urlscan.io logo urlscan.io
SecurityTrails logo

squadclient.fun Open in urlscan Pro
193.233.113.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://squadclient.fun/
Submission: On November 09 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 193.233.113.6, located in Russian Federation and belongs to PARTNER-HOSTING-LTD, GB. The main domain is squadclient.fun.
TLS certificate: Issued by R10 on November 9th 2024. Valid for: 3 months.
This is the only time squadclient.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 193.233.113.6 215826 (PARTNER-H...)
1 172.253.115.95 15169 (GOOGLE)
3 104.17.24.14 13335 (CLOUDFLAR...)
2 199.232.196.193 54113 (FASTLY)
1 64.233.180.147 15169 (GOOGLE)
1 172.253.62.136 15169 (GOOGLE)
1 172.253.63.94 15169 (GOOGLE)
2 64.233.180.94 15169 (GOOGLE)
3 64.233.180.104 15169 (GOOGLE)
19 9
5    193.233.113.6 (Russian Federation)

ASN215826 (PARTNER-HOSTING-LTD, GB)
squadclient.fun
1    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    199.232.196.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    64.233.180.147 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f147.1e100.net
www.google.com
1    172.253.62.136 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f136.1e100.net
www.youtube.com
1    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
2    64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net
fonts.gstatic.com
3    64.233.180.104 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f104.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
5 squadclient.fun
squadclient.fun
60 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
968 B
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
276 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
241 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8556
25 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
19 7
Domain Requested by
5 squadclient.fun squadclient.fun
4 www.google.com squadclient.fun
www.gstatic.com
3 cdnjs.cloudflare.com squadclient.fun
cdnjs.cloudflare.com
2 fonts.gstatic.com fonts.googleapis.com
2 i.imgur.com squadclient.fun
1 www.gstatic.com www.google.com
1 www.youtube.com squadclient.fun
1 fonts.googleapis.com squadclient.fun
19 8

This site contains links to these domains. Also see Links.

Domain
t.me
vk.com
www.youtube.com
funpay.com
Subject Issuer Validity Valid
squadclient.fun
R10		 2024-11-09 -
2025-02-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://squadclient.fun/
Frame ID: 8B36FFE04DFF19F0649CD790C13C0188
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XNIFieLPb1U?si=QDA3tPUbNbSITe9E
Frame ID: 278FD1BEF38A4B0830A5BF6AE121D8D0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHwXIqAAAAANWNzHNLbkxNWav8Dqik3Jy49-jx&co=aHR0cHM6Ly9zcXVhZGNsaWVudC5mdW46NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=9z0iqon5wgor
Frame ID: 5AC8680A5A5D9DB1E68E7BC22A7F40CA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHwXIqAAAAANWNzHNLbkxNWav8Dqik3Jy49-jx&co=aHR0cHM6Ly9zcXVhZGNsaWVudC5mdW46NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=yylcn9w0328s
Frame ID: CC889640C947CFD57DB276700CD84C65
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHwXIqAAAAANWNzHNLbkxNWav8Dqik3Jy49-jx&co=aHR0cHM6Ly9zcXVhZGNsaWVudC5mdW46NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=ya3d8fvadrfr
Frame ID: 030C0F16046850AED244FA0E26DDBAC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Squad » Главная страница

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

604 kB
Transfer

3753 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
squadclient.fun/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squadclient.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.233.113.6 , Russian Federation, ASN215826 (PARTNER-HOSTING-LTD, GB),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e79cfa88185658cf3152a09d4c42236f2c7690021475ccfde7e4cc8437f668de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Type
text/html;charset=UTF-8
Date
Sat, 09 Nov 2024 16:37:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
style.css
squadclient.fun/page/main/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://squadclient.fun/page/main/style.css
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.233.113.6 , Russian Federation, ASN215826 (PARTNER-HOSTING-LTD, GB),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f2949a2fd2b171bd8333742006b7061517be70fc69030fec04060bdad1c6ea13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22536
Date
Sat, 09 Nov 2024 16:37:02 GMT
Last-Modified
Sat, 09 Nov 2024 16:28:30 GMT
Content-Type
text/css
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx/1.18.0 (Ubuntu)
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;900&display=swap
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
2ddd088f35f6898d0544995485019d6873785d695e7f853e5f2131f28660af8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 16:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 16:37:02 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 09 Nov 2024 16:37:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"619c057b-3a02"
age
374797
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbcBXhsD9Ue9OHULYq89siYZJlfHEUwYDE6JSSC8z%2BCZQM%2FLwnO%2FGy4657yKpScOgF9Yhl4WHb0luo7wsS109c5SfccAeM8XmnDgtGySO52hREhMrxCbXtyG672UZqPm6p%2Beapfe"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 16:37:02 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 16:37:02 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dff399fabc5abe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14850
server
cloudflare
logoWhite.png
squadclient.fun/screen/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squadclient.fun/screen/logoWhite.png
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.233.113.6 , Russian Federation, ASN215826 (PARTNER-HOSTING-LTD, GB),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e2f7edaf92756c4905524d9d15318438e29efa0865f9ddcf49c517e571c3eec3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24897
Date
Sat, 09 Nov 2024 16:37:02 GMT
Last-Modified
Sat, 09 Nov 2024 16:28:30 GMT
Content-Type
image/png
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx/1.18.0 (Ubuntu)
Flying.png
squadclient.fun/screen/ 		2 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squadclient.fun/screen/Flying.png
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.233.113.6 , Russian Federation, ASN215826 (PARTNER-HOSTING-LTD, GB),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2084776
Date
Sat, 09 Nov 2024 16:37:02 GMT
Last-Modified
Sat, 09 Nov 2024 16:28:30 GMT
Content-Type
image/png
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx/1.18.0 (Ubuntu)
Bu5vKtR.png
i.imgur.com/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Bu5vKtR.png
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fb76856113cbea63a400abef52cdd8cbd8e3cd7ce5dea2467378cfcb38eeab82
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

etag
"4492207bf17dd8c181a869fb16f18b97"
age
164557
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, MISS
x-amz-cf-id
VxdXjVy8VtSaByZtVz-usl5vg1gsjdayue8KbmEB2Wn1eaTThZjAmg==
date
Sat, 09 Nov 2024 16:37:02 GMT
content-type
image/png
last-modified
Thu, 07 Nov 2024 18:54:26 GMT
x-cache-hits
4, 0
x-served-by
cache-iad-kcgs7200143-IAD, cache-yyz4526-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731170222.340301,VS0,VE20
accept-ranges
bytes
access-control-allow-origin
*
content-length
24998
x-amz-cf-pop
IAD61-P5
server
cat factory 1.0
x-amz-server-side-encryption
AES256
api.js
www.google.com/recaptcha/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f147.1e100.net
Software
ESF /
Resource Hash
b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 16:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 09 Nov 2024 16:37:02 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
script.js
squadclient.fun/page/main/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://squadclient.fun/page/main/script.js
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.233.113.6 , Russian Federation, ASN215826 (PARTNER-HOSTING-LTD, GB),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c5cc5b32b0d669449a22195fe4a13eca339ebf70a0f769d042e57040196d3d44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8674
Date
Sat, 09 Nov 2024 16:37:02 GMT
Last-Modified
Sat, 09 Nov 2024 16:28:30 GMT
Content-Type
text/javascript
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx/1.18.0 (Ubuntu)
XNIFieLPb1U
www.youtube.com/embed/ Frame 278F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/XNIFieLPb1U?si=QDA3tPUbNbSITe9E
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f136.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squadclient.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Nov 2024 16:37:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		546 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://squadclient.fun
Referer
https://squadclient.fun/

Response headers

content-encoding
gzip
age
47771
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 03:20:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 03:20:51 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220347
x-xss-protection
0
server
sffe
eQSjDY5.png
i.imgur.com/ 		1 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/eQSjDY5.png
Requested by
Host: squadclient.fun
URL: https://squadclient.fun/page/main/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://squadclient.fun/

Response headers

etag
"c00b083c3d1ca4cc191925f3141d7681"
age
2543
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, MISS
x-amz-cf-id
BiuVUJRItnuAwRmJKNhsUiiphlLcrRegQz6BoyZVEYAf_FzC_1027w==
date
Sat, 09 Nov 2024 16:37:02 GMT
content-type
image/png
last-modified
Sun, 27 Oct 2024 09:51:14 GMT
x-cache-hits
2, 0
x-served-by
cache-iad-kcgs7200094-IAD, cache-yyz4526-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731170222.340270,VS0,VE27
accept-ranges
bytes
access-control-allow-origin
*
content-length
1670536
x-amz-cf-pop
IAD12-P2
server
cat factory 1.0
x-amz-server-side-encryption
AES256
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://squadclient.fun
Referer
https://fonts.googleapis.com/

Response headers

age
249252
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 19:22:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 19:22:50 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://squadclient.fun
Referer
https://fonts.googleapis.com/

Response headers

age
229278
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 00:55:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 00:55:44 GMT
last-modified
Wed, 06 Nov 2024 17:30:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23836
x-xss-protection
0
server
sffe
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 		122 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://squadclient.fun
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-1e888"
age
161087
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Qmako2Vs9cJyOrHS76fsXgZ3HtbCpHhfWHHKWJPx6BuAycgO3tMoPOp7lqMrx5GEkHTPlUa7TvWrW8mWSfnrD13eHuEEFKYRrlIWSti6pFUf50myGPzyfYeutuiojGgsBSRkE2p"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 16:37:02 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 16:37:02 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dff39a21ee0711a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
125064
server
cloudflare
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://squadclient.fun
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-19af4"
age
159324
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLcFfX50WcqOZkJWH5JqW%2Boljdq50m9%2BV2fe3NP1XF%2FzWbTk48AwQScom7qHG%2Fin9JHuBOGxcRZ1uw2fvQATgp%2FdStVnoNeFNAVzi6qmTW9eUzJowXmiJ4svr5rxKuzbVDvt3FbB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 16:37:02 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 16:37:02 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dff39a22ee4711a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
105204
server
cloudflare
anchor
www.google.com/recaptcha/api2/ Frame 5AC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHwXIqAAAAANWNzHNLbkxNWav8Dqik3Jy49-jx&co=aHR0cHM6Ly9zcXVhZGNsaWVudC5mdW46NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=9z0iqon5wgor
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f104.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3fVygDdba8NWXf7zu72jEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squadclient.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3fVygDdba8NWXf7zu72jEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Nov 2024 16:37:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame CC88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHwXIqAAAAANWNzHNLbkxNWav8Dqik3Jy49-jx&co=aHR0cHM6Ly9zcXVhZGNsaWVudC5mdW46NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=yylcn9w0328s
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f104.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RgKwRVL4oRbf-nzrq4Exyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squadclient.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RgKwRVL4oRbf-nzrq4Exyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Nov 2024 16:37:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 030C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHwXIqAAAAANWNzHNLbkxNWav8Dqik3Jy49-jx&co=aHR0cHM6Ly9zcXVhZGNsaWVudC5mdW46NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=ya3d8fvadrfr
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f104.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4kewfAVuC1-GzAoOcApsaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squadclient.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4kewfAVuC1-GzAoOcApsaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Nov 2024 16:37:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| autoScroll function| openLoginModal function| closeLoginModal function| openRegisterModal function| closeRegisterModal function| openForgotPasswordModal function| closeForgotPasswordModal function| showNotification function| checkUsername function| validateForm function| showError function| onRecaptchaSuccess function| onRecaptchaExpired function| verifyRecaptcha object| recaptcha object| closure_lm_429168

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: vA9byWvVnNw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: MtF1fkk2KkI
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgHA%3D%3D

3 Console Messages

Source Level URL
Text
recommendation warning URL: https://squadclient.fun/
Message:
[DOM] Found 2 elements with non-unique id #email: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://squadclient.fun/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://squadclient.fun/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o