URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a47...
Submission: On November 17 via manual from AU — Scanned from AU

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 172.67.172.23, located in United States and belongs to CLOUDFLARENET, US. The main domain is fssquad.com.
TLS certificate: Issued by WE1 on October 13th 2024. Valid for: 3 months.
This is the only time fssquad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 172.67.172.23 13335 (CLOUDFLAR...)
3 173.234.13.25 59253 (LEASEWEB-...)
1 3 173.234.13.21 59253 (LEASEWEB-...)
1 1 64.120.110.166 59253 (LEASEWEB-...)
30 3
Apex Domain
Subdomains
Transfer
26 fssquad.com
fssquad.com
989 KB
6 isolatedovercomepasted.com
isolatedovercomepasted.com — Cisco Umbrella Rank: 26814
60 KB
1 coosync.com
coosync.com — Cisco Umbrella Rank: 24550
501 B
30 3
Domain Requested by
26 fssquad.com 1 redirects fssquad.com
6 isolatedovercomepasted.com 1 redirects fssquad.com
isolatedovercomepasted.com
1 coosync.com 1 redirects
30 3

This site contains links to these domains. Also see Links.

Domain
pifod.com
Subject Issuer Validity Valid
fssquad.com
WE1
2024-10-13 -
2025-01-11
3 months crt.sh

Buypass Class 2 CA 5
2024-09-20 -
2025-03-18
6 months crt.sh

This page contains 4 frames:

Primary Page: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Frame ID: 8092CCA513088CAED1A8B157B0A4D540
Requests: 26 HTTP requests in this frame

Frame: https://fssquad.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 1513E2FF73ABD1700618DFAEF332EDFE
Requests: 2 HTTP requests in this frame

Frame: https://isolatedovercomepasted.com/check.html
Frame ID: D6F712DA8B74B34224AC863D2C862287
Requests: 1 HTTP requests in this frame

Frame: https://isolatedovercomepasted.com/sn/ps/1979447?im=1&puid=0&so=1&wcks=1
Frame ID: CD17468F8C0CA0B729F14739C1F267DE
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Goto link confirmation | FSSQUAD

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1048 kB
Transfer

2172 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://fssquad.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://fssquad.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 28
  • https://isolatedovercomepasted.com/sn/pr/1979447?zoneid=1979447&jp=_cl02j374g3zrj04dzrk52i&nojs=0&abvar=0&febuild=1.0.392&t=0&wcks=1&wgl=1&cnvs=1&os=-480&tz=Australia/Perth&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=w_mwZpRhUhH4&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-AU&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=kEdaTeOaHR0cHM6Ly9mc3NxdWFkLmNvbS9nb3RvL2xpbmstY29uZmlybWF0aW9uP3VybD1hSFIwY0hNNkx5OXNhVzVyTFhSaGNtZGxkQzV1WlhRdk5qY3pOekk1TDI5dWJIbHRaV2RoYkdWaGEzTXgmcz02ODBhNDcwNjU1NmVjYjk3NjRmYzYxMGI1Y2UyM2VmYw&afid=5742998584568832&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&uf=0 HTTP 302
  • https://coosync.com/sn/c?zoneid=1979447&srp=oUHqfZDG3F_zHPVB9G9l9wJSvF2Tq9S-PPOWuGl2lGcT39D44wQCw45of3nN8fFroKUWF2KQTOJBwCmDLoCFUQbq1_G5UgDgxa17JuagZvu4JI1s2Vv--tS91vdM&im=1&wcks=1 HTTP 302
  • https://isolatedovercomepasted.com/sn/ps/1979447?im=1&puid=0&so=1&wcks=1

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request link-confirmation
fssquad.com/goto/
52 KB
19 KB
Document
General
Full URL
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0e062bc868ecc8889c9abb50b75b909676a1c5d605334ffa2043f4c64b217b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://redirect-finance.leakscorp.com
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e40d2b70f4a87b5-PER
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 15:41:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Sun, 17 Nov 2024 15:53:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yqI6glbQ565yYbCTbDU39kph%2FThcPEIAlqClwPCw7wOy14vg5I%2F26wOOonWU4N3woMLAwlQN6Iwymf%2FciDRq%2B3JNSBJEVEuLsIM9pZUc%2F2rKczlZLMRUTJhAC%2BFrrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=47562&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4208&recv_bytes=4577&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=341&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PleskLin
css.php
fssquad.com/
311 KB
60 KB
Stylesheet
General
Full URL
https://fssquad.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=145&l=1&d=1731077889&k=b28d96a6ba8ce1cee94e59ee7a765490f9d17cd4
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
502ca01d23023344e064f94b2b3b11d5467655edf6c62543787a89eb3d2e3a9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUWHWWhNw14XCjULNMQ9CiZqk4NeHyr3lAiOQsmbxElda25QtCtjGgXXejHDOMynsFeV7qnWpJPc61x4dlU1Hs8axKNqQRgNv1XR86tUzwEgqr0oDyKI3J9BxE18ew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 17 Nov 2025 15:53:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47944&sent=335&recv=72&lost=0&retrans=0&sent_bytes=382231&recv_bytes=10384&delivery_rate=2034960&cwnd=192000&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=637&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 08 Nov 2024 14:58:09 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788487b5-PER
content-length
60857
x-powered-by
PleskLin
server
cloudflare
materialdesignicons-webfont.woff2
fssquad.com/styles/acui/fonts/icons/material-icons/fonts/
312 KB
313 KB
Font
General
Full URL
https://fssquad.com/styles/acui/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=6.9.96
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://fssquad.com
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

cf-cache-status
HIT
etag
"630d1409-4e1f0"
age
1774
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxf8nb%2FkSSYX1OVrVnNhftD7cHG86a5onZalW5Nk5fC69HwQ7U2i%2FE0KdncwNgGevs%2Fo%2FjXMyYEFQKCj63wYZ5YeISU4J6wWImy0XJLKn1G0dhgzwVbgKHBuDvqLtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47726&sent=49&recv=25&lost=0&retrans=0&sent_bytes=43831&recv_bytes=8310&delivery_rate=224274&cwnd=22800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=456&x=1", cfHdrFlush;dur=34
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
font/woff2
last-modified
Mon, 29 Aug 2022 19:31:21 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788687b5-PER
accept-ranges
bytes
content-length
319984
x-powered-by
PleskLin
server
cloudflare
materialdesignicons.min.css
fssquad.com/styles/acui/fonts/icons/material-icons/css/
263 KB
48 KB
Stylesheet
General
Full URL
https://fssquad.com/styles/acui/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1726858656
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1409-41c3a"
age
1774
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0P%2BwglwutAnethC14nXqHffI4gqbQipkkDap4F8R5TSrPxQcM%2BtS0jkFO1sxbj%2Bny9G%2FgglpXwj6GgIG0ybDqYHLleX4CSPDRV4%2FtvyDUmPPaEvf1wF5zyFWNg925A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47726&sent=42&recv=25&lost=0&retrans=0&sent_bytes=35728&recv_bytes=8310&delivery_rate=224274&cwnd=22800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=455&x=1", cfHdrFlush;dur=47
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
text/css
last-modified
Mon, 29 Aug 2022 19:31:21 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788787b5-PER
x-powered-by
PleskLin
server
cloudflare
css.php
fssquad.com/
77 KB
18 KB
Stylesheet
General
Full URL
https://fssquad.com/css.php?css=public%3Aac_app.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=145&l=1&d=1731077889&k=efe3513792b5ffa82f165f9035e0604004ade335
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
cc526c8a9902f3d440d2dd7e6811fc6bc0d1455d7731d7b9f23e09fff6200ea0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gC7cRfXilzPaQ%2BB16FxIK1MMtnMxGT0G0w9ov33sFLO%2FrvCBf9egOHp54clMNS02iLMyGKRZbLz%2FqIjyHDwCdFNceys%2BgyO6ji0jXd9c9FGqLUqeE1ptMEP5YSByBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 17 Nov 2025 15:53:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56972&sent=88&recv=36&lost=0&retrans=0&sent_bytes=89431&recv_bytes=8784&delivery_rate=399337&cwnd=45600&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=525&x=1", cfHdrFlush;dur=12
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 08 Nov 2024 14:58:09 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788887b5-PER
content-length
17959
x-powered-by
PleskLin
server
cloudflare
preamble.min.js
fssquad.com/js/xf/
4 KB
2 KB
Script
General
Full URL
https://fssquad.com/js/xf/preamble.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65bb76ca-e11"
age
1770
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8w3Rsy%2F02Ge%2BuxWo%2FisqRYC%2BKiELItYOgs4H%2FRK8JM0o%2FLQucwpchb8x6hS7ul%2FXR744w5CKF%2BM6kl9K%2FbjbLgE0KiJ%2FKuYJbrG8ujm%2Ff2LPN7g7MKoz5oZsOguLg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47726&sent=49&recv=25&lost=0&retrans=0&sent_bytes=43831&recv_bytes=8310&delivery_rate=224274&cwnd=22800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=455&x=1", cfHdrFlush;dur=47
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Thu, 01 Feb 2024 10:47:38 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788987b5-PER
x-powered-by
PleskLin
server
cloudflare
LOGOFSS.png
fssquad.com/data/assets/logo/
21 KB
22 KB
Image
General
Full URL
https://fssquad.com/data/assets/logo/LOGOFSS.png
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2373520c435381c0254df45d6994c8a745cff4c26e07f43d3488ec57397cd56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

cf-cache-status
HIT
etag
"60c091e1-5386"
age
1770
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ii5yPEVdgaAwhOd0SS8M9a6UePOwoVKNqFL%2FEoOJn0n9rzSrR%2BF0k7tGFSixOgU0nQlOxeuTjipaiS2MMc3itggDgXOQ2raBShSQj6puU4P9snMKv%2Bsu%2BMjAL21z%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47726&sent=32&recv=25&lost=0&retrans=0&sent_bytes=23728&recv_bytes=8310&delivery_rate=224274&cwnd=22800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=455&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
image/png
last-modified
Wed, 09 Jun 2021 10:03:13 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788a87b5-PER
accept-ranges
bytes
content-length
21382
x-powered-by
PleskLin
server
cloudflare
uix_logoSmall.png
fssquad.com/styles/dark/basic/
14 KB
15 KB
Image
General
Full URL
https://fssquad.com/styles/dark/basic/uix_logoSmall.png
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8adc1eca020263be7653629760df65798e5dc17e5b87cad94ca27dc83d2bd094

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

cf-cache-status
HIT
etag
"60ba3095-399b"
age
1770
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kH%2BfVWU9UXFn8DYrY%2FdLMp5lLh6MRvmB%2FZ7EORS8vHooRVVi8FJIupLFKJk61BHs0MjJlct%2B3Mi7VLq80rszZiMIwY8QNTB6AWL2tTW4p0c5WmdFqqEvxeprrxvsVg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47726&sent=49&recv=25&lost=0&retrans=0&sent_bytes=43831&recv_bytes=8310&delivery_rate=224274&cwnd=22800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=455&x=1", cfHdrFlush;dur=47
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
image/png
last-modified
Fri, 04 Jun 2021 13:54:29 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2b9788c87b5-PER
accept-ranges
bytes
content-length
14747
x-powered-by
PleskLin
server
cloudflare
wpsafelink.js
fssquad.com/letmein/
245 KB
34 KB
Script
General
Full URL
https://fssquad.com/letmein/wpsafelink.js
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d659b304c91ec44a579d5c7e184d4d6e0731b67aa87250684823c80ddc53a599

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"668d7155-3d283"
age
601
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYbKpxs%2FaCdC2AinhFpQF6C0CXV%2Fnz8kFXUiDpMq2B9kTNwgK1TU6Dq2%2Bl6sh5uxsf7Hc7ADj1KfYgvnzRqxqeRMo8XzvVapOeNlodGLol8mbUBXVL7PZ1v5VK3DjA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=460&recv=104&lost=0&retrans=0&sent_bytes=524547&recv_bytes=12574&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=707&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Tue, 09 Jul 2024 17:20:21 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb096a87b5-PER
x-powered-by
PleskLin
server
cloudflare
8ab417ab.js
isolatedovercomepasted.com/aas/r45d/vki/1979447/
148 KB
56 KB
Script
General
Full URL
https://isolatedovercomepasted.com/aas/r45d/vki/1979447/8ab417ab.js
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.234.13.25 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
lemon.bluediamod.com
Software
nginx /
Resource Hash
9abda848f6ab1288ae50472259604dce6f97a59cadd44d3874a7e75f451780b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"6735b9db-24ffc"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Nov 2024 08:50:35 GMT
server
nginx
vary
Accept-Encoding
jquery-3.5.1.min.js
fssquad.com/js/vendor/jquery/
87 KB
33 KB
Script
General
Full URL
https://fssquad.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65bb76ca-15d84"
age
1768
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEZ3lC99%2FnMQ26hngrjdyywKylorwOtIfMVEFeaNFRCebwRNSptqKZ5q%2FyIYgyNd3iAEv59bgp7lxWXJnqp0zz%2Fej6xJegmx1BeJvqXHWiweAtLT0lV5RTHA5jBE1g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=490&recv=104&lost=0&retrans=0&sent_bytes=560515&recv_bytes=12574&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=712&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Thu, 01 Feb 2024 10:47:38 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb197a87b5-PER
x-powered-by
PleskLin
server
cloudflare
vendor-compiled.js
fssquad.com/js/vendor/
43 KB
14 KB
Script
General
Full URL
https://fssquad.com/js/vendor/vendor-compiled.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65bb76ca-aab8"
age
1768
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNDLUoRe3M8aRtookdBoIH0W5feErEw2X9USQXGdjcMhxPgBHwXIigRkGoTNfp%2BP3zD9DIqPeSfD9PZQTPozLOc6%2Bk4i0bdgArMWwgHmKvt4GGMYoh35qf3dH9eamQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=522&recv=115&lost=0&retrans=0&sent_bytes=594855&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=750&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Thu, 01 Feb 2024 10:47:38 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59a087b5-PER
x-powered-by
PleskLin
server
cloudflare
core-compiled.js
fssquad.com/js/xf/
211 KB
64 KB
Script
General
Full URL
https://fssquad.com/js/xf/core-compiled.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1a691f964812845338d0cccac1f3dfcbddc96e3ae0c64ed9e3bfe8bd487ec1b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65bb76ca-34b60"
age
1765
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZc29H%2FrHJxTcyPwh9p%2BXjGCIRyQzoqKve6pvwLvTeLmmPkStABSNWMigKxt2dmq62em93FiCiohn%2FIW2vX3ld19U5IebBgWWp8Ew9PeVdxqN2gjSvKFRdvEH5h8Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=557&recv=115&lost=0&retrans=0&sent_bytes=630335&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=754&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Thu, 01 Feb 2024 10:47:38 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59a287b5-PER
x-powered-by
PleskLin
server
cloudflare
core.min.js
fssquad.com/js/siropu/am/
9 KB
4 KB
Script
General
Full URL
https://fssquad.com/js/siropu/am/core.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
eb321e6bba4e1d43eca8ba39015c6ff1627093179d9605dfa35fd6d88471e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d0f5b-24e6"
age
1763
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VoVbMh22D0oTdqMZCXwRJwlMZoLhGZs6vUR62nSRjTG1lsCtB9bW3i0Hvr%2FLXMRlXM%2BpJ3v8hkd%2B4FV6osvucxL3zDcdYZ8obP3QGm%2FMSNGh2H28NlseY6AE7JIJXA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=535&recv=115&lost=0&retrans=0&sent_bytes=609394&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=751&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:11:23 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59a487b5-PER
x-powered-by
PleskLin
server
cloudflare
notice.min.js
fssquad.com/js/xf/
4 KB
2 KB
Script
General
Full URL
https://fssquad.com/js/xf/notice.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65bb76ca-e4e"
age
1763
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAyn%2FcnzqZgazLizBPcEzAFlUg2Isn%2FhU4o%2BnqVb5OYXfhQpBnbIaCCRE7Dk1P%2Bt5ga%2Fg11VeCrSNMdwphzE4Diw%2BXRV97jCE6bIIcPHkOHOXhkrtKiY3GGGk1JUKw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48165&sent=617&recv=118&lost=0&retrans=0&sent_bytes=701181&recv_bytes=17269&delivery_rate=631475&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=759&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Thu, 01 Feb 2024 10:47:38 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59a787b5-PER
x-powered-by
PleskLin
server
cloudflare
ripple.min.js
fssquad.com/js/themehouse/acui/
1 KB
1 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/acui/ripple.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1408-58c"
age
1762
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BVZECgqHeexrZvC7bnTL660tF7xVK447GNvjDImfIWSBOpc84F96lpeResqDdBaHNsq2k1xjJvsxrYpWScQn4qwPN24k1V3hEInWOt%2FYuK4alRQySeGRACO7AM2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=539&recv=115&lost=0&retrans=0&sent_bytes=613296&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=753&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:31:20 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59a987b5-PER
x-powered-by
PleskLin
server
cloudflare
20210125.min.js
fssquad.com/js/themehouse/global/
11 KB
5 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/global/20210125.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"63bfd62a-2b29"
age
1762
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGi%2FLCYfHW%2F9v4xBRqjidDcKSF1UMeIohlg573ten9KiGTxryvzyKahmv%2BflfrEJ3%2BVQ1t9Q46U5psihbMAv0RjNebyqqSKw64JB4TzdfInJ2%2BCm20n3HTV8W3FxkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=545&recv=115&lost=0&retrans=0&sent_bytes=618571&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=753&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Thu, 12 Jan 2023 09:43:06 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59aa87b5-PER
x-powered-by
PleskLin
server
cloudflare
index.min.js
fssquad.com/js/themehouse/acui/
8 KB
4 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/acui/index.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a3c7b4f7be45c1f11423a75f305214f3b22cc6285746a1efa007a60500845c25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1408-2060"
age
1761
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGGE8cpSG02LicgHPWH7nSmXe6Sh11nzAw%2FNxVkH0B6QTtV10VVSRvXcQYwLWbWkXh8Yq%2BrOSblEXzdomXG1Ub1kgXdRQkKrtQdzM2VSqaG0%2BRFOJNzglnlCUYqTlg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=541&recv=115&lost=0&retrans=0&sent_bytes=614708&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=753&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:31:20 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59ac87b5-PER
x-powered-by
PleskLin
server
cloudflare
jquery.hoverIntent.min.js
fssquad.com/js/themehouse/acui/vendor/hover-intent/
2 KB
2 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/acui/vendor/hover-intent/jquery.hoverIntent.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1408-8c4"
age
1758
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdGOlSqgOSIjf4VZ7ZGXyThyWm4ikDBczTJRk7gmzy0DVLdlnpan6or5TGZYwBKgVz%2BRdhGHwLg8Fz6y313E5wqRKEY53zIvBDxq8Sm4A2CuTXc4wpr7xaVeNkj5yw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=550&recv=115&lost=0&retrans=0&sent_bytes=623545&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=754&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:31:20 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59ad87b5-PER
x-powered-by
PleskLin
server
cloudflare
defer.min.js
fssquad.com/js/themehouse/acui/
18 KB
5 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/acui/defer.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1408-4625"
age
1756
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ir6ku4nBJmUGKIXNgxvAxgxBTF%2FbTRr21gfn6sGcfXj24pFOkNUgQBPbYUz2mAL5PB94KE3xsOtctEQ%2B0qa3fbtn7owSbqFuw9TkadXjP3qSPiLpHdyL0B0is8cazw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48595&sent=545&recv=115&lost=0&retrans=0&sent_bytes=618571&recv_bytes=17137&delivery_rate=3658404&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=753&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:31:20 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59af87b5-PER
x-powered-by
PleskLin
server
cloudflare
deferFab.min.js
fssquad.com/js/themehouse/acui/
3 KB
2 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/acui/deferFab.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1408-cec"
age
1756
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8iO39fS9Z95ZB9I4VTOdq9nv3iAd2ve9T%2Fd9W%2FCnNb7KvRED2zVl9X4Fe3mv87la8DyEuCN4E7fU%2BT%2FyHhE1ZagAXcoDpafx83FtoyX083yQ%2BPSunR5yJ93m%2BZTKrw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48165&sent=613&recv=118&lost=0&retrans=0&sent_bytes=697060&recv_bytes=17269&delivery_rate=631475&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=755&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:31:20 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59b087b5-PER
x-powered-by
PleskLin
server
cloudflare
deferNodesCollapse.min.js
fssquad.com/js/themehouse/acui/
3 KB
2 KB
Script
General
Full URL
https://fssquad.com/js/themehouse/acui/deferNodesCollapse.min.js?_v=554164e8
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"630d1408-b62"
age
1755
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUElPrJAJXlBhR3%2FlCmm49uSnK4za9yuEW4DW4xs72xUqNzU5Q7uyJK2KiFm%2FkfYi675KAnJl0vkPN%2B0bNR2MpuXpHP6YSB5dX89zObtSgtMtVFL5oVEnCwsg8uHxA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48165&sent=615&recv=118&lost=0&retrans=0&sent_bytes=699116&recv_bytes=17269&delivery_rate=631475&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=755&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
application/javascript
last-modified
Mon, 29 Aug 2022 19:31:20 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bb59b187b5-PER
x-powered-by
PleskLin
server
cloudflare
materialdesignicons-webfont.woff2
fssquad.com/styles/acui/fonts/icons/material-icons/fonts/
312 KB
313 KB
Font
General
Full URL
https://fssquad.com/styles/acui/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=5.8.55
Requested by
Host: fssquad.com
URL: https://fssquad.com/styles/acui/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1726858656
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://fssquad.com
Referer
https://fssquad.com/styles/acui/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1726858656

Response headers

cf-cache-status
HIT
etag
"630d1409-4e1f0"
age
6602
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IUsJr29cnUmIeRvatjbBwd3EmSkqf%2FZu0yyGE3k%2BTG%2Fwc7heNcRwbj6ZV36hTL%2FAJcPqfje2GpXUwhMPD1UfvC0LAGztEonC67ZnMYsD3XSJP0GMNwbKOiFzxgMRw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48940&sent=620&recv=132&lost=0&retrans=0&sent_bytes=703516&recv_bytes=18282&delivery_rate=2364777&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=930&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:07 GMT
content-type
font/woff2
last-modified
Mon, 29 Aug 2022 19:31:21 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bc7a6187b5-PER
accept-ranges
bytes
content-length
319984
x-powered-by
PleskLin
server
cloudflare
main.js
fssquad.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 1513
Redirect Chain
  • https://fssquad.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://fssquad.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB
Script
General
Full URL
https://fssquad.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: fssquad.com
URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Protocol
H3
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343a0fd40eb831555873ad3500ae21bb055182f7df46b3f34d34c87879483e2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B32XYaUKv9TYF8q5Ki0SsMtzrja6mHp7WEcSssBFJ4PC2n17VXKL96vbStazU1itpxSoiUH2balsoFUdSBBwwtom9%2B0y8qZIPRYIZ5k9GRNnIv3901mtlpW5j0BhLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e40d2bd2ab387b5-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48822&sent=922&recv=164&lost=19&retrans=19&sent_bytes=1058097&recv_bytes=20935&delivery_rate=3607299&cwnd=221760&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=1035&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEqj1P35Le9D9oXAWViYVrKpR17ebY186sC02X3gqKMKstsGjidxsEp6LlFTAObP90amfJo%2FBwmoTCN%2FevKem6DldPM1zaOU3bsC%2BeeQD9Nk374ubK32pfEAKHAX2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e40d2bcaa8987b5-PER
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=48940&sent=825&recv=133&lost=0&retrans=0&sent_bytes=948340&recv_bytes=18570&delivery_rate=2364777&cwnd=244800&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=963&x=1", cfHdrFlush;dur=15
date
Sun, 17 Nov 2024 15:41:07 GMT
vary
Accept-Encoding
server
cloudflare
8e40d2b70f4a87b5
fssquad.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1513
0
1 KB
XHR
General
Full URL
https://fssquad.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e40d2b70f4a87b5
Requested by
Host: fssquad.com
URL: https://fssquad.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2F4QEkzS71xoBNLeLktS%2Fr6VTfSNDYFt3TfNzZrJDekj803%2BcwnYeHyj6A7iqQNnPgdjOmre%2FhHfzaGKQ5MgaRklC6MbcC1oTwCOhAJKyN3puYpb5nUPa8a6r36mDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e40d2be0b1f87b5-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48291&sent=936&recv=183&lost=19&retrans=19&sent_bytes=1063745&recv_bytes=38721&delivery_rate=16371&cwnd=221760&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=1191&x=1", cfHdrFlush;dur=0
content-length
0
date
Sun, 17 Nov 2024 15:41:08 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
check.html
isolatedovercomepasted.com/ Frame D6F7
0
0
Document
General
Full URL
https://isolatedovercomepasted.com/check.html
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/aas/r45d/vki/1979447/8ab417ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.234.13.21 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
honey.bluediamod.com
Software
nginx /
Resource Hash

Request headers

Referer
https://fssquad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 15:41:08 GMT
etag
W/"672b6939-394"
last-modified
Wed, 06 Nov 2024 13:03:53 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-js-ab
var639
faviconfsss.png
fssquad.com/data/assets/logo/
1 KB
2 KB
Other
General
Full URL
https://fssquad.com/data/assets/logo/faviconfsss.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f5886df330697537cb6f39419465dac243329cb84a35f12ffaa68c2ed2220a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc

Response headers

cf-cache-status
HIT
etag
"60c20aaa-58d"
age
7040
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5E9IXnekgapI6ElnokFOgSW9vTccVznTaWcyWuTZy9yyCrS45aHwUImv8yuSp5PcJGZlC5ATZfJ2b%2FdsG4Yhap0Rtseyyc%2BprXIIPRKIWpS90JXbnDc2eD8%2BB4C1HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49656&sent=941&recv=185&lost=19&retrans=19&sent_bytes=1067575&recv_bytes=39626&delivery_rate=14735&cwnd=221760&unsent_bytes=0&cid=b7718bac7b0c6cc9&ts=1292&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 15:41:08 GMT
content-type
image/png
last-modified
Thu, 10 Jun 2021 12:50:50 GMT
vary
Accept-Encoding
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40d2bebb8287b5-PER
accept-ranges
bytes
content-length
1421
x-powered-by
PleskLin
server
cloudflare
solid.gif
isolatedovercomepasted.com/
43 B
639 B
Ping
General
Full URL
https://isolatedovercomepasted.com/solid.gif?z=1979447&nojs=0&abvar=0&febuild=1.0.392&t=0&wcks=1&wgl=1&cnvs=1&os=-480&tz=Australia/Perth&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=w_mwZpRhUhH4&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-AU&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=kEdaTeOaHR0cHM6Ly9mc3NxdWFkLmNvbS9nb3RvL2xpbmstY29uZmlybWF0aW9uP3VybD1hSFIwY0hNNkx5OXNhVzVyTFhSaGNtZGxkQzV1WlhRdk5qY3pOekk1TDI5dWJIbHRaV2RoYkdWaGEzTXgmcz02ODBhNDcwNjU1NmVjYjk3NjRmYzYxMGI1Y2UyM2VmYw&afid=5742998584568832&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/aas/r45d/vki/1979447/8ab417ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.234.13.25 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
lemon.bluediamod.com
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/

Response headers

x-route-id
stats.tag.loaded
content-length
43
date
Sun, 17 Nov 2024 15:41:08 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx
1979447
isolatedovercomepasted.com/get/
4 KB
3 KB
Script
General
Full URL
https://isolatedovercomepasted.com/get/1979447?zoneid=1979447&jp=_cl02j374g3zrj04dzrk52i&nojs=0&abvar=0&febuild=1.0.392&t=0&wcks=1&wgl=1&cnvs=1&os=-480&tz=Australia/Perth&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=w_mwZpRhUhH4&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-AU&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=kEdaTeOaHR0cHM6Ly9mc3NxdWFkLmNvbS9nb3RvL2xpbmstY29uZmlybWF0aW9uP3VybD1hSFIwY0hNNkx5OXNhVzVyTFhSaGNtZGxkQzV1WlhRdk5qY3pOekk1TDI5dWJIbHRaV2RoYkdWaGEzTXgmcz02ODBhNDcwNjU1NmVjYjk3NjRmYzYxMGI1Y2UyM2VmYw&afid=5742998584568832&dl=10&rtt=100&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&uf=0
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/aas/r45d/vki/1979447/8ab417ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.234.13.25 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
lemon.bluediamod.com
Software
nginx /
Resource Hash
b75116cd7907ca578cb6151a8e209a104f976b325dd79569d4dd992fd23648a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fssquad.com/

Response headers

timing-allow-origin
*
x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date
Sun, 17 Nov 2024 15:41:08 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
1979447
isolatedovercomepasted.com/sn/ps/ Frame CD17
Redirect Chain
  • https://isolatedovercomepasted.com/sn/pr/1979447?zoneid=1979447&jp=_cl02j374g3zrj04dzrk52i&nojs=0&abvar=0&febuild=1.0.392&t=0&wcks=1&wgl=1&cnvs=1&os=-480&tz=Australia/Perth&ss=1&ls=1&bb=0&cti=0&fn=...
  • https://coosync.com/sn/c?zoneid=1979447&srp=oUHqfZDG3F_zHPVB9G9l9wJSvF2Tq9S-PPOWuGl2lGcT39D44wQCw45of3nN8fFroKUWF2KQTOJBwCmDLoCFUQbq1_G5UgDgxa17JuagZvu4JI1s2Vv--tS91vdM&im=1&wcks=1
  • https://isolatedovercomepasted.com/sn/ps/1979447?im=1&puid=0&so=1&wcks=1
0
0
Document
General
Full URL
https://isolatedovercomepasted.com/sn/ps/1979447?im=1&puid=0&so=1&wcks=1
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/aas/r45d/vki/1979447/8ab417ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.234.13.21 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
honey.bluediamod.com
Software
nginx /
Resource Hash

Request headers

Referer
https://fssquad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 15:41:09 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
cookie.user_id.pre_sync.final

Redirect headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-length
107
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 15:41:08 GMT
location
https://isolatedovercomepasted.com/sn/ps/1979447?im=1&puid=0&so=1&wcks=1
server
nginx
timing-allow-origin
*
x-route-id
cookie.user_id.sync

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| XF object| _0xc1e function| _0xe40c string| wpsafelink object| domain object| exclude_domain function| wpsafelink_init function| wpsafelink_encrypt function| wpsafelink_loadjs function| makeid function| wpsafelink_start object| CryptoJS object| 1979453__cngfg__d object| 1979453__cngfg__r function| 1979453__cngfg__eu function| bqlgkqlr object| themehouse function| $ function| jQuery object| Mustache function| autosize object| $jscomp function| $jscomp$lookupPolyfilledValue object| 1979453__cngfg function| handleException function| i4RR boolean| zfgcodeloadedonclick number| onclHspc object| oncontextstore object| RmVlZEZyZXFDYXBTdG9yYWdl string| UGVyc2lzdFN0b3JhZ2U number| cs__param function| _cl02j374g3zrj04dzrk52i number| puidSyncFrame function| _clx3x7xz83u36pp7vr23hh function| onClickTrigger boolean| zfgloadedpopup

7 Cookies

Domain/Path Name / Value
fssquad.com/ Name: xf_csrf
Value: YiM4mCFUxOam8jJ6
.fssquad.com/ Name: cf_clearance
Value: Y_tWleOk.Eg5F.XXIAkYVpJy8iaNsMZggaetcsdHX0M-1731858068-1.2.1.1-tdPFlvHDU.zg2JhF0agYWRJ1ReHgctFsr20nTDphGroYfI7YwyYlHn3ir0dC0T9p.snF4RKzjX.g3DaPXZ0WHN6sQJr7ITcAUZPUZMDkpGbTAbejl0r_N6hGVe27DEsbdZzbicwdjkx0ZQjZPfMVTMd1QnYJyu.AmbpobhoeWvXtTHSf5hW15D481NUiN1sPqIm7inUUqjPVIyOl_pdKD7gaWPsXv.bBy45wOoIs9NGZkTMg.A.TUv6OEz1qJVcublBXUlknJVJu.opiGhwqqR10_fLMExR.DYrcrtBpugOUkaCYX_2GOrtQPD4ACkvgl3ZmLAPHqX135pPtt6wsE5HMiVfjwZE_tUpkFSLY9PaCjgJDEhtYOP1zvTlCyKBW
fssquad.com/ Name: UGVyc2lzdFN0b3JhZ2U
Value: %7B%7D
isolatedovercomepasted.com/ Name: cart
Value: 1
isolatedovercomepasted.com/ Name: cart_p
Value: 2
isolatedovercomepasted.com/ Name: CHCK
Value: 1
isolatedovercomepasted.com/ Name: UID
Value: 24111710418932d433dae043c08faa94125f

2 Console Messages

Source Level URL
Text
rendering warning URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E03206BC0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://fssquad.com/goto/link-confirmation?url=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNjczNzI5L29ubHltZWdhbGVha3Mx&s=680a4706556ecb9764fc610b5ce23efc
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0803206BC0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coosync.com
fssquad.com
isolatedovercomepasted.com
172.67.172.23
173.234.13.21
173.234.13.25
64.120.110.166
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a
0e062bc868ecc8889c9abb50b75b909676a1c5d605334ffa2043f4c64b217b8d
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
1a691f964812845338d0cccac1f3dfcbddc96e3ae0c64ed9e3bfe8bd487ec1b3
2f5886df330697537cb6f39419465dac243329cb84a35f12ffaa68c2ed2220a1
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
343a0fd40eb831555873ad3500ae21bb055182f7df46b3f34d34c87879483e2a
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0
502ca01d23023344e064f94b2b3b11d5467655edf6c62543787a89eb3d2e3a9b
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
8adc1eca020263be7653629760df65798e5dc17e5b87cad94ca27dc83d2bd094
9abda848f6ab1288ae50472259604dce6f97a59cadd44d3874a7e75f451780b9
a2373520c435381c0254df45d6994c8a745cff4c26e07f43d3488ec57397cd56
a3c7b4f7be45c1f11423a75f305214f3b22cc6285746a1efa007a60500845c25
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
b75116cd7907ca578cb6151a8e209a104f976b325dd79569d4dd992fd23648a6
cc526c8a9902f3d440d2dd7e6811fc6bc0d1455d7731d7b9f23e09fff6200ea0
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d
d659b304c91ec44a579d5c7e184d4d6e0731b67aa87250684823c80ddc53a599
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb321e6bba4e1d43eca8ba39015c6ff1627093179d9605dfa35fd6d88471e157
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d