cssjs.gq Open in urlscan Pro
185.62.73.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://codesheet.org/
Effective URL:
http://cssjs.gq/
Submission: On October 22 via manual (October 22nd 2019, 6:02:19 pm UTC) from US

Summary HTTP 63 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 63 HTTP transactions. The main IP is 185.62.73.8, located in Zagreb, Croatia and belongs to ITSOFT, HR. The main domain is cssjs.gq.

This is the only time cssjs.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1 1	89.31.143.1 89.31.143.1	15598 (QSC-AG-IPX) (QSC-AG-IPX)
17	185.62.73.8 185.62.73.8	61211 (ITSOFT) (ITSOFT)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
4	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
63	9

1 89.31.143.1 (Germany) 1 redirects

ASN15598 (QSC-AG-IPX, DE)

codesheet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.62.73.8 (Zagreb, Croatia)

ASN61211 (ITSOFT, HR)
PTR: cp008.mydataknox.com

cssjs.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cssjs.gq cssjs.gq	86 KB
11	cloudflare.com cdnjs.cloudflare.com	114 KB
10	gstatic.com fonts.gstatic.com	125 KB
5	doubleclick.net googleads.g.doubleclick.net
4	googleapis.com fonts.googleapis.com	3 KB
3	googlesyndication.com pagead2.googlesyndication.com	212 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	75 KB
1	googletagservices.com www.googletagservices.com	29 KB
1	google.com adservice.google.com	656 B
1	google.de adservice.google.de	656 B
1	jquery.com code.jquery.com	29 KB
1	codesheet.org 1 redirects codesheet.org	190 B
63	12

	Domain	Requested by
17	cssjs.gq	cssjs.gq code.jquery.com
11	cdnjs.cloudflare.com	cssjs.gq
10	fonts.gstatic.com	cssjs.gq
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fonts.googleapis.com	cssjs.gq
3	pagead2.googlesyndication.com	cssjs.gq pagead2.googlesyndication.com
3	maxcdn.bootstrapcdn.com	cssjs.gq
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	code.jquery.com	cssjs.gq
1	codesheet.org	1 redirects cssjs.gq
63	12

This site contains links to these domains. Also see Links.

Domain
www.live-stats.me
www.aboutcookies.org

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh

This page contains 19 frames:

Primary Page: http://cssjs.gq/
Frame ID: ACF894F1C4839B72EFE280D092531123
Requests: 20 HTTP requests in this frame

Frame: http://cssjs.gq/preview.php?id=HnGD3caZ
Frame ID: EC536218B58D2501C6F55E9C1073BCE7
Requests: 7 HTTP requests in this frame

Frame: http://cssjs.gq/preview.php?id=Z4FLPQ6Y
Frame ID: 5FC73682EAE273A345BBC6775E090B67
Requests: 6 HTTP requests in this frame

Frame: http://cssjs.gq/preview.php?id=cJW9yGSg
Frame ID: CAF39AE0FBB0C4F6502F955FD0E7EC5B
Requests: 3 HTTP requests in this frame

Frame: http://cssjs.gq/preview.php?id=YBWybScy
Frame ID: 360D04C7D0A43250F706393D80D40334
Requests: 6 HTTP requests in this frame

Frame: http://cssjs.gq/preview.php?id=UfZ813RY
Frame ID: 8B38284E16E1B6708F7132303F4264E8
Requests: 2 HTTP requests in this frame

Frame: http://cssjs.gq/preview.php?id=C1rEXfRT
Frame ID: C6BE3A9BDF251F63C8B55A7CA9253853
Requests: 3 HTTP requests in this frame

Frame: http://cssjs.gq/loader.php
Frame ID: 34E202B01EAA833D00A7DCCF2578F7A1
Requests: 2 HTTP requests in this frame

Frame: http://cssjs.gq/loader.php
Frame ID: A0DBB6985574DD05586134805CA4D497
Requests: 2 HTTP requests in this frame

Frame: http://cssjs.gq/loader.php
Frame ID: 0954B9ECBFAF28469563F3076C233DA4
Requests: 2 HTTP requests in this frame

Frame: http://cssjs.gq/loader.php
Frame ID: FBD98CDE11B9F95DE28FED50B6FABB22
Requests: 2 HTTP requests in this frame

Frame: http://cssjs.gq/loader.php
Frame ID: 5E1F103AC891BC9023DEADBB47E59F7D
Requests: 2 HTTP requests in this frame

Frame: http://cssjs.gq/loader.php
Frame ID: B08D33A128DEE591CB99FD1146D8D78B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Frame ID: 53494B01B9D520EE2A018B2A2375B49A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/zrt_lookup.html
Frame ID: 6A6154CCF0DE65DD799AF80AD8D0F66D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=533964676&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323557&bpp=30&bdt=146&fdt=142&idt=143&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&correlator=7606490532304&frm=20&pv=2&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=2728&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.epr4fmptrg3i&fsb=1&xpc=22mUuZWsmI&p=http%3A//cssjs.gq&dtd=161
Frame ID: BCD477E20DA4F1ADD77D50573CE72441
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=583489539&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323588&bpp=7&bdt=177&fdt=191&idt=191&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=644&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.p5ttsf4bgb9&fsb=1&xpc=lc83IH05gZ&p=http%3A//cssjs.gq&dtd=194
Frame ID: 76B83FBD859B8A11FE988AA16D097B32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=1965938987&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323595&bpp=5&bdt=184&fdt=207&idt=207&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=988&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=3.hl0f5dfnxs45&fsb=1&xpc=UVN95cVWei&p=http%3A//cssjs.gq&dtd=213
Frame ID: 3D1E395EF96D80A675F89D6F809C1BA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&adk=1812271804&adf=3025194257&lmt=1571767323&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcssjs.gq%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1571767323600&bpp=4&bdt=189&fdt=224&idt=224&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=3.7guvpj4xg3lp&fsb=1&dtd=272
Frame ID: 8B50FB7B843321EB467DCD1145C9E963
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://codesheet.org/ HTTP 301
http://cssjs.gq/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

63
Requests

59 %
HTTPS

78 %
IPv6

12
Domains

12
Subdomains

9
IPs

4
Countries

675 kB
Transfer

1842 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.live-stats.me/
Title: Live Website Statistics

Search URL Search Domain Scan URL

URL: http://www.aboutcookies.org/legal-notices/cookies/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://codesheet.org/ HTTP 301
http://cssjs.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

63 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
cssjs.gq/
Redirect Chain

http://codesheet.org/
http://cssjs.gq/

42 KB
11 KB

333ms
241ms

Document
text/html

185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

81af30407fd390f5b44cd1fb376bc1b2812e9e88a529d78a7f44b27bedccf29d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d; expires=Wed, 23-Oct-2019 04:02:02 GMT; Max-Age=36000; path=/
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

Redirect headers

Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: http://cssjs.gq
Server: UD Forwarding 3.0

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 10ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by: Host: cssjs.gq
URL: http://cssjs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 33ms
19ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300|Ubuntu|Dosis|Quicksand

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

aefc145d857aadbd0523297ff09e59cf26e0de941c03aaeb5b33c7f1ec43d5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 18:02:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 18:02:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H/1.1 200
OK jquery-2.1.0.min.js Show response
code.jquery.com/ 82 KB
29 KB 23ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.0.min.js
Requested by: Host: cssjs.gq
URL: http://cssjs.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-1469f"
Vary: Accept-Encoding
X-HW: 1571767323.dop053.fr8.shc,1571767323.dop053.fr8.t,1571767323.cds149.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 29288

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 52ms
46ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by: Host: cssjs.gq
URL: http://cssjs.gq/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
Connection: Keep-Alive
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 6079

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 103 KB
36 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

199a632b50017ffc15e25145d169afd8974b477799adf9956e8a86aa4becc582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3282515714154934357
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36818
X-XSS-Protection: 0
Expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H2

200

jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

1 KB
1 KB

77ms
49ms

Script
application/javascript

2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14872795
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.096
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:58 GMT
server: cloudflare
etag: W/"5afd497a-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614b8d2e5970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame EC53 811 B
828 B 57ms
57ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET loader.php
cssjs.gq/ Frame 5FC7 0
0

GET loader.php
cssjs.gq/ Frame CAF3 0
0

GET loader.php
cssjs.gq/ Frame 360D 0
0

GET loader.php
cssjs.gq/ Frame 8B38 0
0

GET loader.php
cssjs.gq/ Frame C6BE 0
0

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame 34E2 811 B
827 B 82ms
30ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame A0DB 811 B
827 B 115ms
32ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame 0954 811 B
827 B 115ms
30ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame FBD9 811 B
827 B 118ms
33ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame 5E1F 811 B
827 B 118ms
34ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK loader.php Show response
cssjs.gq/ Frame B08D 811 B
827 B 133ms
50ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/loader.php

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b054c21c769e6e73a3f3f2e51ff27783043d87f8c4cb963c0554b33010fa3efc

Request headers

Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-xDwxUD2GFw.woff
fonts.gstatic.com/s/quicksand/v19/ 17 KB
17 KB 7ms
6ms Font
font/woff 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v19/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-xDwxUD2GFw.woff

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d46136c7e3cd738af3e4791b9e43f5cfc700c66bd2f6877682e04c01477c2a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300|Ubuntu|Dosis|Quicksand
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 02:09:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 23:04:47 GMT
server: sffe
age: 57183
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17040
x-xss-protection: 0
expires: Wed, 21 Oct 2020 02:09:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300|Ubuntu|Dosis|Quicksand
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 12:53:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1141715
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0
expires: Thu, 08 Oct 2020 12:53:28 GMT

GET
H2 200 HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xMCbKsUPqjm.woff
fonts.gstatic.com/s/dosis/v16/ 18 KB
18 KB 8ms
7ms Font
font/woff 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v16/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xMCbKsUPqjm.woff

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

305e1c4c46e104f9d78fe42928c7bec90d968362e4991ead02688a77900a28a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300|Ubuntu|Dosis|Quicksand
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 23:45:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 23:04:57 GMT
server: sffe
age: 65766
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18156
x-xss-protection: 0
expires: Tue, 20 Oct 2020 23:45:57 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 15ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: cssjs.gq
URL: http://cssjs.gq/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: http://cssjs.gq

Response headers

Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:36:18 GMT
Connection: Keep-Alive
ETag: "1544639778"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff2
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 64470

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300|Ubuntu|Dosis|Quicksand
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 13:24:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:45 GMT
server: sffe
age: 448642
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13720
x-xss-protection: 0
expires: Fri, 16 Oct 2020 13:24:41 GMT

GET stats.php
codesheet.org/live/ 0
0

GET
H/1.1 200
OK preview.php Show response
cssjs.gq/ Frame EC53 11 KB
3 KB 178ms
145ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/preview.php?id=HnGD3caZ

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.0.min.js

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

5f3a341135a4e5e18577ec2e56b3a4b86dac85c55677b59c877c9f46a7cc892a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK preview.php Show response
cssjs.gq/ Frame 5FC7 5 KB
2 KB 170ms
105ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/preview.php?id=Z4FLPQ6Y

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.0.min.js

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

b1c6e77b6b2f7c08624be178f65925c766cfaa70b41b92ea9048163576accd41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK preview.php Show response
cssjs.gq/ Frame CAF3 17 KB
5 KB 162ms
97ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/preview.php?id=cJW9yGSg

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.0.min.js

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

991c801c1680001ea81e3de0e634fa670cd15b58ed0c3f1db4f4963b4f783a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK preview.php Show response
cssjs.gq/ Frame 360D 30 KB
7 KB 165ms
98ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/preview.php?id=YBWybScy

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.0.min.js

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

a83990e9e014eda261b2afceca921b1b771a31ffe45a75fe5be4ebb489f601bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK preview.php Show response
cssjs.gq/ Frame 8B38 19 KB
5 KB 169ms
102ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/preview.php?id=UfZ813RY

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.0.min.js

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

f75c9a8a1572d22de77c78b05fe19b9d4183405542cd203e15d4f77c05dd49eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK preview.php Show response
cssjs.gq/ Frame C6BE 32 KB
7 KB 257ms
177ms Document
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/preview.php?id=C1rEXfRT

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.0.min.js

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

12cfb113d7d8407c49c1e88f78df7821b0e9b0fae5468afbb6332fdc973bca65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: cssjs.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://cssjs.gq/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=1777ed415780444209f38beb8546ae4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://cssjs.gq/

Response headers

Server: nginx
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 404
Not Found count.php
cssjs.gq/ 42 KB
42 KB 279ms
99ms Image
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://cssjs.gq/count.php?uid=1&res=1600x1200&url=http%3A%2F%2Fcssjs.gq%2F&ref=

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

81af30407fd390f5b44cd1fb376bc1b2812e9e88a529d78a7f44b27bedccf29d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 18:02:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: PHP/7.2.23
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300|Ubuntu|Dosis|Quicksand
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 19 Oct 2019 01:14:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 319653
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sun, 18 Oct 2020 01:14:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
656 B 32ms
16ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cssjs.gq

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
656 B 34ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cssjs.gq

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/ 238 KB
88 KB 46ms
29ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89450
x-xss-protection: 0
server: cafe
etag: 530792698881188819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/ Frame 5349 238 KB
88 KB 47ms
37ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89450
x-xss-protection: 0
server: cafe
etag: 530792698881188819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/ Frame 6A61 0
0 20ms
10ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191015/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://cssjs.gq/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://cssjs.gq/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 15 Oct 2019 14:47:51 GMT
expires: Tue, 29 Oct 2019 14:47:51 GMT
content-type: text/html; charset=UTF-8
etag: 8648543205226238674
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7402
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 616452
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame EC53 52 KB
4 KB 23ms
21ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d0e305970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 34E2 52 KB
4 KB 19ms
18ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d0e325970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame A0DB 52 KB
4 KB 26ms
25ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d0e335970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 0954 52 KB
4 KB 24ms
23ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d1e465970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame FBD9 52 KB
4 KB 26ms
25ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d1e485970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 5E1F 52 KB
4 KB 22ms
21ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d1e4b5970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame B08D 52 KB
4 KB 32ms
31ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/loader.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/loader.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401258
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.148
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:38 GMT
server: cloudflare
etag: W/"5afd483a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614d1e4d5970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame BCD4 0
0 31ms
30ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=533964676&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323557&bpp=30&bdt=146&fdt=142&idt=143&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&correlator=7606490532304&frm=20&pv=2&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=2728&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.epr4fmptrg3i&fsb=1&xpc=22mUuZWsmI&p=http%3A//cssjs.gq&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=533964676&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323557&bpp=30&bdt=146&fdt=142&idt=143&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&correlator=7606490532304&frm=20&pv=2&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=2728&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.epr4fmptrg3i&fsb=1&xpc=22mUuZWsmI&p=http%3A//cssjs.gq&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://cssjs.gq/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://cssjs.gq/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Oct 2019 18:02:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 22-Oct-2019 18:17:03 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 73ms
41ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a1999737449d990f86a266a62e57fb225dd6e5d5521da2358d967c6bd662b314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571656559023965"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29155
x-xss-protection: 0
expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 76B8 0
0 25ms
25ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=583489539&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323588&bpp=7&bdt=177&fdt=191&idt=191&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=644&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.p5ttsf4bgb9&fsb=1&xpc=lc83IH05gZ&p=http%3A//cssjs.gq&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=583489539&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323588&bpp=7&bdt=177&fdt=191&idt=191&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=644&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.p5ttsf4bgb9&fsb=1&xpc=lc83IH05gZ&p=http%3A//cssjs.gq&dtd=194
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://cssjs.gq/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://cssjs.gq/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Oct 2019 18:02:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUkssRvC0xnKJ1sxL1bOhewLVMQh1ENjCHbKbeToX3CuKkatdUnOVxPlbaa6; expires=Sun, 15-Nov-2020 18:02:03 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 3D1E 0
0 39ms
38ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=1965938987&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323595&bpp=5&bdt=184&fdt=207&idt=207&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=988&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=3.hl0f5dfnxs45&fsb=1&xpc=UVN95cVWei&p=http%3A//cssjs.gq&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1756109497993983&output=html&h=250&slotname=6654169158&adk=2267602503&adf=1965938987&w=300&lmt=1571767323&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fcssjs.gq%2F&flash=0&avail_w=298&wgl=1&adsid=NT&dt=1571767323595&bpp=5&bdt=184&fdt=207&idt=207&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=988&ady=2483&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=3.hl0f5dfnxs45&fsb=1&xpc=UVN95cVWei&p=http%3A//cssjs.gq&dtd=213
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://cssjs.gq/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkssRvC0xnKJ1sxL1bOhewLVMQh1ENjCHbKbeToX3CuKkatdUnOVxPlbaa6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://cssjs.gq/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Oct 2019 18:02:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ Frame CAF3 84 KB
29 KB 32ms
32ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=cJW9yGSg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/preview.php?id=cJW9yGSg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401252
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.006
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614deeca5970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 360D 17 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=YBWybScy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

69b756cde5aad6ebf602e3ce9421175fa0401745b66dd55fc10cd92063e244fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 18:02:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 18:02:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H2 400 css
fonts.googleapis.com/ Frame 5FC7 0
0 27ms
26ms Stylesheet
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed
Requested by: Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=Z4FLPQ6Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/preview.php?id=Z4FLPQ6Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ Frame 5FC7 84 KB
29 KB 29ms
28ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=Z4FLPQ6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/preview.php?id=Z4FLPQ6Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401252
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.006
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614dfecc5970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H/1.1 404
Not Found desktop.css
cssjs.gq/ Frame 5FC7 0
0 65ms
65ms Stylesheet
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/desktop.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=Z4FLPQ6Y

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cssjs.gq/preview.php?id=Z4FLPQ6Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.2.23
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 360D 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3abbe097d88b35d996baac30923d1b88fb1aa79d9a5105a59b1c95d9b12aa48a

Request headers

Referer: http://cssjs.gq/preview.php?id=YBWybScy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8B50 0
0 17ms
16ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756109497993983&output=html&adk=1812271804&adf=3025194257&lmt=1571767323&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcssjs.gq%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1571767323600&bpp=4&bdt=189&fdt=224&idt=224&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=3.7guvpj4xg3lp&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1756109497993983&output=html&adk=1812271804&adf=3025194257&lmt=1571767323&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcssjs.gq%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1571767323600&bpp=4&bdt=189&fdt=224&idt=224&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=7606490532304&frm=20&pv=1&ga_vid=2106409872.1571767324&ga_sid=1571767324&ga_hid=219163763&ga_fc=0&iag=0&icsg=35496&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199337&oid=3&pvsid=1175859870216255&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=3.7guvpj4xg3lp&fsb=1&dtd=272
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://cssjs.gq/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkssRvC0xnKJ1sxL1bOhewLVMQh1ENjCHbKbeToX3CuKkatdUnOVxPlbaa6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://cssjs.gq/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Oct 2019 18:02:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ Frame EC53 17 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=HnGD3caZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c9894f75bd8631367261b606e00a3822bccc75d6d51fc2c6a046181999ecdd9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 22 Oct 2019 18:02:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 22 Oct 2019 18:02:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 22 Oct 2019 18:02:03 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v5/ Frame 360D 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=YBWybScy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 19:14:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:39 GMT
server: sffe
age: 341244
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11552
x-xss-protection: 0
expires: Sat, 17 Oct 2020 19:14:39 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
fonts.gstatic.com/s/nunitosans/v5/ Frame 360D 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=YBWybScy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 19 Oct 2019 01:38:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:56 GMT
server: sffe
age: 318208
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11488
x-xss-protection: 0
expires: Sun, 18 Oct 2020 01:38:35 GMT

GET
H/1.1 404
Not Found android.css
cssjs.gq/ Frame 5FC7 0
0 64ms
63ms Stylesheet
text/html 185.62.73.8
ITSOFT

General

Check archive.org

Show headers Download Go to

Full URL

http://cssjs.gq/android.css

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=Z4FLPQ6Y

Protocol

HTTP/1.1

Server

185.62.73.8 Zagreb, Croatia, ASN61211 (ITSOFT, HR),

Reverse DNS

cp008.mydataknox.com

Software

nginx / PHP/7.2.23

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cssjs.gq/preview.php?id=Z4FLPQ6Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 18:02:03 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.2.23
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ Frame C6BE 84 KB
29 KB 24ms
24ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=C1rEXfRT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://cssjs.gq/preview.php?id=C1rEXfRT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 18:02:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16401252
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.006
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 529d614eaf445970-VIE
expires: Sun, 11 Oct 2020 18:02:03 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v5/ Frame EC53 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=HnGD3caZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 19:14:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:39 GMT
server: sffe
age: 341244
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11552
x-xss-protection: 0
expires: Sat, 17 Oct 2020 19:14:39 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v5/ Frame EC53 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc9iB85tU1ECVZl_.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=HnGD3caZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

86af0cd8f91b1a2544da4860b3aaa67b1edf4d80166101dbc6c5d2582049b387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:49:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:43 GMT
server: sffe
age: 943962
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11500
x-xss-protection: 0
expires: Sat, 10 Oct 2020 19:49:21 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
fonts.gstatic.com/s/nunitosans/v5/ Frame EC53 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2

Requested by

Host: cssjs.gq
URL: http://cssjs.gq/preview.php?id=HnGD3caZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Material+Icons|Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&subset=latin-ext
Origin: http://cssjs.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 19 Oct 2019 01:38:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:56 GMT
server: sffe
age: 318208
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11488
x-xss-protection: 0
expires: Sun, 18 Oct 2020 01:38:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cssjs.gq
URL: http://cssjs.gq/loader.php

Domain: cssjs.gq
URL: http://cssjs.gq/loader.php

Domain: cssjs.gq
URL: http://cssjs.gq/loader.php

Domain: cssjs.gq
URL: http://cssjs.gq/loader.php

Domain: cssjs.gq
URL: http://cssjs.gq/loader.php

Domain: codesheet.org
URL: https://codesheet.org/live/stats.php?uid=224&res=1600x1200&url=http%3A%2F%2Fcssjs.gq%2F&ref=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 13:57:43	Name: IDE Value: AHWqTUkssRvC0xnKJ1sxL1bOhewLVMQh1ENjCHbKbeToX3CuKkatdUnOVxPlbaa6
			cssjs.gq/	1970-01-19 04:36:43	Name: PHPSESSID Value: 1777ed415780444209f38beb8546ae4d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
code.jquery.com
codesheet.org
cssjs.gq
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
www.googletagservices.com
codesheet.org
cssjs.gq
185.62.73.8
2001:4de0:ac19::1:b:1b
2606:4700::6813:c497
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2002
89.31.143.1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
12cfb113d7d8407c49c1e88f78df7821b0e9b0fae5468afbb6332fdc973bca65
199a632b50017ffc15e25145d169afd8974b477799adf9956e8a86aa4becc582
1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e
305e1c4c46e104f9d78fe42928c7bec90d968362e4991ead02688a77900a28a9
3abbe097d88b35d996baac30923d1b88fb1aa79d9a5105a59b1c95d9b12aa48a
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5f3a341135a4e5e18577ec2e56b3a4b86dac85c55677b59c877c9f46a7cc892a
69b756cde5aad6ebf602e3ce9421175fa0401745b66dd55fc10cd92063e244fa
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6
81af30407fd390f5b44cd1fb376bc1b2812e9e88a529d78a7f44b27bedccf29d
86af0cd8f91b1a2544da4860b3aaa67b1edf4d80166101dbc6c5d2582049b387
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
991c801c1680001ea81e3de0e634fa670cd15b58ed0c3f1db4f4963b4f783a3a
a1999737449d990f86a266a62e57fb225dd6e5d5521da2358d967c6bd662b314
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a83990e9e014eda261b2afceca921b1b771a31ffe45a75fe5be4ebb489f601bd
aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c
aefc145d857aadbd0523297ff09e59cf26e0de941c03aaeb5b33c7f1ec43d5c9
b054c21c769e6e73a3f3f2e51ff27783043d87f8c4cb963c0554b33010fa3efc
b1c6e77b6b2f7c08624be178f65925c766cfaa70b41b92ea9048163576accd41
c9894f75bd8631367261b606e00a3822bccc75d6d51fc2c6a046181999ecdd9c
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d46136c7e3cd738af3e4791b9e43f5cfc700c66bd2f6877682e04c01477c2a2f
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f75c9a8a1572d22de77c78b05fe19b9d4183405542cd203e15d4f77c05dd49eb
f819c9d1440e322e622f57a57051bd266c12d510a18077f3ed11a2ef1b5d940f

cssjs.gq Open in urlscan Pro 185.62.73.8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

59 %HTTPS

78 %IPv6

12 Domains

12 Subdomains

9 IPs

4 Countries

675 kBTransfer

1842 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cssjs.gq Open in urlscan Pro
185.62.73.8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

59 %
HTTPS

78 %
IPv6

12
Domains

12
Subdomains

9
IPs

4
Countries

675 kB
Transfer

1842 kB
Size

2
Cookies

63 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!