wiki.auth-ns.esquelesquad.rip
Open in
urlscan Pro
185.178.208.189
Public Scan
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 14 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time wiki.auth-ns.esquelesquad.rip was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 185.178.208.189 185.178.208.189 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bb1f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 142.250.186.164 142.250.186.164 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
15 | 7 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
wiki.auth-ns.esquelesquad.rip |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
esquelesquad.rip
wiki.auth-ns.esquelesquad.rip |
38 KB |
3 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
933 B |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103 |
41 KB |
1 |
gstatic.com
www.gstatic.com |
201 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
7 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
31 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
2 KB |
15 | 7 |
Domain | Requested by | |
---|---|---|
6 | wiki.auth-ns.esquelesquad.rip |
wiki.auth-ns.esquelesquad.rip
|
3 | www.google.com |
wiki.auth-ns.esquelesquad.rip
www.gstatic.com |
2 | maxcdn.bootstrapcdn.com |
wiki.auth-ns.esquelesquad.rip
|
1 | www.gstatic.com |
www.google.com
|
1 | cdnjs.cloudflare.com |
wiki.auth-ns.esquelesquad.rip
|
1 | ajax.googleapis.com |
wiki.auth-ns.esquelesquad.rip
|
1 | cdn.jsdelivr.net |
wiki.auth-ns.esquelesquad.rip
|
15 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wiki.auth-ns.esquelesquad.rip R3 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA |
2024-05-04 - 2025-05-04 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://wiki.auth-ns.esquelesquad.rip/dox/reportarDox.php?id=60&titulo=Cuentas%20de%20RupturYT%20By%20EsqueleSquad
Frame ID: 5DC1C8DD5FAEFCDFD673C7FAE3E5E78F
Requests: 13 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfq_KIUAAAAAO_Td6How7lOWdgp7AIUJhQ8PkrP&co=aHR0cHM6Ly93aWtpLmF1dGgtbnMuZXNxdWVsZXNxdWFkLnJpcDo0NDM.&hl=it&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=p5etxji2g47d
Frame ID: 0032CD7E25C6B0B2190309DCD740E41E
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=it&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lfq_KIUAAAAAO_Td6How7lOWdgp7AIUJhQ8PkrP
Frame ID: B17BE93652AD5F800D2EF4CC0EF20C2C
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
DataTables (JavaScript Libraries) Expand
Detected patterns
- dataTables.*\.js
Popper (Miscellaneous) Expand
Detected patterns
- <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
reCAPTCHA (Captchas) Expand
Detected patterns
- <div[^>]+class="g-recaptcha"
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
reportarDox.php
wiki.auth-ns.esquelesquad.rip/dox/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ |
156 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red.css
wiki.auth-ns.esquelesquad.rip/assets/css/ |
1 KB 645 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
wiki.auth-ns.esquelesquad.rip/assets/css/ |
80 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vanilla-dataTables.min.css
cdn.jsdelivr.net/npm/vanilla-datatables@latest/dist/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.png
wiki.auth-ns.esquelesquad.rip/assets/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.png
wiki.auth-ns.esquelesquad.rip/assets/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ |
59 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 933 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__it.js
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ |
504 KB 201 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 0032 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
wiki.auth-ns.esquelesquad.rip/assets/img/ |
3 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bframe
www.google.com/recaptcha/api2/ Frame B17B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| $ function| jQuery function| Popper object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_6490321 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.esquelesquad.rip/ | Name: __ddg1_ Value: CzQlWTFXGoqDdFFekc4P |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
wiki.auth-ns.esquelesquad.rip
www.google.com
www.gstatic.com
104.17.25.14
142.250.186.164
185.178.208.189
2606:4700::6812:acf
2606:4700::6812:bb1f
2a00:1450:4001:80f::200a
2a00:1450:4001:831::2003
015b45b63d6db315ed1badc4a64154661452e392b28e3df72a2de822c2399e04
141c30ab4626e5d2b73aeb6253d0c71f10f4c20a70ea6737f087df83ffbf6c4e
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
355c787a523fb8de919ff626ec0ef82fb1a567275a6a2374530bd81f8f319503
390c3f64d68b7048458299045e63ebdf2bf05babed25db924ac80c9f775541b2
407322165bff1dd1214641b70e2c7580bc066e23d38285d112c163acc5e13c5c
54e45a0cb0fb522c4c3637e3fa2d6a7729bf8e9b2266d268cae0ca0583bf6d16
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
9cab7e76d6b56dc66221c585ae024f33189e1460d7bb2db322bc9ef03ca90906
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
f246292596a4db97fe2c6aba651459b5a21afd3489d222074bcf88b1564c4477
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbd8e8e64fe184fa278152d347324f18c653d5b05101d56f5a5d4048353c9b36