counterstrike.blogcs2.com Open in urlscan Pro
37.46.130.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://counterstrike.blogcs2.com/
Submission Tags: phishingrod
Submission: On August 15 via api (August 15th 2023, 12:12:45 pm UTC) from DE — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 13 HTTP transactions. The main IP is 37.46.130.28, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is counterstrike.blogcs2.com.
TLS certificate: Issued by R3 on August 15th 2023. Valid for: 3 months.

This is the only time counterstrike.blogcs2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	37.46.130.28 37.46.130.28	29182 (RU-JSCIOT) (RU-JSCIOT)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:43fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	6

3 37.46.130.28 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: danielasazonov646.ispvds.com

counterstrike.blogcs2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:43fd (United States)

ASN13335 (CLOUDFLARENET, US)

krivoipalec.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ibb.co i.ibb.co — Cisco Umbrella Rank: 11116	2 MB
3	blogcs2.com counterstrike.blogcs2.com	94 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	5 KB
1	krivoipalec.pro krivoipalec.pro	627 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 752	30 KB
13	6

	Domain	Requested by
4	i.ibb.co	counterstrike.blogcs2.com
3	counterstrike.blogcs2.com	counterstrike.blogcs2.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	counterstrike.blogcs2.com
1	krivoipalec.pro	counterstrike.blogcs2.com
1	code.jquery.com	counterstrike.blogcs2.com
13	6

This site contains no links.

Subject Issuer	Validity	Valid
counterstrike.blogcs2.com R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
ibb.co R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
krivoipalec.pro E1	`2023-08-09` - `2023-11-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://counterstrike.blogcs2.com/
Frame ID: 79E0BBD455EA11461453C103009B037A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CS2 | Limited Test

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

1900 kB
Transfer

2347 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
counterstrike.blogcs2.com/ 14 KB
4 KB 208ms
47ms Document
text/html 37.46.130.28
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://counterstrike.blogcs2.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 37.46.130.28 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: danielasazonov646.ispvds.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 26a7252ed5c7f2db1a7bfce22fc836c8fca08c10084513941241ed0e35c22527

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 15 Aug 2023 12:12:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found style.css
counterstrike.blogcs2.com/css/ 0
0 47ms
46ms Stylesheet
text/html 37.46.130.28
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://counterstrike.blogcs2.com/css/style.css
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 37.46.130.28 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: danielasazonov646.ispvds.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 12:12:40 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 jquery-3.7.0.min.js Show response
code.jquery.com/ 85 KB
30 KB 65ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.0.min.js
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:12:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-155a6"
vary: Accept-Encoding
x-hw: 1692101560.dop134.am5.t,1692101560.cds285.am5.hn,1692101560.cds261.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30308

GET
H2 200 css2
fonts.googleapis.com/ 69 KB
2 KB 140ms
56ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Teko:wght@300;400;500;600;700&display=swap

Requested by

Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7c7e02a885dc6682140c27b664da8f5ce0987b82800713415aefb68f470b0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 12:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 12:12:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 12:12:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 84 KB
2 KB 143ms
60ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chakra+Petch:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Teko:wght@300;400;500;600;700&display=swap

Requested by

Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d690854a21b1502023c08640a301e6c34973f97790221d9960ba46db64c3c3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 12:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 12:12:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 12:12:40 GMT

GET
H/1.1 200
OK k459r827y6f3.js Show response
counterstrike.blogcs2.com/ 326 KB
90 KB 146ms
99ms Script
application/javascript 37.46.130.28
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://counterstrike.blogcs2.com/k459r827y6f3.js
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 37.46.130.28 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: danielasazonov646.ispvds.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6a95f3aae5ee8956a1893464ffe670ad40bdbe768a106fa879fef93496e85fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 12:12:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 12:02:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"64db6946-5175a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 16 Aug 2023 12:12:40 GMT

GET
H2 200 logo-text.png
i.ibb.co/jZtnGvd/ 11 KB
11 KB 58ms
17ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/jZtnGvd/logo-text.png
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 387d5ca1c5e0222880c2b01a35d29f72451fbff954d33c696f4028ae23347254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:12:40 GMT
last-modified: Thu, 10 Aug 2023 20:58:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10888
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ct-bg.jpg
i.ibb.co/jkVDBmD/ 1 MB
1 MB 48ms
17ms Image
image/jpeg 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/jkVDBmD/ct-bg.jpg
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 39e9e7fca0b4d27db042d728128b9e1d18a46feb722ccc0f864525318d2449f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:12:40 GMT
last-modified: Fri, 11 Aug 2023 19:33:36 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1513681
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Mid-BG.png
i.ibb.co/Zm7bpbs/ 182 KB
182 KB 47ms
17ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Zm7bpbs/Mid-BG.png
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 0ea4ba3b75c307574633d738602bfba5f814d5b59d4983627e8e651324767799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:12:40 GMT
last-modified: Thu, 10 Aug 2023 22:58:32 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 186328
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bottom-bg.png
i.ibb.co/qDt0Yc3/ 80 KB
80 KB 47ms
18ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qDt0Yc3/bottom-bg.png
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: cdf7a5a259620397355420ca4edc3b8721e0e6384511bd229a2947a8339800c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://counterstrike.blogcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:12:40 GMT
last-modified: Thu, 10 Aug 2023 22:56:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 81702
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2
fonts.gstatic.com/s/chakrapetch/v9/ 9 KB
9 KB 115ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v9/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Teko:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5452b4581af8fa4aa927665a835708f6298f75bfabeb99813ec585ec6bcfc494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://counterstrike.blogcs2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:42:10 GMT
x-content-type-options: nosniff
age: 279030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8912
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 18:53:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 06:42:10 GMT

GET
H2 200 cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v9/ 9 KB
9 KB 119ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ccbd16dfaa5c559bd468ff0cca14f38e37100e35419a49cf4d3c6c23d2d163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://counterstrike.blogcs2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:16:17 GMT
x-content-type-options: nosniff
age: 320183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8992
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 18:18:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 19:16:17 GMT

POST
H2 200 divgkqdohobbombdinmvuuadrvdaqatgrhiiichxjynekn Show response
krivoipalec.pro/ 48 B
627 B 377ms
144ms XHR
application/json 2606:4700:3030::6815:43fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://krivoipalec.pro/divgkqdohobbombdinmvuuadrvdaqatgrhiiichxjynekn
Requested by: Host: counterstrike.blogcs2.com
URL: https://counterstrike.blogcs2.com/k459r827y6f3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:43fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b3d7abc89e3205e1b41d2f13c058f70606c9d6bcb3c12c39a6f67c98be9a42f3

Request headers

Referer: https://counterstrike.blogcs2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Aug 2023 12:12:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"30-GhoJr3rSUZkPIl/8MSlp7sMZadA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XZ%2B0%2FbRlQ71khIH80q4q%2FGG4%2FWxlN%2FuURcnWgGxX7y63Hl0Z1kIYnmioA1bwhCL6EUXCixJ207ad%2FstByFSOvOJ9JAcOlFgXaIha28a4ZgKtGmj96TtinR4C4AStHps2wOCr6NwB%2BDWE6aYabo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7f7158e318081a7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://counterstrike.blogcs2.com/css/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
counterstrike.blogcs2.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
krivoipalec.pro
162.19.58.159
2001:4de0:ac18::1:a:2a
2606:4700:3030::6815:43fd
2a00:1450:4001:806::200a
2a00:1450:4001:82a::2003
37.46.130.28
0ea4ba3b75c307574633d738602bfba5f814d5b59d4983627e8e651324767799
26a7252ed5c7f2db1a7bfce22fc836c8fca08c10084513941241ed0e35c22527
387d5ca1c5e0222880c2b01a35d29f72451fbff954d33c696f4028ae23347254
39e9e7fca0b4d27db042d728128b9e1d18a46feb722ccc0f864525318d2449f0
5452b4581af8fa4aa927665a835708f6298f75bfabeb99813ec585ec6bcfc494
b3d7abc89e3205e1b41d2f13c058f70606c9d6bcb3c12c39a6f67c98be9a42f3
b7c7e02a885dc6682140c27b664da8f5ce0987b82800713415aefb68f470b0be
c6a95f3aae5ee8956a1893464ffe670ad40bdbe768a106fa879fef93496e85fa
c6ccbd16dfaa5c559bd468ff0cca14f38e37100e35419a49cf4d3c6c23d2d163
cdf7a5a259620397355420ca4edc3b8721e0e6384511bd229a2947a8339800c8
d690854a21b1502023c08640a301e6c34973f97790221d9960ba46db64c3c3ca
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

counterstrike.blogcs2.com Open in urlscan Pro 37.46.130.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

5 Countries

1900 kBTransfer

2347 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

counterstrike.blogcs2.com Open in urlscan Pro
37.46.130.28 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

1900 kB
Transfer

2347 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions