eslcs2.com Open in urlscan Pro
104.21.59.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eslcs2.com/cs2run/money
Effective URL:
https://eslcs2.com/cs2ron/money
Submission: On March 16 via api (March 16th 2024, 9:05:57 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 104.21.59.13, located in and belongs to CLOUDFLARENET, US. The main domain is eslcs2.com.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time eslcs2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.167.104 172.67.167.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	104.21.59.13 104.21.59.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	142.250.81.234 142.250.81.234	15169 (GOOGLE) (GOOGLE)
1	146.75.28.193 146.75.28.193	54113 (FASTLY) (FASTLY)
1	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
12	5

1 172.67.167.104 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eslcs2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.59.13 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eslcs2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	eslcs2.com 2 redirects eslcs2.com	48 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	49 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8280	534 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	1 KB
12	5

	Domain	Requested by
9	eslcs2.com	2 redirects eslcs2.com
2	cdn.jsdelivr.net	eslcs2.com
1	fonts.gstatic.com	fonts.googleapis.com
1	i.imgur.com	eslcs2.com
1	fonts.googleapis.com	eslcs2.com
12	5

This site contains no links.

Subject Issuer	Validity	Valid
eslcs2.com E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://eslcs2.com/cs2ron/money
Frame ID: 97E6A3C9592FB8AC7106361EB4A0E5A3
Requests: 7 HTTP requests in this frame

Frame: https://eslcs2.com/v07idado4ff/
Frame ID: 7474A494FD70EF926061F62FF2E6AE3D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CSGORUN - The best place to upgrade your skins CS:GO

Page URL History Show full URLs

http://eslcs2.com/cs2run/money HTTP 301
https://eslcs2.com/cs2run/money HTTP 302
https://eslcs2.com/cs2ron/money Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

649 kB
Transfer

759 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eslcs2.com/cs2run/money HTTP 301
https://eslcs2.com/cs2run/money HTTP 302
https://eslcs2.com/cs2ron/money Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request money Show response
eslcs2.com/cs2ron/
Redirect Chain

http://eslcs2.com/cs2run/money
https://eslcs2.com/cs2run/money
https://eslcs2.com/cs2ron/money

6 KB
3 KB

213ms
211ms

Document
text/html

104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/cs2ron/money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86d26b9e8dce8949bca25377f5c8fabb0ccd7aa387e12484414b1938aa95a0c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8657b40f3c4ed9cd-MIA
content-encoding: br
content-type: text/html
date: Sat, 16 Mar 2024 21:05:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ne900T4bdzTVnK%2F%2B1JXEkwjBt3o4NKQRVE9VhdCXBYzDryfFVinYfqoLdEB6%2BTvCOu4YFClQ1PjDV1kN64pRl6VOkTh1xsDwvR5SJ%2B2yT4zLOipVMFe%2Bsend5Qgv"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8657b405194ad9cd-MIA
content-length: 0
date: Sat, 16 Mar 2024 21:05:47 GMT
location: /cs2ron/money
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxaQDBw5%2B7gx0kNifrQgDX7OVrvhHE5FnFKNcDTjPD02pDNaaIwAG0jV%2Fzl0HnaATaR%2FWogyj%2Brf3c4y0Ynlktc%2FZWi0IKlV1KTS18n9D0r%2BnqPwaBZayna4iIkh"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react@18.2.0/umd/ 10 KB
5 KB 142ms
39ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

Requested by

Host: eslcs2.com
URL: https://eslcs2.com/cs2ron/money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eslcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Mar 2024 21:05:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 312711
x-jsd-version: 18.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4465
x-served-by: cache-fra-eddf8230087-FRA, cache-mia-kmia1760077-MIA
x-jsd-version-type: version
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ 129 KB
44 KB 142ms
40ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: eslcs2.com
URL: https://eslcs2.com/cs2ron/money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eslcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Mar 2024 21:05:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4555470
x-jsd-version: 18.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44592
x-served-by: cache-fra-etou8220058-FRA, cache-mia-kmia1760077-MIA
x-jsd-version-type: version
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 s7syk5ypj4c.min.js Show response
eslcs2.com/assets/2vjcndpuyug/ 20 KB
10 KB 1405ms
1403ms Script
application/javascript 104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/assets/2vjcndpuyug/s7syk5ypj4c.min.js
Requested by: Host: eslcs2.com
URL: https://eslcs2.com/cs2ron/money
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a77482bca440dee08a2ae61541f7a11f81435e7190e762c3cd76f7c70f6d287

Request headers

Referer: https://eslcs2.com/cs2ron/money
Origin: https://eslcs2.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 21:05:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 21:00:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f6085a-4fbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekXe83CzgVYuNq9rWb9cNyEBxl1ADWARQopjWwSFZkXfJ%2FyDA4ezyyG0%2ByKczCvQ6PBKvSsbvq61sAEFXvllhAGa3dZ0FjmZSUYf709j5jYWyhJWCxTq3ONtUdBR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8657b410b93a0a12-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ff31c7d03pwntfkl3vc.css
eslcs2.com/assets/tu955nsrxrm/ 5 KB
2 KB 1379ms
1377ms Stylesheet
text/css 104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/assets/tu955nsrxrm/ff31c7d03pwntfkl3vc.css
Requested by: Host: eslcs2.com
URL: https://eslcs2.com/cs2ron/money
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff31c7d0d5c4b393e199dc1e06cb7525020b299cf35260e157e5e5f291818dca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eslcs2.com/cs2ron/money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 21:05:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 21:00:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f6085a-1389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpPMwmL8l1t7MEsTgeUQ5n0PokMx8Vwf95MbR6f6XRvA1DGqNXE3qzpFI7I4wRgSdXxzmh7nbWgCp%2Btp7CSmySj9eRIU653dVFPSCJuDupplijkIWu%2F%2ByMdmHBjj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8657b410b93d0a12-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 200 / Show response
eslcs2.com/v07idado4ff/ Frame 7474 6 KB
2 KB 382ms
380ms Document
text/html 104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/v07idado4ff/
Requested by: Host: eslcs2.com
URL: https://eslcs2.com/cs2ron/money
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e0ef9e400abda8c7543c69403be26bf9e1d254420601db73eb794205b8ddb5

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://eslcs2.com
Referer: https://eslcs2.com/cs2ron/money
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8657b4197bcf0a12-MIA
content-encoding: br
content-type: text/html
date: Sat, 16 Mar 2024 21:05:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgnWtkQDMAlDH5WpQOUREby0FVkFFzc9RLM8reCTBst5aNtLstB9hnDvqmlgatX%2B7RdUOZYRV70f6o9fFL8v%2BAy7HLSAe1zyhaRHK0gOBHTBiIkZ6ZmM6SPJW2po"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 / Show response
eslcs2.com/api/getsiteconfig/ 684 B
856 B 374ms
371ms Fetch
application/json 104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/api/getsiteconfig/
Requested by: Host: eslcs2.com
URL: https://eslcs2.com/assets/2vjcndpuyug/s7syk5ypj4c.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f3953271fa61b50be981c53b2b2d6a32b801cfd841a78155315f95e10a89e3d

Request headers

Referer: https://eslcs2.com/cs2ron/money
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sat, 16 Mar 2024 21:05:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B05QiUnUnBGzfo7r9bLr6cLO0ou9%2Ffeq8Hr99qfL%2FC3QUCskCZ9VHiRyDxBWvlQk4LJWSZELHzXJnZkU5cA2eemX3znoz%2BJ77adjUzA23Xs%2BQTluzT58UXCuwIi8"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 8657b4198bfb0a12-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fcff43013pwntfkl3vc.woff2
eslcs2.com/assets/tu955nsrxrm/ 28 KB
29 KB 1563ms
1561ms Font
font/woff2 104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/assets/tu955nsrxrm/fcff43013pwntfkl3vc.woff2
Requested by: Host: eslcs2.com
URL: https://eslcs2.com/assets/tu955nsrxrm/ff31c7d03pwntfkl3vc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcff4301dc083af2be2b990bb6485e9e06ce9d2b373a7acf8a74f61ea69d861a

Request headers

Referer: https://eslcs2.com/assets/tu955nsrxrm/ff31c7d03pwntfkl3vc.css
Origin: https://eslcs2.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 21:05:50 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 21:00:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f6085a-71b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRTQEObyA8sg5wUP9Mu%2BGFCPGs8p4FPFuXZU3nrb9xMwIqkoOl0VQkynkwyhJmqDVQzoyn6ki5pxkXOOp0DrS5c6JtV6feRVJIlOWs2MZkzpZmVETaXHPNk5DPq2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8657b4199c100a12-MIA
alt-svc: h3=":443"; ma=86400
content-length: 29104

GET
H2 200 css2
fonts.googleapis.com/ Frame 7474 3 KB
1 KB 438ms
80ms Stylesheet
text/css 142.250.81.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@500&display=swap

Requested by

Host: eslcs2.com
URL: https://eslcs2.com/v07idado4ff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f10.1e100.net

Software

ESF /

Resource Hash

333acd9fe79a809d3368700452c602d45e3d80ea2ed8e385b8c4c9b78b75f317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eslcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Mar 2024 21:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 20:18:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Mar 2024 21:05:49 GMT

GET
H3 404 __API_PATH__
eslcs2.com/v07idado4ff/ Frame 7474 0
0 240ms
209ms Script
text/html 104.21.59.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eslcs2.com/v07idado4ff/__API_PATH__
Requested by: Host: eslcs2.com
URL: https://eslcs2.com/v07idado4ff/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eslcs2.com/v07idado4ff/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 21:05:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGCouqyVqEsxVCuJ%2F3ODAGt2e0G8BCgojcbVxrFVu78XOXjKdwC1oQ%2FuCx4VEIIsWjzK%2FiCYRPdT7pbNMMUNhpPQ7ApxX%2Fe%2FYkRB95bDGuk6VOyqnN1ydbFzKtKq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8657b41c38680a12-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 DeX6G8Z.png
i.imgur.com/ Frame 7474 533 KB
534 KB 191ms
65ms Image
image/png 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/DeX6G8Z.png

Requested by

Host: eslcs2.com
URL: https://eslcs2.com/ajaoxozx1s/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8e8af2612f11598f0abd7c2e24a63d98d05b7fb1fe5d0e532b5858960e3f6f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eslcs2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 21:05:50 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 352512
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 545601
x-served-by: cache-iad-kiad7000022-IAD
last-modified: Sun, 18 Jul 2021 09:07:24 GMT
server: cat factory 1.0
x-timer: S1710623150.021376,VS0,VE5
etag: "4b3942abc503aa22e1f2a13754e0a6b1"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SD372Igj7XyvBWw20sjLgASIza-OC-bqgVCMi2TFeS8HOqipGolxSg==
x-cache-hits: 1

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2
fonts.gstatic.com/s/rubik/v28/ Frame 7474 19 KB
19 KB 192ms
60ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

7f9ea3a91849752f729cf003b4839b162db15e3bcb57a4dd8fb2533fab377aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eslcs2.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:55:13 GMT
x-content-type-options: nosniff
age: 259837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19140
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 20:55:13 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			eslcs2.com/cs2ron	1969-12-31 23:59:59	Name: hash Value: 6p9
			eslcs2.com/	1969-12-31 23:59:59	Name: token Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rX2lkIjozNTc3MzMsImlhdCI6MTcxMDYyMzE0NywiZXhwIjoxNzEwNjI2NzQ3fQ.HaPBCqAIMXadMhsFljmuleT7bwoQA1X7jsbAYJWUA24

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eslcs2.com/v07idado4ff/__API_PATH__ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
eslcs2.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
104.21.59.13
142.250.81.234
142.251.41.3
146.75.28.193
151.101.193.229
172.67.167.104
1a77482bca440dee08a2ae61541f7a11f81435e7190e762c3cd76f7c70f6d287
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
2f3953271fa61b50be981c53b2b2d6a32b801cfd841a78155315f95e10a89e3d
333acd9fe79a809d3368700452c602d45e3d80ea2ed8e385b8c4c9b78b75f317
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
7f9ea3a91849752f729cf003b4839b162db15e3bcb57a4dd8fb2533fab377aad
86d26b9e8dce8949bca25377f5c8fabb0ccd7aa387e12484414b1938aa95a0c9
8e8af2612f11598f0abd7c2e24a63d98d05b7fb1fe5d0e532b5858960e3f6f8d
d6e0ef9e400abda8c7543c69403be26bf9e1d254420601db73eb794205b8ddb5
fcff4301dc083af2be2b990bb6485e9e06ce9d2b373a7acf8a74f61ea69d861a
ff31c7d0d5c4b393e199dc1e06cb7525020b299cf35260e157e5e5f291818dca

eslcs2.com Open in urlscan Pro 104.21.59.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

649 kBTransfer

759 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

eslcs2.com Open in urlscan Pro
104.21.59.13 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

649 kB
Transfer

759 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions