csgoempires.fun Open in urlscan Pro
2606:4700:3036::681b:953b  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response csgoempires.fun/	659 KB 91 KB	221ms 191ms	Document text/html	2606:4700:3036::681b:953b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681b:953b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9522ae5225b7dd143369388e1ee6ea80277ee3015794bfea5b13592a631128a8 Request headers :method GET :authority csgoempires.fun :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Mon, 20 Apr 2020 05:09:42 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=db07162969e260ae2704b91b7753b9fc41587359382; expires=Wed, 20-May-20 05:09:42 GMT; path=/; domain=.csgoempires.fun; HttpOnly; SameSite=Lax; Secure cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 586c5acceab3324c-FRA content-encoding br cf-request-id 02379714150000324c90001200000001
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/	86 KB 30 KB	17ms 16ms	Script application/javascript	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:42 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 23318517 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 02379714d8000016ee23839200000001 served-in-seconds 0.003 timing-allow-origin * last-modified Wed, 01 May 2019 21:45:59 GMT server cloudflare etag W/"5cca1397-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 586c5ace28d016ee-FRA expires Sat, 10 Apr 2021 05:09:42 GMT
GET H2	200	main.js Show response dallowin.site/csgoempire/js/	10 KB 3 KB	424ms 46ms	Script application/javascript	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Full URL https://dallowin.site/csgoempire/js/main.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 802d51b38897f30b0ea0bbfd720ba73e45fc2eaf9403d5018f3dbcbea3b39c0e Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 07:25:47 GMT server nginx etag W/"5e98087b-2610" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	users_list.js Show response dallowin.site/csgoempire/js/	19 KB 4 KB	426ms 48ms	Script application/javascript	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Full URL https://dallowin.site/csgoempire/js/users_list.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 741bde3fac0805829ecd0259029d4d05b6b19a0290f7754cbaeb3ed0e0205e34 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT content-encoding gzip last-modified Mon, 02 Mar 2020 16:37:56 GMT server nginx etag W/"5e5d3664-4a2d" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	chat.js Show response dallowin.site/csgoempire/js/	45 KB 3 KB	465ms 87ms	Script application/javascript	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Full URL https://dallowin.site/csgoempire/js/chat.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 28106c613e330683750e18745750cf2719d083085ab622f023155d4e41d29011 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT content-encoding gzip last-modified Tue, 14 Apr 2020 13:36:22 GMT server nginx etag W/"5e95bc56-b3a6" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	demo.js Show response dallowin.site/csgoempire/js/	3 KB 1 KB	465ms 88ms	Script application/javascript	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Full URL https://dallowin.site/csgoempire/js/demo.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash cdf54fdf9c0ee0b9d09e77ab0cb2c9bea0dfd6d7df0b3d989595f94b4c30238d Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT content-encoding gzip last-modified Sat, 29 Feb 2020 19:57:46 GMT server nginx etag W/"5e5ac23a-da3" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	jquery-1.12.4.min.js Show response csgoempires.fun/Content/js/	153 KB 45 KB	353ms 352ms	Script application/javascript	2606:4700:3036::681b:953b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csgoempires.fun/Content/js/jquery-1.12.4.min.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681b:953b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22b0cbc665aa368c6c638453d06b414e0f2541f1bf2b328eef42d788375d6dc0 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT content-encoding br cf-cache-status MISS last-modified Mon, 13 Apr 2020 11:32:50 GMT server cloudflare etag W/"5e944de2-26441" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control max-age=14400 cf-ray 586c5ace2c8a324c-FRA cf-request-id 02379714d80000324c90008200000001
GET H2	200	/ Show response csgoempires.fun/Content/js/main.js/	162 KB 25 KB	192ms 191ms	Script text/javascript	2606:4700:3036::681b:953b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csgoempires.fun/Content/js/main.js/ Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681b:953b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b39c7c327d0e87976a5b0a93dcf01e401e30c380060bc7408eabb697e16bffc3 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 20 Apr 2020 05:09:42 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript;charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 cf-ray 586c5ace2c8b324c-FRA cf-request-id 02379714d80000324c90009200000001
GET H2	200	banner-mobile.b04cae76.png dallowin.site/csgoempire/img//	54 KB 54 KB	91ms 91ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img//banner-mobile.b04cae76.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 9a081c56cc0f14e537d9658921b503a17a093d2243bc998aa18e6259d1886337 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:41 GMT server nginx etag "5e5ac235-d728" content-type image/png status 200 accept-ranges bytes content-length 55080
GET H2	200	banner.934d5f5b.png dallowin.site/csgoempire/img//	49 KB 50 KB	91ms 91ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img//banner.934d5f5b.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 9e39788ca7e399a0d5819ab30e68a750daab73e719fc059e3291ce822666d5ef Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:44 GMT server nginx etag "5e5ac238-c588" content-type image/png status 200 accept-ranges bytes content-length 50568
GET H2	200	coin-ct.ebf8a58b.png dallowin.site/csgoempire/img//	30 KB 30 KB	77ms 76ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img//coin-ct.ebf8a58b.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 3a1a52e3e4e6efa470f0d7ef308e38307b2b52e9cc4e53c0038295bb123f1e5a Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:42 GMT server nginx etag "5e5ac236-7716" content-type image/png status 200 accept-ranges bytes content-length 30486
GET H2	200	coin-bonus.2acb02bd.png dallowin.site/csgoempire/img//	40 KB 40 KB	78ms 76ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img//coin-bonus.2acb02bd.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 1343a51a22cbcb53dbc78797ad32cfb5ff5aed7bac6f2d54171bfdcd864394ce Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:43 GMT server nginx etag "5e5ac237-a036" content-type image/png status 200 accept-ranges bytes content-length 41014
GET H2	200	coin-t.5b1061aa.png dallowin.site/csgoempire/img//	73 KB 73 KB	78ms 76ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img//coin-t.5b1061aa.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 79bf43488f3c3d97f9233404f895843fa4bf1e89e7a46cd14204ba7e49c0fa9e Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:42 GMT server nginx etag "5e5ac236-12354" content-type image/png status 200 accept-ranges bytes content-length 74580
GET H2	200	logo.png dallowin.site/csgoempire/img/	50 KB 50 KB	78ms 77ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img/logo.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 6a5310d254d1244f7f4e2f5ff75a2fce78078611a18101b17ccc432ee3ba132f Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:42 GMT server nginx etag "5e5ac236-c8fd" content-type image/png status 200 accept-ranges bytes content-length 51453
GET H2	200	validate.png dallowin.site/csgoempire/img/	50 KB 50 KB	78ms 77ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img/validate.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 85cb45b47e2459d9910bac93e2e738545e7a16e9cd47b5a615579a9696108bb3 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:43 GMT server nginx etag "5e5ac237-c7b4" content-type image/png status 200 accept-ranges bytes content-length 51124
GET H2	200	Yv3BGXV.png i.imgur.com/	10 KB 10 KB	99ms 33ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Yv3BGXV.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e65fa1996d070ad33c9ba79b585477094009ca5cdcf88f1af5f4dd816759b850 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT age 14658374 x-cache HIT, HIT status 200 content-length 10407 x-served-by cache-bwi5131-BWI, cache-fra19166-FRA last-modified Sat, 02 Nov 2019 13:23:29 GMT server cat factory 1.0 x-timer S1587359383.348006,VS0,VE1 etag "66a65e05b85bc260e177e540f4387426" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 4, 1
GET H2	200	PR9i0Gw.png i.imgur.com/	21 KB 21 KB	115ms 49ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/PR9i0Gw.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 0f743574331c5d9ada82ef58c068b6df2c57ca17f335b9389cd4d2db69ad03a3 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT age 1857880 x-cache HIT, HIT status 200 content-length 21617 x-served-by cache-bwi5144-BWI, cache-fra19166-FRA last-modified Sat, 02 Nov 2019 13:23:29 GMT server cat factory 1.0 x-timer S1587359383.348001,VS0,VE1 etag "9fcac6e2e8800e96c8bf6928699fea00" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	206	rollStart.mp3 dallowin.site/csgoempire/sounds/	36 KB 36 KB	75ms 75ms	Media audio/mpeg	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Full URL https://dallowin.site/csgoempire/sounds/rollStart.mp3 Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash df773574d4aa5a044fc3110db001c5817e727db82b3d2b19c89dbb9ca7b9306f Request headers Referer https://csgoempires.fun/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:47 GMT server nginx etag "5e5ac23b-8e80" status 206 content-type audio/mpeg Content-Range bytes 0-36479/36480 Content-Length 36480
GET H2	206	rollEnd.mp3 dallowin.site/csgoempire/sounds/	4 KB 4 KB	89ms 88ms	Media audio/mpeg	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Full URL https://dallowin.site/csgoempire/sounds/rollEnd.mp3 Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 6de86f3ce5c7a981d9b6d106986517159cb1a9f81bc9c2facde0ac3a009d67cf Request headers Referer https://csgoempires.fun/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:47 GMT server nginx etag "5e5ac23b-e80" status 206 content-type audio/mpeg Content-Range bytes 0-3711/3712 Content-Length 3712
GET H2	200	ybhg Show response csgoempires.fun/fbm02yb/	414 KB 66 KB	194ms 193ms	Script text/javascript	2606:4700:3036::681b:953b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csgoempires.fun/fbm02yb/ybhg Requested by Host: csgoempires.fun URL: https://csgoempires.fun/Content/js/main.js/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681b:953b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 634b94c802eeef1b2620bf36fc9e856fbbf373670bb77cd6e7994ebf174352ef Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 20 Apr 2020 05:09:43 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript;charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 cf-ray 586c5ad16a0a324c-FRA cf-request-id 02379716e20000324c90022200000001
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f2fb1ca1804390a6b6f41a676aeb89c1da568a5474f777122bb866012173bfc4 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	bg.gif dallowin.site/adarkempire/	18 MB 18 MB	96ms 95ms	Image image/gif	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/adarkempire/bg.gif Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash e4ca92ca8e6e53970c0c93d64a9ce16d0b4170a9749cbc4bd2a3aae764a35f82 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Mon, 21 Oct 2019 20:45:45 GMT server nginx etag "5dae18f9-11aa2cf" content-type image/gif status 200 accept-ranges bytes content-length 18522831
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e1c9a80121a3e9e9471ee03df18987bb3476f1ff3ee1a271f340b09a18962cd3 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	coins.png dallowin.site/csgoempire/img/	106 KB 106 KB	94ms 93ms	Image image/png	2a00:f940:2:2:1:1:0:89 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://dallowin.site/csgoempire/img/coins.png Requested by Host: csgoempires.fun URL: https://csgoempires.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:89 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 416c8fbff3a30754f0b5878d7ad9303ee3abf5d06032b691938e6254a535101e Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:43 GMT last-modified Sat, 29 Feb 2020 19:57:44 GMT server nginx etag "5e5ac238-1a63a" content-type image/png status 200 accept-ranges bytes content-length 108090
GET H2	200	jquery-ui.css csgoempires.fun/Content/css/	35 KB 8 KB	263ms 263ms	Stylesheet text/css	2606:4700:3036::681b:953b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csgoempires.fun/Content/css/jquery-ui.css Requested by Host: csgoempires.fun URL: https://csgoempires.fun/Content/js/jquery-1.12.4.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681b:953b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0 Request headers Referer https://csgoempires.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:44 GMT content-encoding br cf-cache-status MISS last-modified Tue, 24 Mar 2020 13:05:55 GMT server cloudflare etag W/"5e7a05b3-8c85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 586c5ad9ce50324c-FRA cf-request-id 0237971c1c0000324c90090200000001
GET H2	200	jquery-ui.min.js Show response csgoempires.fun/Content/js/	248 KB 63 KB	357ms 357ms	XHR application/javascript	2606:4700:3036::681b:953b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csgoempires.fun/Content/js/jquery-ui.min.js Requested by Host: csgoempires.fun URL: https://csgoempires.fun/Content/js/jquery-1.12.4.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681b:953b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://csgoempires.fun/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 05:09:44 GMT content-encoding br cf-cache-status MISS last-modified Tue, 24 Mar 2020 13:05:56 GMT server cloudflare etag W/"5e7a05b4-3dee4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control max-age=14400 cf-ray 586c5ada0eaf324c-FRA cf-request-id 0237971c490000324c90091200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CSGOEmpire (Gaming)

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery string| playerEntry object| startSnd object| endSnd function| closeWnd function| openWnd function| setJackpot function| numberWithSpaces number| countdownTime number| movingOffset number| movingTime number| movingTransposition object| h_countdown object| h_roller object| t_betinput object| t_chatlist object| t_chat_scroller number| countdownSession undefined| soundEnabled function| appendChatMessage function| playStart function| playEnd function| updateSound function| setRollingState function| setChatOpened function| startCountdown function| stopCountdown boolean| _rollEndWaiting object| _rollCallback number| _selectedCol function| roll function| resetRoll function| _roll_ended function| getPointerColumn function| _set_roll_shift number| t_mov function| roll_rnd function| randomInteger function| isOdd object| size object| summary function| setColumnBlur function| selectRedGreen function| blurAll function| unblurAll function| redColumn function| greenColumn function| defaultColumn function| resetColumnColor object| t_playersAdded function| addPlayer function| clearColumns function| clearColumn function| betAmountAdd function| betAmountMultiply function| betAmountSet object| usersList object| chatList undefined| jackpotValue undefined| onlineCount number| lastOnline undefined| chatMesssagePosition function| addChatMessage function| initChat function| scheduleNextMessage function| chatLoop function| _loop function| incJackpot number| playerAdding function| startPlayers function| stopPlayers object| priceExample function| runPlayers function| updateOnline object| hvlt2397 function| hvlt7239 object| devtools object| ALoxL9a83 object| nredc093 function| nred3c09 function| showRules function| hideRules function| showHelp function| hideHelp object| vVDXc07f object| tnq470c function| tnqc470

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://dallowin.site/csgoempire/js/main.js:91:30) at e (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:29453) at t (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:29755) undefined
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://dallowin.site/csgoempire/js/demo.js:11:30) at e (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:29453) at t (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:29755) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
csgoempires.fun
dallowin.site
i.imgur.com
151.101.12.193
2606:4700:3036::681b:953b
2606:4700::6810:85e5
2a00:f940:2:2:1:1:0:89
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f743574331c5d9ada82ef58c068b6df2c57ca17f335b9389cd4d2db69ad03a3
1343a51a22cbcb53dbc78797ad32cfb5ff5aed7bac6f2d54171bfdcd864394ce
22b0cbc665aa368c6c638453d06b414e0f2541f1bf2b328eef42d788375d6dc0
28106c613e330683750e18745750cf2719d083085ab622f023155d4e41d29011
3a1a52e3e4e6efa470f0d7ef308e38307b2b52e9cc4e53c0038295bb123f1e5a
416c8fbff3a30754f0b5878d7ad9303ee3abf5d06032b691938e6254a535101e
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
634b94c802eeef1b2620bf36fc9e856fbbf373670bb77cd6e7994ebf174352ef
6a5310d254d1244f7f4e2f5ff75a2fce78078611a18101b17ccc432ee3ba132f
6de86f3ce5c7a981d9b6d106986517159cb1a9f81bc9c2facde0ac3a009d67cf
741bde3fac0805829ecd0259029d4d05b6b19a0290f7754cbaeb3ed0e0205e34
79bf43488f3c3d97f9233404f895843fa4bf1e89e7a46cd14204ba7e49c0fa9e
802d51b38897f30b0ea0bbfd720ba73e45fc2eaf9403d5018f3dbcbea3b39c0e
85cb45b47e2459d9910bac93e2e738545e7a16e9cd47b5a615579a9696108bb3
9522ae5225b7dd143369388e1ee6ea80277ee3015794bfea5b13592a631128a8
9a081c56cc0f14e537d9658921b503a17a093d2243bc998aa18e6259d1886337
9e39788ca7e399a0d5819ab30e68a750daab73e719fc059e3291ce822666d5ef
b39c7c327d0e87976a5b0a93dcf01e401e30c380060bc7408eabb697e16bffc3
cdf54fdf9c0ee0b9d09e77ab0cb2c9bea0dfd6d7df0b3d989595f94b4c30238d
df773574d4aa5a044fc3110db001c5817e727db82b3d2b19c89dbb9ca7b9306f
e1c9a80121a3e9e9471ee03df18987bb3476f1ff3ee1a271f340b09a18962cd3
e4ca92ca8e6e53970c0c93d64a9ce16d0b4170a9749cbc4bd2a3aae764a35f82
e65fa1996d070ad33c9ba79b585477094009ca5cdcf88f1af5f4dd816759b850
f2fb1ca1804390a6b6f41a676aeb89c1da568a5474f777122bb866012173bfc4