wiki.auth-ns.esquelesquad.rip Open in urlscan Pro
185.178.208.189 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 14 via api (May 14th 2024, 9:56:41 pm UTC) from IT — Scanned from IT

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 185.178.208.189, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is wiki.auth-ns.esquelesquad.rip.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time wiki.auth-ns.esquelesquad.rip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	185.178.208.189 185.178.208.189	57724 (DDOS-GUARD) (DDOS-GUARD)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	5

7 185.178.208.189 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

wiki.auth-ns.esquelesquad.rip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	esquelesquad.rip wiki.auth-ns.esquelesquad.rip	39 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	10 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103	43 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	31 KB
13	5

	Domain	Requested by
7	wiki.auth-ns.esquelesquad.rip	wiki.auth-ns.esquelesquad.rip
2	cdn.jsdelivr.net	wiki.auth-ns.esquelesquad.rip
2	maxcdn.bootstrapcdn.com	wiki.auth-ns.esquelesquad.rip
1	cdnjs.cloudflare.com	wiki.auth-ns.esquelesquad.rip
1	ajax.googleapis.com	wiki.auth-ns.esquelesquad.rip
13	5

This site contains no links.

Subject Issuer	Validity	Valid
wiki.auth-ns.esquelesquad.rip R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Frame ID: 1E806A67FC218C01D64CAE4424B7B668
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

130 kB
Transfer

476 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wiki.auth-ns.esquelesquad.rip/dox/ 15 KB
4 KB 678ms
488ms Document
text/html 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

9f712711e3c0947e8e0722993f98b3719a7e41d1495457752f7f88b067b109b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 3419
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 21:56:36 GMT
server: ddos-guard
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
25 KB 147ms
95ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:56:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 533865
cdn-cachedat: 10/31/2023 19:00:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2e1bd2e7fbc2154cfdca0cc6162e6e3d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 883e23a2deab7945-PMO
cdn-requestpullsuccess: True

GET
H2 200 red.css
wiki.auth-ns.esquelesquad.rip/assets/css/ 1 KB
615 B 134ms
133ms Stylesheet
text/css 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://wiki.auth-ns.esquelesquad.rip/assets/css/red.css

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

f246292596a4db97fe2c6aba651459b5a21afd3489d222074bcf88b1564c4477

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 14 May 2024 21:32:56 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 05:24:11 GMT
server: ddos-guard
age: 1420
etag: "56a-5bbbdc754f4c0-gzip"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 530

GET
H2 200 animate.css
wiki.auth-ns.esquelesquad.rip/assets/css/ 80 KB
5 KB 133ms
132ms Stylesheet
text/css 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://wiki.auth-ns.esquelesquad.rip/assets/css/animate.css

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

54e45a0cb0fb522c4c3637e3fa2d6a7729bf8e9b2266d268cae0ca0583bf6d16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 14 May 2024 21:32:56 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 00:31:06 GMT
server: ddos-guard
age: 1420
etag: "13e7a-5a590cfef6680-gzip"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 4818

GET
H2 200 vanilla-dataTables.min.css
cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/ 3 KB
1 KB 172ms
77ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/vanilla-dataTables.min.css

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

355c787a523fb8de919ff626ec0ef82fb1a567275a6a2374530bd81f8f319503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 May 2024 21:56:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1063
x-jsd-version: 1.6.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 841
x-served-by: cache-fra-eddf8230128-FRA, cache-pmo2280034-PMO
x-jsd-version-type: version
etag: W/"a56-IkiiAD16o3HimvQCEINnhLb+3r0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo1.png
wiki.auth-ns.esquelesquad.rip/assets/img/ 16 KB
16 KB 104ms
103ms Image
image/png 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wiki.auth-ns.esquelesquad.rip/assets/img/logo1.png

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

390c3f64d68b7048458299045e63ebdf2bf05babed25db924ac80c9f775541b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 14 May 2024 19:58:01 GMT
last-modified: Wed, 20 May 2020 22:39:52 GMT
server: ddos-guard
age: 7115
etag: "4068-5a61c1305de00"
content-type: image/png
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 16488

GET
H2 200 logo2.png
wiki.auth-ns.esquelesquad.rip/assets/img/ 10 KB
10 KB 145ms
144ms Image
image/png 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wiki.auth-ns.esquelesquad.rip/assets/img/logo2.png

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

407322165bff1dd1214641b70e2c7580bc066e23d38285d112c163acc5e13c5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 14 May 2024 19:59:41 GMT
last-modified: Wed, 20 May 2020 22:40:41 GMT
server: ddos-guard
age: 7015
etag: "298d-5a61c15f18c40"
content-type: image/png
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 10637

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 260ms
80ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 09:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 09:32:04 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 108ms
57ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 710563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6696
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNV%2FuH1Tu06kBc2%2BjzAzusNkzF%2F7n%2BnkO43zvAAhgRMdE1IwIkMFgPMIugI4UrnyQ2V9602351kynMSt%2FlKBduv735aFDXzQzTm8%2BIh5Qe96fXYOZ7%2F0gpb%2BwoFYw7yV2t7BDkrw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 883e23a2ea407951-PMO
expires: Sun, 04 May 2025 21:56:36 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
18 KB 95ms
59ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1049
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 600287
cdn-cachedat: 03/18/2024 12:12:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"61f338f870fcd0ff46362ef109d28533"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 404ad4ff604e543a04af840ad6a2d396
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 883e23a2deb17945-PMO
cdn-requestpullsuccess: True

GET
H2 200 vanilla-dataTables.min.js Show response
cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/ 25 KB
9 KB 162ms
81ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/vanilla-dataTables.min.js

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

018f1e408e9e304da619c9a00d30879055a4499615e802fca2d4abfbe70f3c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 May 2024 21:56:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 10686
x-jsd-version: 1.6.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9000
x-served-by: cache-fra-eddf8230109-FRA, cache-pmo2280034-PMO
x-jsd-version-type: version
etag: W/"639b-qCgPpekfZByCD5X3VZ67NjY9Qc8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 datajs.js Show response
wiki.auth-ns.esquelesquad.rip/assets/scripts/ 416 B
425 B 133ms
132ms Script
text/javascript 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://wiki.auth-ns.esquelesquad.rip/assets/scripts/datajs.js

Requested by

Host: wiki.auth-ns.esquelesquad.rip
URL: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

e12cd5e04f8d124a30a7ba42f4baf1b2c246c2ad68d613700981f20fdc3737da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 14 May 2024 21:51:13 GMT
content-encoding: gzip
last-modified: Sun, 17 May 2020 19:55:48 GMT
server: ddos-guard
age: 323
etag: "1a0-5a5dd6ec03900-gzip"
vary: Accept-Encoding
content-type: text/javascript
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 305

GET
H2 200 favicon-32x32.png
wiki.auth-ns.esquelesquad.rip/assets/img/ 3 KB
3 KB 85ms
85ms Other
image/png 185.178.208.189
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://wiki.auth-ns.esquelesquad.rip/assets/img/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.189 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

9cab7e76d6b56dc66221c585ae024f33189e1460d7bb2db322bc9ef03ca90906

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 14 May 2024 19:51:35 GMT
last-modified: Thu, 21 May 2020 03:36:32 GMT
server: ddos-guard
age: 7503
etag: "cb1-5a62037fc5000"
content-type: image/png
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 3249

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.esquelesquad.rip/	1970-01-21 05:20:59	Name: __ddg1_ Value: HMPw8CXsxWq7stG13Z40

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
wiki.auth-ns.esquelesquad.rip
104.17.25.14
104.18.11.207
142.250.186.138
151.101.129.229
185.178.208.189
018f1e408e9e304da619c9a00d30879055a4499615e802fca2d4abfbe70f3c8d
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
355c787a523fb8de919ff626ec0ef82fb1a567275a6a2374530bd81f8f319503
390c3f64d68b7048458299045e63ebdf2bf05babed25db924ac80c9f775541b2
407322165bff1dd1214641b70e2c7580bc066e23d38285d112c163acc5e13c5c
54e45a0cb0fb522c4c3637e3fa2d6a7729bf8e9b2266d268cae0ca0583bf6d16
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
9cab7e76d6b56dc66221c585ae024f33189e1460d7bb2db322bc9ef03ca90906
9f712711e3c0947e8e0722993f98b3719a7e41d1495457752f7f88b067b109b2
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
e12cd5e04f8d124a30a7ba42f4baf1b2c246c2ad68d613700981f20fdc3737da
f246292596a4db97fe2c6aba651459b5a21afd3489d222074bcf88b1564c4477
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

wiki.auth-ns.esquelesquad.rip Open in urlscan Pro 185.178.208.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

130 kBTransfer

476 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

wiki.auth-ns.esquelesquad.rip Open in urlscan Pro
185.178.208.189 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

130 kB
Transfer

476 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions