admin.csgowzone.ru
Open in
urlscan Pro
188.225.45.128
Public Scan
Submitted URL: http://admin.csgowzone.ru/
Effective URL: http://admin.csgowzone.ru/index.php?srv_id=1
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 12 via api from DE — Scanned from DE
Effective URL: http://admin.csgowzone.ru/index.php?srv_id=1
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 12 via api from DE — Scanned from DE
Summary
This website contacted 7 IPs
in 3 countries
across 6 domains to perform 15 HTTP transactions.
The main IP is 188.225.45.128, located in
St Petersburg, Russian Federation and
belongs to TIMEWEB-AS, RU.
The main domain is admin.csgowzone.ru.
This is the only time admin.csgowzone.ru was scanned on urlscan.io!
This is the only time admin.csgowzone.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 3 | 188.225.45.128 188.225.45.128 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
| 2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
| 2 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2606:4700::68... 2606:4700::6812:1634 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 2606:4700::68... 2606:4700::6810:7eaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 6 | 2606:4700:e6:... 2606:4700:e6::ac40:ca1c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 15 | 7 |
3
188.225.45.128
(St Petersburg, Russian Federation)
ASN9123 (TIMEWEB-AS, RU)
PTR: 1318096-cy40772.tw1.ru
ASN9123 (TIMEWEB-AS, RU)
PTR: 1318096-cy40772.tw1.ru
| admin.csgowzone.ru |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 4529 |
189 KB |
| 3 |
csgowzone.ru
1 redirects
admin.csgowzone.ru |
4 KB |
| 2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 1037 |
12 KB |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368 |
27 KB |
| 2 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2767 |
41 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 749 |
24 KB |
| 15 | 6 |
| Domain | Requested by | |
|---|---|---|
| 6 | ka-f.fontawesome.com |
kit.fontawesome.com
|
| 3 | admin.csgowzone.ru |
1 redirects
admin.csgowzone.ru
|
| 2 | unpkg.com |
1 redirects
admin.csgowzone.ru
|
| 2 | cdn.jsdelivr.net |
admin.csgowzone.ru
|
| 2 | stackpath.bootstrapcdn.com |
admin.csgowzone.ru
|
| 1 | kit.fontawesome.com |
admin.csgowzone.ru
|
| 1 | code.jquery.com |
admin.csgowzone.ru
|
| 15 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
| *.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://admin.csgowzone.ru/index.php?srv_id=1
Frame ID: 734F7462C915F09206F236BE07CA5E1A
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Статистика онлайна админовPage URL History Show full URLs
-
http://admin.csgowzone.ru/
HTTP 302
http://admin.csgowzone.ru/index.php?srv_id=1 Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
SweetAlert
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- sweet(?:-)?alert(?:\.min)?\.js
SweetAlert2
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /npm/sweetalert2@([\d.]+)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://admin.csgowzone.ru/
HTTP 302
http://admin.csgowzone.ru/index.php?srv_id=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
- https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
index.php
admin.csgowzone.ru/ Redirect Chain
|
23 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ |
156 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
admin.csgowzone.ru/css/ |
312 B 466 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.4.1.slim.min.js
code.jquery.com/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7232054638.js
kit.fontawesome.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/ Redirect Chain
|
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweetalert2@9
cdn.jsdelivr.net/npm/ |
66 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| Popper object| bootstrap object| FontAwesomeKitConfig function| setImmediate function| clearImmediate function| swal function| sweetAlert function| Sweetalert2 function| SweetAlert function| Swal function| selectserver function| select_filter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
admin.csgowzone.ru
cdn.jsdelivr.net
code.jquery.com
ka-f.fontawesome.com
kit.fontawesome.com
stackpath.bootstrapcdn.com
unpkg.com
188.225.45.128
2001:4de0:ac18::1:a:2b
2606:4700::6810:7eaf
2606:4700::6812:1634
2606:4700::6812:acf
2606:4700:e6::ac40:ca1c
2a04:4e42::485
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
82774cb45a5c2bf19df77217d4c65ead255c43836dd617da9dd42644ab3d9638
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
bb3d68f27a20856509acae1a7d00d19d5b5b67a56353a4a4984a58d3af680478
c3b5524adec599f7961621d57ee8cc06190d8ab1469f9e46b7f9cc8e56fb386f
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda