag
W/"5eb42f12-23f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 07 Oct 2022 07:55:18 GMT
bootstrap.min.js
lib.baomitu.com/twitter-bootstrap/3.3.7/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:5600:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 04:33:26 GMT
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
kcs-via
MISS from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit
1
x-amz-cf-pop
VIE50-P1
age
1351314
x-cache
Hit from cloudfront
content-length
37045
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"5943be6f01e50b21"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
x-amz-cf-id
jKe_LUDuSJyWvbravOXaNAyu1DpntoQNRiOUfCJDPZiYLHy8HnxKxA==
expires
Sat, 18 Sep 2032 04:33:26 GMT
yzf_chat.min.js
yzf.qq.com/xv/web/static/chat_sdk/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yzf.qq.com/xv/web/static/chat_sdk/yzf_chat.min.js
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ff:f100:8019::ae , China, ASN4816 (CHINANET-IDC-GD China Telecom Group, CN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
d35c86310548464591389c1f56cfc3f7973d761e1259b5fdda28e88816811384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Dec 2019 02:59:01 GMT
server
nginx/1.12.2
etag
W/"5e0967f5-2c55"
content-type
application/javascript
cache-control
max-age=86400
x-xss-protection
1
x-request-id
f3b8493c3db62f3a9da88ec8b22c8ace
expires
Fri, 07 Oct 2022 19:55:22 GMT
player.js
player.ilt.me/player/js/ 		0
0
font-awesome.min.css
cdn.bootcss.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.52.95.235 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software
openresty /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

ohc-file-size
6176
x-log
X-Log
date
Thu, 06 Oct 2022 19:55:21 GMT
content-encoding
gzip
via
CHN-HElangfang-AREACUCC1-CACHE14[3],CHN-HElangfang-AREACUCC1-CACHE5[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE76[71],CHN-TJ-GLOBAL1-CACHE19[0,TCP_HIT,54]
x-ccdn-cachettl
31536000
x-svr
IO
age
11507119
x-reqid
Oi8AAAA7m7yaKt0W
nginx-hit
1
content-transfer-encoding
binary
content-disposition
inline; filename="font-awesome.min.css"; filename*=utf-8''font-awesome.min.css
nginx-vary
Accept-Encoding
content-length
6176
ohc-cache-hit
tj4ct74 [2], tjctcache57 [2], qdix74 [2]
last-modified
Tue, 16 Feb 2016 04:14:08 GMT
server
openresty
etag
"FhLWhhB13o4pMmX_b_A7HzrctEx2.gz"
access-control-max-age
2592000
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
x-ccdn-expires
20028881
accept-ranges
bytes
timing-allow-origin
*
x-hcs-proxy-type
1
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea86e169b91916c261b3174e6d21b9a571beeec3d05f1c11fd9da071bebc04c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Oct 2022 19:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 19:55:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Oct 2022 19:55:18 GMT
z_stat.php
v1.cnzz.com/ 		0
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.cnzz.com/z_stat.php?id=1278649006&show=pic1
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.steamheihao.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 06 Oct 2022 19:55:22 GMT
content-encoding
gzip
via
cache36.l2cn1836[63,62,200-0,M], cache53.l2cn1836[64,0], cache19.cn4100[80,80,200-0,M], cache2.cn4100[82,0]
last-modified
Thu, 06 Oct 2022 19:55:22 GMT
server
Tengine
x-swift-cachetime
3599
x-powered-by
PHP/5.5.25
vary
Accept-Encoding
ali-swift-global-savetime
1665086122
content-type
application/javascript
x-cache
MISS TCP_REFRESH_MISS dirn:16:394293718
cache-control
max-age=1800,s-maxage=3600
x-swift-savetime
Thu, 06 Oct 2022 19:55:23 GMT
timing-allow-origin
*
eagleid
dcb9a49616650861229288032e
HTB1vOP_Xq1s3KVjSZFt761LOpXa1.png
ae01.alicdn.com/kf/
Redirect Chain
  • https://api.uomg.com/api/rand.img2?sort=%E7%BE%8E%E5%A5%B3
  • https://ae01.alicdn.com/kf/HTB1vOP_Xq1s3KVjSZFt761LOpXa1.png
203 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/HTB1vOP_Xq1s3KVjSZFt761LOpXa1.png
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Server
2.18.168.46 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-46.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
9355763f4a032b954591b24b46f1f85431a19f6afdbe53e0bf6b2214a68eb159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:24 GMT
x-swift-error
orig response 4XX error
x-swift-cachetime
0
x-swift-savetime
Thu, 06 Oct 2022 19:55:24 GMT
content-length
203
cdn-type
alibaba
server
Tengine
ali-swift-global-savetime
1665086124
content-type
image/jpeg
traceid
2ff6179d16650861245788902e
access-control-allow-origin
*
cache-control
max-age=10
served-from
2.23.97.228
timing-allow-origin
*, *
network_info
DE_NURNBERG_201011
from-req-dns-type
NA
eagleid
2ff6179d16650861245788902e
expires
Thu, 06 Oct 2022 19:55:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Oct 2022 19:55:22 GMT
server
nginx
access-control-allow-methods
GET,POST
content-type
text/html,application/json; charset=utf-8
location
https://ae01.alicdn.com/kf/HTB1vOP_Xq1s3KVjSZFt761LOpXa1.png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
x-requested-with,content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.steamheihao.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 19:24:52 GMT
x-content-type-options
nosniff
age
88229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 19:24:52 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.steamheihao.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 19:24:52 GMT
x-content-type-options
nosniff
age
88229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:54:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 19:24:52 GMT
overlay.png
www.steamheihao.tk/assets/images/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.steamheihao.tk/assets/images/overlay.png
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:23 GMT
server
nginx
content-length
548
content-type
text/html
52cx.jpg
www.steamheihao.tk/assets/images/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.steamheihao.tk/assets/images/52cx.jpg
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.173.70.131 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-173-70-131-host.colocrossing.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:23 GMT
server
nginx
content-length
548
content-type
text/html
get_h5_channel_css
yzf.qq.com/xv/web/user_manage/h5_channel/ 		77 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yzf.qq.com/xv/web/user_manage/h5_channel/get_h5_channel_css?sign=
Requested by
Host: yzf.qq.com
URL: https://yzf.qq.com/xv/web/static/chat_sdk/yzf_chat.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.96.208.98 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
49cc80ad1a564bb75dfee47d9d51d3250f019e6b0b6427fcfeae3e2bcea2e615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:43 GMT
x-content-type-options
nosniff
server
nginx/1.12.2
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
ALLOWALL
vary
Origin
access-control-allow-headers
*
content-length
77
x-xss-protection
1
x-request-id
f11ef36f98f1b0caa5691e2cb7b0b326
chat-btn.png
yzf.qq.com/xv/web/static/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yzf.qq.com/xv/web/static/img/chat-btn.png
Requested by
Host: www.steamheihao.tk
URL: https://www.steamheihao.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ff:f100:8019::ae , China, ASN4816 (CHINANET-IDC-GD China Telecom Group, CN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
a072db3ed7332694919f9fb9a65a1907625b1a7fa9c92114ca0fad74e20dfded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.steamheihao.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2019 04:01:43 GMT
server
nginx/1.12.2
etag
W/"5cc7c8a7-654"
content-type
image/png
cache-control
max-age=86400
x-xss-protection
1
x-request-id
f9a9c391fb8cc621928c7f8dec3f16ee
expires
Fri, 07 Oct 2022 19:55:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
q1.qlogo.cn
URL
https://q1.qlogo.cn/g?b=qq&nk=3176147537&s=160
Domain
player.ilt.me
URL
https://player.ilt.me/player/js/player.js

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| skel function| onorientationchange object| jQuery1113006429675580133543 object| yzf

2 Cookies

Domain/Path Name / Value
www.steamheihao.tk/ Name: PHPSESSID
Value: rb693sh8h5e0t3c4gg4479lkui
.baidu.com/ Name: BAIDUID_BFESS
Value: E19E2CDD45602064B452E660355E188F:FG=1

7 Console Messages

Source Level URL
Text
security warning URL: https://www.steamheihao.tk/
Message:
Mixed Content: The page at 'https://www.steamheihao.tk/' was loaded over HTTPS, but requested an insecure element 'http://q1.qlogo.cn/g?b=qq&nk=3176147537&s=160'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.steamheihao.tk/(Line 56)
Message:
Mixed Content: The page at 'https://www.steamheihao.tk/' was loaded over HTTPS, but requested an insecure element 'http://q1.qlogo.cn/g?b=qq&nk=3176147537&s=160'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://www.steamheihao.tk/(Line 56)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z_stat.php?id=1278649006&show=pic1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.steamheihao.tk/(Line 56)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z_stat.php?id=1278649006&show=pic1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.steamheihao.tk/assets/images/overlay.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.steamheihao.tk/assets/images/52cx.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ae01.alicdn.com/kf/HTB1vOP_Xq1s3KVjSZFt761LOpXa1.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae01.alicdn.com
api.uomg.com
cdn.bootcss.com
fonts.googleapis.com
fonts.gstatic.com
lib.baomitu.com
libs.baidu.com
player.ilt.me
q1.qlogo.cn
v1.cnzz.com
www.steamheihao.tk
yzf.qq.com
player.ilt.me
q1.qlogo.cn
107.173.70.131
113.96.208.98
120.52.95.235
123.99.198.123
2.18.168.46
220.185.164.250
240e:ff:f100:8019::ae
2600:9000:2304:5600:1d:80d9:9400:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:830::200a
39.156.66.111
043f259b4cadf85e855d3aa797ffab31fbcafea85d79382e135d005b047764c5
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
49cc80ad1a564bb75dfee47d9d51d3250f019e6b0b6427fcfeae3e2bcea2e615
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
64ce30fc1118866d227e613abea2f2c8442d6cda3cb28454b6b9785407e367e8
9355763f4a032b954591b24b46f1f85431a19f6afdbe53e0bf6b2214a68eb159
9ca5d20860366747d7ae9ac33a8f2518efb11e9e5e473cf753370632c4bd3942
a072db3ed7332694919f9fb9a65a1907625b1a7fa9c92114ca0fad74e20dfded
a65af6f23a3a9c5829455cf4d3c6a124256615d3e780bed0d9018262cb397af7
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
d35c86310548464591389c1f56cfc3f7973d761e1259b5fdda28e88816811384
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea86e169b91916c261b3174e6d21b9a571beeec3d05f1c11fd9da071bebc04c8
f7ba1190cd3e49ae94ce72079d2c485fd9e923cd1d8082151f57ff740739c0a8