cs2freeskin.ru
Open in
urlscan Pro
37.230.118.213
Public Scan
Submitted URL: https://cs2freeskin.ru/
Effective URL: https://cs2freeskin.ru/?__im-RTSHhGyT=8205330508147553726
Submission Tags: phishingrod
Submission: On October 16 via api from DE — Scanned from DE
Effective URL: https://cs2freeskin.ru/?__im-RTSHhGyT=8205330508147553726
Submission Tags: phishingrod
Submission: On October 16 via api from DE — Scanned from DE
Summary
This website contacted 4 IPs
in 2 countries
across 3 domains to perform 15 HTTP transactions.
The main IP is 37.230.118.213, located in
Russian Federation and
belongs to RU-JSCIOT, RU.
The main domain is cs2freeskin.ru.
TLS certificate: Issued by R10 on August 15th 2024. Valid for: 3 months.
This is the only time cs2freeskin.ru was scanned on urlscan.io!
TLS certificate: Issued by R10 on August 15th 2024. Valid for: 3 months.
This is the only time cs2freeskin.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 13 | 37.230.118.213 37.230.118.213 | 29182 (RU-JSCIOT) (RU-JSCIOT) | |
| 1 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 1 2 | 88.212.201.198 88.212.201.198 | 39134 (UNITEDNET) (UNITEDNET) | |
| 15 | 4 |
13
37.230.118.213
(Russian Federation)
ASN29182 (RU-JSCIOT, RU)
PTR: lake.multihost.cloud
ASN29182 (RU-JSCIOT, RU)
PTR: lake.multihost.cloud
| cs2freeskin.ru |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
cs2freeskin.ru
1 redirects
cs2freeskin.ru |
180 KB |
| 2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 15187 |
2 KB |
| 1 |
gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2302 |
1 KB |
| 15 | 3 |
| Domain | Requested by | |
|---|---|---|
| 13 | cs2freeskin.ru |
1 redirects
cs2freeskin.ru
|
| 2 | counter.yadro.ru |
1 redirects
cs2freeskin.ru
|
| 1 | secure.gravatar.com |
cs2freeskin.ru
|
| 15 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.liveinternet.ru |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cs2freeskin.ru R10 |
2024-08-15 - 2024-11-13 |
3 months | crt.sh |
| *.gravatar.com Sectigo ECC Domain Validation Secure Server CA |
2023-12-05 - 2025-01-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cs2freeskin.ru/?__im-RTSHhGyT=8205330508147553726
Frame ID: 200994525A5712A1091F03165416903C
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Скины Counter-strike 2 бесплатно — Бесплатные скины CS2Page URL History Show full URLs
- https://cs2freeskin.ru/ Page URL
-
https://cs2freeskin.ru/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=27692212
HTTP 302
https://cs2freeskin.ru/?__im-RTSHhGyT=8205330508147553726 Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.liveinternet.ru/click
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://cs2freeskin.ru/ Page URL
-
https://cs2freeskin.ru/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=27692212
HTTP 302
https://cs2freeskin.ru/?__im-RTSHhGyT=8205330508147553726 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://counter.yadro.ru/hit?t29.12;rhttps%3A//cs2freeskin.ru/;s1600*1200*24;uhttps%3A//cs2freeskin.ru/%3F__im-RTSHhGyT%3D8205330508147553726;h%u0421%u043A%u0438%u043D%u044B%20Counter-strike%202%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u2014%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0435%20%u0441%u043A%u0438%u043D%u044B%20CS2;0.9419027944095613 HTTP 302
- https://counter.yadro.ru/hit?q;t29.12;rhttps%3A//cs2freeskin.ru/;s1600*1200*24;uhttps%3A//cs2freeskin.ru/%3F__im-RTSHhGyT%3D8205330508147553726;h%u0421%u043A%u0438%u043D%u044B%20Counter-strike%202%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u2014%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0435%20%u0441%u043A%u0438%u043D%u044B%20CS2;0.9419027944095613
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
cs2freeskin.ru/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
cs2freeskin.ru/ Redirect Chain
|
73 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
cs2freeskin.ru/wp-content/themes/moog/assets/build/css/ |
38 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs2logo.png
cs2freeskin.ru/wp-content/uploads/2023/11/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
csgo-skins.png
cs2freeskin.ru/wp-content/uploads/2023/11/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2ab60a927d7beb656245c886375ebfb3
secure.gravatar.com/avatar/ |
790 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
csgopolygon-logo.png
cs2freeskin.ru/wp-content/uploads/2023/10/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
3b521213-06a1-4425-a840-a65d4409a4c9
https://cs2freeskin.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hit
counter.yadro.ru/ Redirect Chain
|
511 B 997 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
cs2freeskin.ru/wp-includes/js/ |
18 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DMSans-Regular.woff2
cs2freeskin.ru/wp-content/themes/moog/assets/fonts/dm-sans/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DMSans-Bold.woff2
cs2freeskin.ru/wp-content/themes/moog/assets/fonts/dm-sans/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DMSans-Medium.woff2
cs2freeskin.ru/wp-content/themes/moog/assets/fonts/dm-sans/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Farmskins-open-case-logotype.png
cs2freeskin.ru/wp-content/uploads/2023/10/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs2logo-150x123.png
cs2freeskin.ru/wp-content/uploads/2023/11/ |
5 KB 5 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cs2freeskin.ru
- URL
- blob:https://cs2freeskin.ru/3b521213-06a1-4425-a840-a65d4409a4c9
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _wpemojiSettings object| twemoji object| wp3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .cs2freeskin.ru/ | Name: wssplashuid Value: 9cc1667d6a04985a1b2efd708dd0010b209ff68f.1729043250.1 |
|
| .yadro.ru/ | Name: FTID Value: 1d3mqZ1VJU8u1d3mqZ001OWW |
|
| .yadro.ru/ | Name: VID Value: 3k7CAS0inpuu1d3mqZ001E_s |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
counter.yadro.ru
cs2freeskin.ru
secure.gravatar.com
cs2freeskin.ru
2a04:fa87:fffe::c000:4902
37.230.118.213
88.212.201.198
0d6a2d9e1688dd1edf4c250223bf1f057c7949f3637e67277d312ea18edac411
1aa3df8a05335cbfef8425535c42094b6b3a4f9a5444fbd3754842b44eb2ae3c
1b42bac5bf796055bef06a5598dd4eb529fd5140c92367ee8b6c22bdcca046bb
22dd1022244237bc3ff9dec8098b924357a31dc76c5f60fd720d92032abf8f98
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
923073f0ec5cffddfae3b30e6729348dce1d6021bfb364c8b9d4a30c7434b658
96f4e215f4e6d35fe15d2fcacf7c7b3d02ff866a9e88be8ee6e504d1f1240b05
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
c499d1cef1100b3286f3f67de3b5e91a17715654003882ef8e7a6a6552b7a5a7
c7022eed6d7fe246740cc0af4bc76ba6cb136cc4b3a2775165e582f4fbf446df
c7489d0e1fcbfe18c3436b7bd68795c7a540eac677bed570f2585ceec5ba6af2
d34facda0876f4d7e6ea3b9f61b676f3b93b065bec16636916e1577c2a3a6af5
dbc8bf34fc09706c61251d309768411aa5a4ad7d5879a084e6ce8eb288622d60
ee951790207eba756fd42dadada56f06d5487227c9bd74f95d2c8c79f9b8c09e