csgow.tf Open in urlscan Pro
2a01:4f8:201:904a::2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://csgow.tf/
Submission Tags: phishingrod
Submission: On January 24 via api (January 24th 2023, 11:19:50 pm UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2a01:4f8:201:904a::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is csgow.tf.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 26th 2022. Valid for: 3 months.

This is the only time csgow.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a01:4f8:201:... 2a01:4f8:201:904a::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3030::ac43:96b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e4:... 2606:4700:e4::ac40:af10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

13 2a01:4f8:201:904a::2 (Germany)

ASN24940 (HETZNER-AS, DE)

csgow.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
piwik.itsh.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:96b6 (United States)

ASN13335 (CLOUDFLARENET, US)

liberapay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:af10 (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	csgow.tf csgow.tf	825 KB
2	itsh.dev piwik.itsh.dev	22 KB
1	shields.io img.shields.io — Cisco Umbrella Rank: 42131	1 KB
1	liberapay.com liberapay.com — Cisco Umbrella Rank: 742348	2 KB
15	4

	Domain	Requested by
11	csgow.tf	csgow.tf
2	piwik.itsh.dev	csgow.tf piwik.itsh.dev
1	img.shields.io	csgow.tf
1	liberapay.com	csgow.tf
15	4

This site contains links to these domains. Also see Links.

Domain
liberapay.com
git.harting.dev

Subject Issuer	Validity	Valid
csgow.tf ZeroSSL RSA Domain Secure Site CA	`2022-11-26` - `2023-02-24`	3 months	crt.sh
itsh.dev R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://csgow.tf/
Frame ID: F9D86E3534427007C8F7E9F0279F96F3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | csgoWTF

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

849 kB
Transfer

1315 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://liberapay.com/CSGOWTF/donate

Search URL Search Domain Scan URL

URL: https://git.harting.dev/CSGOWTF

Search URL Search Domain Scan URL

URL: https://git.harting.dev/CSGOWTF/csgowtf/issues
Title: Issue Tracker

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
csgow.tf/ 2 KB
1018 B 85ms
26ms Document
text/html 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d6d53bba2f75f8a82dc0a1f733fafba03c73e10c87eca55e116a1e49f7f0cdaa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Tue, 24 Jan 2023 23:19:45 GMT
etag: W/"6390305a-9c8"
expires: Tue, 24 Jan 2023 23:19:45 GMT
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 chunk-vendors.f338cbf2.js Show response
csgow.tf/js/ 291 KB
97 KB 86ms
84ms Script
application/javascript 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/js/chunk-vendors.f338cbf2.js
Requested by: Host: csgow.tf
URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5f269b5fd56c4e26e4ac9c3d3a1174f24371260103aae5667c16275aee8d8196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-48b63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 app.499992ba.js Show response
csgow.tf/js/ 27 KB
9 KB 86ms
84ms Script
application/javascript 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/js/app.499992ba.js
Requested by: Host: csgow.tf
URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 234632ebc943d84dfeb955a1210e2f2d96967a3fb4746bf4bc4c33b5b0dbe7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-6c2f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 chunk-vendors.1892fbb1.css
csgow.tf/css/ 77 KB
40 KB 39ms
38ms Stylesheet
text/css 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/css/chunk-vendors.1892fbb1.css
Requested by: Host: csgow.tf
URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a1f268d7ed854c220aa18b5bf88f9c66087eb3f95456e4ff0734448bc7447422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-135c7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 app.ea29341e.css
csgow.tf/css/ 194 KB
29 KB 78ms
77ms Stylesheet
text/css 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/css/app.ea29341e.css
Requested by: Host: csgow.tf
URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1fa2e196d4a158b2383da4c28541abda119b702e603752c54af6493abd8eb90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-306b8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 matomo.js Show response
piwik.itsh.dev/ 64 KB
21 KB 146ms
25ms Script
application/javascript 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.itsh.dev/matomo.js
Requested by: Host: csgow.tf
URL: https://csgow.tf/js/chunk-vendors.f338cbf2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 19:50:48 GMT
server: nginx
etag: W/"63924018-10132"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
expires: Wed, 25 Jan 2023 00:19:45 GMT

GET
H2 200 open-sans-latin-variable-full-normal.ff48d00b.woff2
csgow.tf/fonts/ 77 KB
77 KB 30ms
29ms Font
font/woff2 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/fonts/open-sans-latin-variable-full-normal.ff48d00b.woff2
Requested by: Host: csgow.tf
URL: https://csgow.tf/css/chunk-vendors.1892fbb1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7538d7c926ebb0bf39493ef2855e92b171e32444476bae5fd13dd984d6d02333

Request headers

Referer: https://csgow.tf/css/chunk-vendors.1892fbb1.css
Origin: https://csgow.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: "6390305a-13464"
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 78948
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 forkawesome-webfont.633c177d.woff2
csgow.tf/fonts/ 107 KB
108 KB 38ms
38ms Font
font/woff2 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/fonts/forkawesome-webfont.633c177d.woff2
Requested by: Host: csgow.tf
URL: https://csgow.tf/css/chunk-vendors.1892fbb1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer: https://csgow.tf/css/chunk-vendors.1892fbb1.css
Origin: https://csgow.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: "6390305a-1ad5c"
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 109916
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 logo.svg
csgow.tf/images/ 8 KB
3 KB 48ms
47ms Image
image/svg+xml 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csgow.tf/images/logo.svg
Requested by: Host: csgow.tf
URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: dadf706c60971d8099a70d21004c9ddc557508d42a35755681a254876a5f344c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-1fd9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 839.103d70ee.css
csgow.tf/css/ 2 KB
865 B 46ms
46ms Stylesheet
text/css 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/css/839.103d70ee.css
Requested by: Host: csgow.tf
URL: https://csgow.tf/js/app.499992ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3091cdb1e9525e07733018040680de59b85875b77cd495a560cc8b0c62d752dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-8bc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 839.664b1d6e.js Show response
csgow.tf/js/ 4 KB
2 KB 46ms
46ms Script
application/javascript 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://csgow.tf/js/839.664b1d6e.js
Requested by: Host: csgow.tf
URL: https://csgow.tf/js/app.499992ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: f9499924a4bf62b7b03621210025d3c751186884bdc76bf958d0d5e23e2a73eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: W/"6390305a-ee3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 23 Feb 2023 23:19:45 GMT

GET
H2 200 donate.svg
liberapay.com/assets/widgets/ 1 KB
2 KB 90ms
29ms Image
image/svg+xml 2606:4700:3030::ac43:96b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://liberapay.com/assets/widgets/donate.svg

Requested by

Host: csgow.tf
URL: https://csgow.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:96b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18774e39f98524d7925e37e39c0fbdf17b48b847ef13a70d2631e01ce86376fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' liberapay.com;connect-src 'self' .liberapay.org;form-action 'self';img-src blob: data:;object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
content-security-policy: default-src 'self' liberapay.com;connect-src 'self' *.liberapay.org;form-action 'self';img-src * blob: data:;object-src 'none';upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3209
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JU8x2BuIoSdsx0AQ9DRzpbZERcUSfANsoAPErNXWNMONkIQgY1HODcDB4%2BqHdpiavdUtVZPotmBbpdOQiS2ewtWvh%2B4hSOtAsgT%2B5Hmk4vic%2BLFxCJ4nN8O0zoe6xS8sXw%2Bk8QJBj%2BoHZddx"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
cf-ray: 78ec7ef01c309be9-FRA

GET
H2 200 CSGOWTF.svg
img.shields.io/liberapay/patrons/ 1 KB
1 KB 570ms
508ms Image
image/svg+xml 2606:4700:e4::ac40:af10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/liberapay/patrons/CSGOWTF.svg
Requested by: Host: csgow.tf
URL: https://csgow.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:af10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2c20fd97a123246ea26fe67b09392bed1346c1841cb6ef3297987c9aeb35ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:46 GMT
via: 2 fly.io
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01GQK194GWEM077QKQ48WXDGXV-fra
last-modified: Tue, 24 Jan 2023 23:19:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIBBov41n8hTodNyEMCLhQTP01CwVdEFXGmnCrv2ZBmdKqNqcFp1EA9meEgiilWNKw%2Fr60DQBgItCXtMvIuTn1JTVeHN8Sbzn8vx7fqvzxu5MnD85fD7tYly9QQlykfNydFFurieD2bQv7oHEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=120, s-maxage=120
cf-ray: 78ec7ef018718ffb-FRA
expires: Tue, 24 Jan 2023 23:21:46 GMT

GET
H2 200 default.1b6d90a0.png
csgow.tf/img/ 458 KB
459 KB 29ms
29ms Image
image/png 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csgow.tf/img/default.1b6d90a0.png
Requested by: Host: csgow.tf
URL: https://csgow.tf/css/839.103d70ee.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4d5ceda4a92cccab1f27dca347d4577ba2b1f1dfe2ca51d14605287a94a77501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csgow.tf/css/839.103d70ee.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 23:19:45 GMT
last-modified: Wed, 07 Dec 2022 06:19:06 GMT
server: nginx
etag: "6390305a-72899"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 469145
expires: Thu, 23 Feb 2023 23:19:45 GMT

POST
H2 204 matomo.php
piwik.itsh.dev/ 0
219 B 2099ms
2099ms Ping
text/plain 2a01:4f8:201:904a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://piwik.itsh.dev/matomo.php?action_name=%2F&idsite=74&rec=1&r=749365&h=23&m=19&s=46&url=https%3A%2F%2Fcsgow.tf%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=G02y5U&pf_net=61&pf_srv=26&pf_tfr=1&pf_dm1=17&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: piwik.itsh.dev
URL: https://piwik.itsh.dev/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:201:904a::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://csgow.tf/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Tue, 24 Jan 2023 23:19:48 GMT
referrer-policy: origin
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://csgow.tf
cache-control: max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 24 Jan 2023 23:19:48 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csgow.tf
img.shields.io
liberapay.com
piwik.itsh.dev
2606:4700:3030::ac43:96b6
2606:4700:e4::ac40:af10
2a01:4f8:201:904a::2
18774e39f98524d7925e37e39c0fbdf17b48b847ef13a70d2631e01ce86376fd
1fa2e196d4a158b2383da4c28541abda119b702e603752c54af6493abd8eb90a
234632ebc943d84dfeb955a1210e2f2d96967a3fb4746bf4bc4c33b5b0dbe7a2
3091cdb1e9525e07733018040680de59b85875b77cd495a560cc8b0c62d752dc
3c2c20fd97a123246ea26fe67b09392bed1346c1841cb6ef3297987c9aeb35ce
4d5ceda4a92cccab1f27dca347d4577ba2b1f1dfe2ca51d14605287a94a77501
5f269b5fd56c4e26e4ac9c3d3a1174f24371260103aae5667c16275aee8d8196
7538d7c926ebb0bf39493ef2855e92b171e32444476bae5fd13dd984d6d02333
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
a1f268d7ed854c220aa18b5bf88f9c66087eb3f95456e4ff0734448bc7447422
d6d53bba2f75f8a82dc0a1f733fafba03c73e10c87eca55e116a1e49f7f0cdaa
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dadf706c60971d8099a70d21004c9ddc557508d42a35755681a254876a5f344c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9499924a4bf62b7b03621210025d3c751186884bdc76bf958d0d5e23e2a73eb

csgow.tf Open in urlscan Pro 2a01:4f8:201:904a::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

849 kBTransfer

1315 kBSize

0 Cookies

3 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

csgow.tf Open in urlscan Pro
2a01:4f8:201:904a::2 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

849 kB
Transfer

1315 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions