Submitted URL: https://csgo7.com.cn/
Effective URL: https://181skins.com/?code=google
Submission Tags: phishingrod
Submission: On February 25 via api from DE — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 163.181.56.156, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is 181skins.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 1st 2022. Valid for: a year.
This is the only time 181skins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 163.181.56.156 24429 (TAOBAO Zh...)
5 2
Apex Domain
Subdomains
Transfer
3 181skins.com
181skins.com
api.181skins.com Failed
206 KB
1 591box.net
www.591box.net
476 B
1 csgo7.com.cn
csgo7.com.cn
467 B
5 3
Domain Requested by
3 181skins.com 181skins.com
1 www.591box.net 1 redirects
1 csgo7.com.cn 1 redirects
0 api.181skins.com Failed 181skins.com
5 4

This site contains no links.

Subject Issuer Validity Valid
www.181skins.com
Encryption Everywhere DV TLS CA - G1
2022-11-01 -
2023-11-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://181skins.com/?code=google
Frame ID: 15B381C7F3E6154C014708C66436A66D
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

郴州网创电商服务有限公司-181skins开箱网-csgo饰品交易平台,高爆率盲盒游戏体验

Page URL History Show full URLs

  1. https://csgo7.com.cn/ HTTP 301
    https://www.591box.net/ HTTP 301
    https://181skins.com/?code=google Page URL

Page Statistics

5
Requests

60 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

206 kB
Transfer

646 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://csgo7.com.cn/ HTTP 301
    https://www.591box.net/ HTTP 301
    https://181skins.com/?code=google Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
181skins.com/
Redirect Chain
  • https://csgo7.com.cn/
  • https://www.591box.net/
  • https://181skins.com/?code=google
580 B
1 KB
Document
General
Full URL
https://181skins.com/?code=google
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.156 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1fc1ed61cc75ae1637dbc01478b6d815d038601c9ed04b454d1cecee09d6d69
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
928772
ali-swift-global-savetime
1676426008
content-length
580
content-md5
sSPtqFd0+xA3oKMfhl/Lbg==
content-type
text/html
date
Wed, 15 Feb 2023 01:53:28 GMT
eagleid
2ff62b1c16773547801564293e
etag
"B123EDA85774FB1037A0A31F865FCB6E"
last-modified
Wed, 15 Feb 2023 01:29:11 GMT
server
Tengine
strict-transport-security
max-age=5184000
timing-allow-origin
*
via
cache20.l2de2[0,0,200-0,H], cache14.l2de2[0,0], ens-cache10.de4[0,0,200-0,H], ens-cache4.de4[5,0]
x-cache
HIT TCP_HIT dirn:9:198883491
x-oss-cdn-auth
success
x-oss-hash-crc64ecma
17152758537345228618
x-oss-object-type
Normal
x-oss-request-id
63EC3B18818A31343153F2A3
x-oss-server-side-encryption
AES256
x-oss-server-time
3
x-oss-storage-class
Standard
x-swift-cachetime
2328884
x-swift-savetime
Sat, 18 Feb 2023 02:58:44 GMT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
79f2fc07f8ab2bcf-FRA
date
Sat, 25 Feb 2023 19:52:58 GMT
expires
Sat, 25 Feb 2023 20:52:58 GMT
location
https://181skins.com/?code=google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2QzlivcB20h82iDDGp161WkfZRtE7VlR6BZOqhGR%2Fp67VjeqZOLHcSqlhy2Tww1MMf13LtPm%2Br%2F4NMJKTAad9iHS1O2WMH21f8DiuJN5KzUaUwmq6GmVO47FoL4CKkx2BL0yktPktA6SIAwoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.dae2fcc3.js
181skins.com/assets/
415 KB
146 KB
Script
General
Full URL
https://181skins.com/assets/index.dae2fcc3.js
Requested by
Host: 181skins.com
URL: https://181skins.com/?code=google
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.156 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
31167eb38368623860752c34e8f71785002fb6455ba4d7263c1affb0111a929b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
https://181skins.com/?code=google
Origin
https://181skins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Wed, 15 Feb 2023 01:35:03 GMT
content-encoding
gzip
x-oss-request-id
63EC36C79BB9203337006C5B
via
cache25.l2de2[0,0,200-0,H], cache15.l2de2[2,0], ens-cache1.de4[0,2,200-0,H], ens-cache4.de4[10,0]
content-md5
9P9QlITiYjjQ4CopMnlCCA==
age
929877
x-swift-cachetime
1691617
x-cache
HIT TCP_HIT dirn:8:354048006
x-oss-cdn-auth
success
x-swift-savetime
Sat, 25 Feb 2023 11:41:26 GMT
content-length
149392
x-oss-object-type
Normal
last-modified
Tue, 14 Feb 2023 01:07:56 GMT
server
Tengine
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
ali-swift-global-savetime
1676424903
content-type
application/javascript
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
4881735472037172499
eagleid
2ff62b1c16773547801784372e
x-oss-server-time
13
index.3f2487ba.css
181skins.com/assets/
230 KB
59 KB
Stylesheet
General
Full URL
https://181skins.com/assets/index.3f2487ba.css
Requested by
Host: 181skins.com
URL: https://181skins.com/?code=google
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.156 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3f2487baddb7699c5941acfc661dced0eafb85da2fed3f840b1feb43b101cbe9
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://181skins.com/?code=google
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Wed, 15 Feb 2023 01:35:03 GMT
content-encoding
gzip
x-oss-request-id
63EC36C607479336303ACE11
via
cache20.l2de2[0,0,200-0,H], cache1.l2de2[2,0], ens-cache1.de4[0,1,200-0,H], ens-cache4.de4[9,0]
content-md5
iaWGUce1lK1tvsAJa0yN8w==
age
929877
x-swift-cachetime
1691617
x-cache
HIT TCP_HIT dirn:8:347891717
x-oss-cdn-auth
success
x-swift-savetime
Sat, 25 Feb 2023 11:41:26 GMT
content-length
59740
x-oss-object-type
Normal
last-modified
Tue, 14 Feb 2023 01:07:55 GMT
server
Tengine
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
ali-swift-global-savetime
1676424903
content-type
text/css
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
6545433828720789290
eagleid
2ff62b1c16773547801784376e
x-oss-server-time
26
getChannel
api.181skins.com/api/index/
0
0

getChannel
api.181skins.com/api/index/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.181skins.com
URL
https://api.181skins.com/api/index/getChannel
Domain
api.181skins.com
URL
https://api.181skins.com/api/index/getChannel

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| lib number| rem number| dpr object| _hmt

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=5184000