f-squad.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 202.226.39.180, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is f-squad.com.
TLS certificate: Issued by CloudSecure RSA Domain Validation Sec... on May 6th 2024. Valid for: a year.

This is the only time f-squad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.148.46.72 63.148.46.72	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 1	44.216.84.149 44.216.84.149	14618 (AMAZON-AES) (AMAZON-AES)
2	202.226.39.180 202.226.39.180	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	141.161.99.110 141.161.99.110	11318 (GU) (GU)
4	3

1 63.148.46.72 (Royalton, United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com

l.em.disneyemailexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.216.84.149 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-84-149.compute-1.amazonaws.com

em.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.226.39.180 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv340.xserver.jp

f-squad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.161.99.110 (Washington, United States)

ASN11318 (GU, US)
PTR: shibb-idp.georgetown.edu

shibb-idp.georgetown.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	georgetown.edu shibb-idp.georgetown.edu — Cisco Umbrella Rank: 660081	21 KB
2	f-squad.com f-squad.com	2 KB
1	yotpo.com 1 redirects em.yotpo.com — Cisco Umbrella Rank: 287520	266 B
1	disneyemailexpress.com 1 redirects l.em.disneyemailexpress.com	1 KB
4	4

	Domain	Requested by
2	shibb-idp.georgetown.edu	f-squad.com
2	f-squad.com
1	em.yotpo.com	1 redirects
1	l.em.disneyemailexpress.com	1 redirects
4	4

This site contains links to these domains. Also see Links.

Domain
password.georgetown.edu

Subject Issuer	Validity	Valid
www.f-squad.com CloudSecure RSA Domain Validation Secure Server CA 2	`2024-05-06` - `2025-06-06`	a year	crt.sh
shibb-idp.georgetown.edu InCommon RSA Server CA 2	`2023-12-11` - `2024-12-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://f-squad.com/georgetown/g*u/
Frame ID: D897F8DB0B012C9B8C4EB1D4F2D185F3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Single Signon - Georgetown University

Page URL History Show full URLs

http://l.em.disneyemailexpress.com/rts/go2.aspx?h=5094&tp=i-H43-EX-De-7Pd-1n-eZfN-1c-7Oo-SkDsQ&x=em.yotpo.com/l... HTTP 307
https://l.em.disneyemailexpress.com/rts/go2.aspx?h=5094&tp=i-H43-EX-De-7Pd-1n-eZfN-1c-7Oo-SkDsQ&x=em.yotpo.com/l... HTTP 302
http://em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MV... HTTP 307
https://em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MV... HTTP 302
https://f-squad.com/georgetown/g*u/ Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

24 kB
Transfer

26 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://password.georgetown.edu/
Title: Forgot Password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.em.disneyemailexpress.com/rts/go2.aspx?h=5094&tp=i-H43-EX-De-7Pd-1n-eZfN-1c-7Oo-SkDsQ&x=em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPEYgq_XEg8Xf5jRnq2HD6h-2BIWGqDH25nGVR1M5r2jp-2FvbFkgROu09Nh7B4okVl2J-2BC0IHTocGCCL9A6IN4KF94Ze7oqhOR30RwWiyyxEDoeL-2B5EvIBdiJeqAqB-2BeiSPKO7PGIGzrqCUT8b01ky7qwUqBPnOORx5M1DbGiy0CQRMd93hzxRGapA2mgGUoUgyVg88M5fAB7Z5tgPkbw-2FL9Snr9cGbDk8hbpPZNj0zt39M-2BJb9e-2BXYtGJDhirsYk6vwmjd2GVpDiG8Z8O3-2BlkRpYt3tOHDKicD8pjeVvFK-2FD1yzzL29YhLkYl0F4CjCN-2FO7IVSQuueFeYrkUlKql976HVHx8bFdsQQn-2BcpF7Y-2F6Z0mPK1kgE22XJG5EgYlR-2Fg6-2F5DIjjbJN-2BDPITKjJ-2FiDc582w0wSaruvL0WG-2BsNCjXPgkTgwlc2oB4yMrfbN5LHwvuHOw1wyv9dHC0NGIfyZwwl2hBjeVQwVVGlFVIf6zKC3FnX33DIuFKWbVEuEIRpOmr0gKRPj0a-2BB7IJW2zZBfB0Uub1gKVqE2nsr1ZbIWZiOClxafVjJENQQu7CgAHu2Ur5rFe6WLtHgt4bW6BcJXkXxhpjX23u0Y7E1D8nJzk5LBtz77E-3D HTTP 307
https://l.em.disneyemailexpress.com/rts/go2.aspx?h=5094&tp=i-H43-EX-De-7Pd-1n-eZfN-1c-7Oo-SkDsQ&x=em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPEYgq_XEg8Xf5jRnq2HD6h-2BIWGqDH25nGVR1M5r2jp-2FvbFkgROu09Nh7B4okVl2J-2BC0IHTocGCCL9A6IN4KF94Ze7oqhOR30RwWiyyxEDoeL-2B5EvIBdiJeqAqB-2BeiSPKO7PGIGzrqCUT8b01ky7qwUqBPnOORx5M1DbGiy0CQRMd93hzxRGapA2mgGUoUgyVg88M5fAB7Z5tgPkbw-2FL9Snr9cGbDk8hbpPZNj0zt39M-2BJb9e-2BXYtGJDhirsYk6vwmjd2GVpDiG8Z8O3-2BlkRpYt3tOHDKicD8pjeVvFK-2FD1yzzL29YhLkYl0F4CjCN-2FO7IVSQuueFeYrkUlKql976HVHx8bFdsQQn-2BcpF7Y-2F6Z0mPK1kgE22XJG5EgYlR-2Fg6-2F5DIjjbJN-2BDPITKjJ-2FiDc582w0wSaruvL0WG-2BsNCjXPgkTgwlc2oB4yMrfbN5LHwvuHOw1wyv9dHC0NGIfyZwwl2hBjeVQwVVGlFVIf6zKC3FnX33DIuFKWbVEuEIRpOmr0gKRPj0a-2BB7IJW2zZBfB0Uub1gKVqE2nsr1ZbIWZiOClxafVjJENQQu7CgAHu2Ur5rFe6WLtHgt4bW6BcJXkXxhpjX23u0Y7E1D8nJzk5LBtz77E-3D HTTP 302
http://em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPEYgq_XEg8Xf5jRnq2HD6h-2BIWGqDH25nGVR1M5r2jp-2FvbFkgROu09Nh7B4okVl2J-2BC0IHTocGCCL9A6IN4KF94Ze7oqhOR30RwWiyyxEDoeL-2B5EvIBdiJeqAqB-2BeiSPKO7PGIGzrqCUT8b01ky7qwUqBPnOORx5M1DbGiy0CQRMd93hzxRGapA2mgGUoUgyVg88M5fAB7Z5tgPkbw-2FL9Snr9cGbDk8hbpPZNj0zt39M-2BJb9e-2BXYtGJDhirsYk6vwmjd2GVpDiG8Z8O3-2BlkRpYt3tOHDKicD8pjeVvFK-2FD1yzzL29YhLkYl0F4CjCN-2FO7IVSQuueFeYrkUlKql976HVHx8bFdsQQn-2BcpF7Y-2F6Z0mPK1kgE22XJG5EgYlR-2Fg6-2F5DIjjbJN-2BDPITKjJ-2FiDc582w0wSaruvL0WG-2BsNCjXPgkTgwlc2oB4yMrfbN5LHwvuHOw1wyv9dHC0NGIfyZwwl2hBjeVQwVVGlFVIf6zKC3FnX33DIuFKWbVEuEIRpOmr0gKRPj0a-2BB7IJW2zZBfB0Uub1gKVqE2nsr1ZbIWZiOClxafVjJENQQu7CgAHu2Ur5rFe6WLtHgt4bW6BcJXkXxhpjX23u0Y7E1D8nJzk5LBtz77E-3D HTTP 307
https://em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPEYgq_XEg8Xf5jRnq2HD6h-2BIWGqDH25nGVR1M5r2jp-2FvbFkgROu09Nh7B4okVl2J-2BC0IHTocGCCL9A6IN4KF94Ze7oqhOR30RwWiyyxEDoeL-2B5EvIBdiJeqAqB-2BeiSPKO7PGIGzrqCUT8b01ky7qwUqBPnOORx5M1DbGiy0CQRMd93hzxRGapA2mgGUoUgyVg88M5fAB7Z5tgPkbw-2FL9Snr9cGbDk8hbpPZNj0zt39M-2BJb9e-2BXYtGJDhirsYk6vwmjd2GVpDiG8Z8O3-2BlkRpYt3tOHDKicD8pjeVvFK-2FD1yzzL29YhLkYl0F4CjCN-2FO7IVSQuueFeYrkUlKql976HVHx8bFdsQQn-2BcpF7Y-2F6Z0mPK1kgE22XJG5EgYlR-2Fg6-2F5DIjjbJN-2BDPITKjJ-2FiDc582w0wSaruvL0WG-2BsNCjXPgkTgwlc2oB4yMrfbN5LHwvuHOw1wyv9dHC0NGIfyZwwl2hBjeVQwVVGlFVIf6zKC3FnX33DIuFKWbVEuEIRpOmr0gKRPj0a-2BB7IJW2zZBfB0Uub1gKVqE2nsr1ZbIWZiOClxafVjJENQQu7CgAHu2Ur5rFe6WLtHgt4bW6BcJXkXxhpjX23u0Y7E1D8nJzk5LBtz77E-3D HTTP 302
https://f-squad.com/georgetown/g*u/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response f-squad.com/georgetown/gu/ Redirect Chain* http://l.em.disneyemailexpress.com/rts/go2.aspx?h=5094&tp=i-H43-EX-De-7Pd-1n-eZfN-1c-7Oo-SkDsQ&x=em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPE... https://l.em.disneyemailexpress.com/rts/go2.aspx?h=5094&tp=i-H43-EX-De-7Pd-1n-eZfN-1c-7Oo-SkDsQ&x=em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJP... http://em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPEYgq_XEg8Xf5jRnq2HD6h-2BIWGqDH25nGVR1M5r2jp-2FvbFkgROu09Nh7B4okVl2J-2BC0IHTocGCCL9A6IN4KF94... https://em.yotpo.com/ls/click?upn=u001.-2FemWfc87t0MOUEjl1SkAErvq0axVd6-2Fw4epPR000WzzmLH8WhaF9MVKrjR8yIoJPEYgq_XEg8Xf5jRnq2HD6h-2BIWGqDH25nGVR1M5r2jp-2FvbFkgROu09Nh7B4okVl2J-2BC0IHTocGCCL9A6IN4KF9... *https://f-squad.com/georgetown/gu/**	3 KB 1 KB	1837ms 317ms	Document text/html	202.226.39.180 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://f-squad.com/georgetown/gu/ Protocol* H2 Security TLS 1.3, , AES_256_GCM Server 202.226.39.180 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv340.xserver.jp Software nginx / Resource Hash `9622b18d872688571a62e2944169a494b7aede11d50d07d71730f1edad4d1285` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers content-encoding br content-type text/html date Tue, 14 May 2024 17:08:54 GMT etag W/"a3a-6095550fea600" last-modified Sat, 04 Nov 2023 15:31:36 GMT server nginx vary Accept-Encoding Redirect headers content-length 58 content-type text/html; charset=utf-8 correlation-id 6254b23e-6d96-45ed-bf7b-6a52473e40ed date Tue, 14 May 2024 17:08:52 GMT location https://f-squad.com/georgetown/gu/ ratelimit-limit* 5000 ratelimit-remaining 4999 ratelimit-reset 8 server nginx x-ratelimit-limit-minute 5000 x-ratelimit-remaining-minute 4999 x-robots-tag noindex, nofollow
GET H/1.1	200	main.css shibb-idp.georgetown.edu/idp/css/	8 KB 9 KB	1010ms 279ms	Stylesheet text/css	141.161.99.110 GU
General Check archive.org Show headers Download Go to Full URL https://shibb-idp.georgetown.edu/idp/css/main.css Requested by Host: f-squad.com URL: https://f-squad.com/georgetown/gu/ Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 141.161.99.110 Washington, United States, ASN11318 (GU, US), Reverse DNS shibb-idp.georgetown.edu Software / Resource Hash `97acee86b25e8b41ed0079f38fcc7360765b6b1ac545d1cb9155ebee73dc7879` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://f-squad.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 14 May 2024 17:08:55 GMT Last-Modified Mon, 18 Jan 2021 18:40:24 GMT ETag W/"8661-1610995224000" Content-Type text/css;charset=UTF-8 Cache-Control private Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 8661
GET H/1.1	200	login-screen-header.png shibb-idp.georgetown.edu/idp/images/	12 KB 12 KB	1052ms 299ms	Image image/png	141.161.99.110 GU
General Check archive.org Show headers Download Go to Show image Full URL https://shibb-idp.georgetown.edu/idp/images/login-screen-header.png Requested by Host: f-squad.com URL: https://f-squad.com/georgetown/gu/ Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 141.161.99.110 Washington, United States, ASN11318 (GU, US), Reverse DNS shibb-idp.georgetown.edu Software / Resource Hash `d92dfa0476c608b9e60eda0881a1f8c9b1013a8e9b353b7e8ac4e5a36f4a8370` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://f-squad.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 14 May 2024 17:08:55 GMT Last-Modified Wed, 18 Apr 2018 10:02:58 GMT ETag W/"11821-1524045778000" Content-Type image/png;charset=UTF-8 Cache-Control private Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 11821
GET DATA	200 OK	truncated /	592 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b8f8bc4a350555ab15fbf6f6125bca2d5b340c4459d23d460595ac0d217c931f` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	404	favicon.ico f-squad.com/	3 KB 1 KB	318ms 318ms	Other text/html	202.226.39.180 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://f-squad.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 202.226.39.180 , Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv340.xserver.jp Software nginx / Resource Hash `d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://f-squad.com/georgetown/gu/ Accept-Language* de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 17:08:55 GMT content-encoding br last-modified Thu, 06 Sep 2018 03:57:48 GMT server nginx etag W/"afe-5752be4e992d4" vary Accept-Encoding content-type text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			l.em.disneyemailexpress.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uwlt03euhz4vta0fclbk1drx

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://f-squad.com/georgetown/gu/ Message*: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://f-squad.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

em.yotpo.com
f-squad.com
l.em.disneyemailexpress.com
shibb-idp.georgetown.edu
141.161.99.110
202.226.39.180
44.216.84.149
63.148.46.72
9622b18d872688571a62e2944169a494b7aede11d50d07d71730f1edad4d1285
97acee86b25e8b41ed0079f38fcc7360765b6b1ac545d1cb9155ebee73dc7879
b8f8bc4a350555ab15fbf6f6125bca2d5b340c4459d23d460595ac0d217c931f
d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f
d92dfa0476c608b9e60eda0881a1f8c9b1013a8e9b353b7e8ac4e5a36f4a8370

f-squad.com Open in urlscan Pro 202.226.39.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

24 kBTransfer

26 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

f-squad.com Open in urlscan Pro
202.226.39.180 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

24 kB
Transfer

26 kB
Size

1
Cookies

4 HTTP transactions
1 data transactions