wiki.auth-ns.esquelesquad.rip
Open in
urlscan Pro
185.178.208.189
Public Scan
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 14 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time wiki.auth-ns.esquelesquad.rip was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 185.178.208.189 185.178.208.189 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
2 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 151.101.129.229 151.101.129.229 | 54113 (FASTLY) (FASTLY) | |
1 | 142.250.186.138 142.250.186.138 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 5 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
wiki.auth-ns.esquelesquad.rip |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
esquelesquad.rip
wiki.auth-ns.esquelesquad.rip |
39 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
10 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103 |
43 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
7 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
31 KB |
13 | 5 |
Domain | Requested by | |
---|---|---|
7 | wiki.auth-ns.esquelesquad.rip |
wiki.auth-ns.esquelesquad.rip
|
2 | cdn.jsdelivr.net |
wiki.auth-ns.esquelesquad.rip
|
2 | maxcdn.bootstrapcdn.com |
wiki.auth-ns.esquelesquad.rip
|
1 | cdnjs.cloudflare.com |
wiki.auth-ns.esquelesquad.rip
|
1 | ajax.googleapis.com |
wiki.auth-ns.esquelesquad.rip
|
13 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wiki.auth-ns.esquelesquad.rip R3 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wiki.auth-ns.esquelesquad.rip/dox/?dox=Cuentas%20de%20LF_Sadao%20By%20EsqueleSquad&id=61
Frame ID: 1E806A67FC218C01D64CAE4424B7B668
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
DataTables (JavaScript Libraries) Expand
Detected patterns
- dataTables.*\.js
Popper (Miscellaneous) Expand
Detected patterns
- <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wiki.auth-ns.esquelesquad.rip/dox/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ |
156 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red.css
wiki.auth-ns.esquelesquad.rip/assets/css/ |
1 KB 615 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
wiki.auth-ns.esquelesquad.rip/assets/css/ |
80 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vanilla-dataTables.min.css
cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.png
wiki.auth-ns.esquelesquad.rip/assets/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.png
wiki.auth-ns.esquelesquad.rip/assets/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ |
59 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vanilla-dataTables.min.js
cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datajs.js
wiki.auth-ns.esquelesquad.rip/assets/scripts/ |
416 B 425 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
wiki.auth-ns.esquelesquad.rip/assets/img/ |
3 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| Popper object| bootstrap function| DataTable undefined| dataTable1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.esquelesquad.rip/ | Name: __ddg1_ Value: HMPw8CXsxWq7stG13Z40 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
wiki.auth-ns.esquelesquad.rip
104.17.25.14
104.18.11.207
142.250.186.138
151.101.129.229
185.178.208.189
018f1e408e9e304da619c9a00d30879055a4499615e802fca2d4abfbe70f3c8d
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
355c787a523fb8de919ff626ec0ef82fb1a567275a6a2374530bd81f8f319503
390c3f64d68b7048458299045e63ebdf2bf05babed25db924ac80c9f775541b2
407322165bff1dd1214641b70e2c7580bc066e23d38285d112c163acc5e13c5c
54e45a0cb0fb522c4c3637e3fa2d6a7729bf8e9b2266d268cae0ca0583bf6d16
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
9cab7e76d6b56dc66221c585ae024f33189e1460d7bb2db322bc9ef03ca90906
9f712711e3c0947e8e0722993f98b3719a7e41d1495457752f7f88b067b109b2
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
e12cd5e04f8d124a30a7ba42f4baf1b2c246c2ad68d613700981f20fdc3737da
f246292596a4db97fe2c6aba651459b5a21afd3489d222074bcf88b1564c4477
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d