urlscan.io logo urlscan.io
SecurityTrails logo

guerrilla-tactical.com Open in urlscan Pro
162.159.135.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlbwfpbci7atoxo2k6ntc4o...
Effective URL: https://guerrilla-tactical.com/wp-admin/js/js/login/
Submission: On August 07 via automatic, source openphish — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 162.159.135.42, located in and belongs to CLOUDFLARENET, US. The main domain is guerrilla-tactical.com.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.
This is the only time guerrilla-tactical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.136.94.162 51167 (CONTABO)
2 2 2606:4700:7::... 13335 (CLOUDFLAR...)
1 4 162.159.135.42 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
5 3
Apex Domain
Subdomains		 Transfer
6 guerrilla-tactical.com
guerrilla-tactical.com
229 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
48 KB
1 contaboserver.net
vmi862917.contaboserver.net
762 B
5 3
Domain Requested by
6 guerrilla-tactical.com 3 redirects guerrilla-tactical.com
2 cdn.jsdelivr.net guerrilla-tactical.com
1 vmi862917.contaboserver.net 1 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
guerrilla-tactical.com
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://guerrilla-tactical.com/wp-admin/js/js/login/
Frame ID: 4C82D2AC493C6C47D988CC8F5B7B6092
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Spotify

Page URL History Show full URLs

  1. http://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlb... HTTP 307
    https://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlb... HTTP 302
    https://guerrilla-tactical.com/wp-admin/js/js HTTP 301
    https://guerrilla-tactical.com/wp-admin/js/js/ HTTP 302
    https://guerrilla-tactical.com/wp-admin/js/js/login HTTP 301
    https://guerrilla-tactical.com/wp-admin/js/js/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

489 kB
Transfer

772 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlbwfpbci7atoxo2k6ntc4o31zoju6imvtywlsijtpoju3odtzojq6inn0yxqio3m6mji6ijy2ywm4ymrmmdyxzta0mdmwmzuzmtuio3m6ndoibgvhzci7czo2oiizmjyznzcio3m6nzoiy2hhbm5lbci7ytoxontzoju6imvtywlsijtpoju3odt9fq== HTTP 307
    https://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlbwfpbci7atoxo2k6ntc4o31zoju6imvtywlsijtpoju3odtzojq6inn0yxqio3m6mji6ijy2ywm4ymrmmdyxzta0mdmwmzuzmtuio3m6ndoibgvhzci7czo2oiizmjyznzcio3m6nzoiy2hhbm5lbci7ytoxontzoju6imvtywlsijtpoju3odt9fq== HTTP 302
    https://guerrilla-tactical.com/wp-admin/js/js HTTP 301
    https://guerrilla-tactical.com/wp-admin/js/js/ HTTP 302
    https://guerrilla-tactical.com/wp-admin/js/js/login HTTP 301
    https://guerrilla-tactical.com/wp-admin/js/js/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
guerrilla-tactical.com/wp-admin/js/js/login/
Redirect Chain
  • http://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlbwfpbci7atoxo2k6ntc4o31zoju6imvtywlsijtpoju3odtzojq6inn0yxqio3m6mji6ijy2ywm4ymrmmdyxzta...
  • https://vmi862917.contaboserver.net/r/f38e7dde07df504301dec5cf6?ct=yto1ontzojy6innvdxjjzsi7ytoyontpoja7czo1oijlbwfpbci7atoxo2k6ntc4o31zoju6imvtywlsijtpoju3odtzojq6inn0yxqio3m6mji6ijy2ywm4ymrmmdyxzt...
  • https://guerrilla-tactical.com/wp-admin/js/js
  • https://guerrilla-tactical.com/wp-admin/js/js/
  • https://guerrilla-tactical.com/wp-admin/js/js/login
  • https://guerrilla-tactical.com/wp-admin/js/js/login/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://guerrilla-tactical.com/wp-admin/js/js/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd94f491aeaeeddcd2a1d86f833f347c3c2398f9afe1a631f4b46fea7c4fad8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af7f24bda9836a5-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 14:27:16 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=20.2.8;mv=3.1.0
ki-origin
g1p
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N9JR6LEdEQEzqmxJPnHP5JWAoVv96WMegdJx96L6ijX3or3tTDqFXAgD7hOik3Wtq2sNMCIYYqRslQTHMf97k5o2y3deqkifqwxbieem9QkOc2cMRbDHWxYC6T1m%2Ft6HRgmTY%2FoQICE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
BYPASS

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af7f24a096d36a5-YYZ
content-length
162
content-type
text/html
date
Wed, 07 Aug 2024 14:27:16 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=20.2.8;mv=3.1.0
ki-origin
g1p
location
https://guerrilla-tactical.com/wp-admin/js/js/login/
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FcGzVSsnlGMGYv0Y3WZBJbI0%2FmJocizGWgo%2B1z5gMutjqRJ6Wc1qY3IQfClXpNaRzZIUUKD%2BRvYttAjpN%2Bb9KSmZYaKA%2FWLQ7fbLjeBlzmjqcuk2kByfdq81XJ5LfdTdan0l%2B3LdDY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: guerrilla-tactical.com
URL: https://guerrilla-tactical.com/wp-admin/js/js/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://guerrilla-tactical.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Aug 2024 14:27:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
3143885
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-etou8220101-FRA, cache-yul1970048-YUL
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: guerrilla-tactical.com
URL: https://guerrilla-tactical.com/wp-admin/js/js/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://guerrilla-tactical.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Aug 2024 14:27:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
2188175
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22075
x-served-by
cache-fra-etou8220091-FRA, cache-yul1970048-YUL
x-jsd-version-type
version
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
guerrilla-tactical.com/wp-admin/js/js/js/ 		311 KB
223 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guerrilla-tactical.com/wp-admin/js/js/js/style.css
Requested by
Host: guerrilla-tactical.com
URL: https://guerrilla-tactical.com/wp-admin/js/js/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb596a0df8fb354829017f4d046eded0da4de9ca1cf24c4436805ce1056b2a22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guerrilla-tactical.com/wp-admin/js/js/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 14:27:16 GMT
content-encoding
br
ki-cache-tag
2f838078-dd92-431a-881c-3629cd2aadcc,19f96013740502aaa63ce5f428f3cbf45253f344c7ab8c6cc7b8b8d91649c688
cf-cache-status
HIT
ki-edge
v=20.2.8;mv=3.1.0
x-content-type-options
nosniff
age
8702
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 05 Aug 2023 09:20:30 GMT
server
cloudflare
etag
W/"64ce145e-4da92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVDDR%2Fm1SQJLM0r2Di55E0TAYHxu2YJzs1yd8DZhjuQXTz%2F9mubDh%2FV9pQpkzleA7%2Fbf1QHsUPLhZ5GxoMt5D7MRCYwRcJNwtgWsgIEYidfdOP4j%2BzoRrureMoVnQZtT13fri1D9gw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
8af7f24dec0436a5-YYZ
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6384070e855e2ec15caefb6334ab2c4b1b9e798ce2e369cc00f0d47a41138e0d

Request headers

Referer
Origin
https://guerrilla-tactical.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		353 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372cd0fe98167ffc57b624aed00ab6f53e89bd8cf5690867c1a786983ceec95b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d77456e48416e475066a580b2050cee4f86a3819556d0ddf90d81250f3af9de2

Request headers

Referer
Origin
https://guerrilla-tactical.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdf0e3938479eb6e108e7869436051b7072b9a18ecb98b3c6b49d1b29d8bc758

Request headers

Referer
Origin
https://guerrilla-tactical.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
favicon.ico
guerrilla-tactical.com/ 		548 B
646 B 		Other
General
Check archive.org
Download Go to
Full URL
https://guerrilla-tactical.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guerrilla-tactical.com/wp-admin/js/js/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 14:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
ki-edge
v=20.2.8;mv=3.1.0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7z8%2Fj9jYFq1fkUCQf277OPzL%2FkZg8Ujkpr2CAzqGLCdkdZyVkInFDLL71Xzo4zrKWbGEA1c%2BqKNAJWVxB%2FQGyuYOGDEuoEdzcSv%2BK3vuJtvxZ%2FAhNf5YK7szNtAeMqQn82ZVmCgPXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
ki-cache-type
CDN
cf-ray
8af7f24f6d0b36a5-YYZ
ki-cf-cache-status
MISS
x-edge-location-klb
1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap

4 Cookies

Domain/Path Name / Value
vmi862917.contaboserver.net/ Name: mautic_device_id
Value: 4qua2cdeusdyi5p7seiq1k3
vmi862917.contaboserver.net/ Name: mtc_id
Value: 341516
vmi862917.contaboserver.net/ Name: mtc_sid
Value: 4qua2cdeusdyi5p7seiq1k3
vmi862917.contaboserver.net/ Name: mautic_referer_id
Value: 635872

1 Console Messages

Source Level URL
Text
network error URL: https://guerrilla-tactical.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff