cooljayheatair.com Open in urlscan Pro
172.67.175.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cooljayheatair.com/login.php
Effective URL:
https://cooljayheatair.com/login.php
Submission Tags: krdtest
Submission: On September 21 via api (September 21st 2021, 8:40:00 pm UTC) from JP — Scanned from DE

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 172.67.175.233, located in United States and belongs to CLOUDFLARENET, US. The main domain is cooljayheatair.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2021. Valid for: a year.

This is the only time cooljayheatair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 8	172.67.175.233 172.67.175.233		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.202 142.250.184.202		15169 (GOOGLE) (GOOGLE)
3	104.21.64.37 104.21.64.37		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.163 142.250.186.163		15169 (GOOGLE) (GOOGLE)
13	4

8 172.67.175.233 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cooljayheatair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cooljayheatair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.64.37 (None, )

ASN13335 (CLOUDFLARENET, US)

cooljayheatair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cooljayheatair.com 1 redirects www.cooljayheatair.com cooljayheatair.com	73 KB
2	gstatic.com fonts.gstatic.com	50 KB
1	googleapis.com fonts.googleapis.com	1 KB
13	3

	Domain	Requested by
10	cooljayheatair.com	cooljayheatair.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cooljayheatair.com
1	www.cooljayheatair.com	1 redirects
13	4

This site contains links to these domains. Also see Links.

Domain
oxygenbuilder.com
rankworks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-18` - `2022-05-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cooljayheatair.com/login.php
Frame ID: D3571C6214CE2C9AF4E0EDF2E9C82496
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404

Page URL History Show full URLs

https://www.cooljayheatair.com/login.php HTTP 301
https://cooljayheatair.com/login.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Oxygen (Page builders) Expand

Overall confidence: 100%
Detected patterns

<body class=(?:"|')[^"']*oxygen-body
<link [^>]*href=(?:"|')[^>]*wp-content/plugins/oxygen/
wp-content/plugins/oxygen

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

123 kB
Transfer

309 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://oxygenbuilder.com/
Title: (404) 284-8662

Search URL Search Domain Scan URL

URL: https://rankworks.com/
Title: POWERED BYCONNECTED

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cooljayheatair.com/login.php HTTP 301
https://cooljayheatair.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request login.php Show response
cooljayheatair.com/
Redirect Chain

https://www.cooljayheatair.com/login.php
https://cooljayheatair.com/login.php

7 KB
2 KB

670ms
669ms

Document
text/html

172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ebb89e0eb75e0d7fc9dcd5a5e68eb38b99a4e5c61468a1a795428f4a1e2c7d5

Request headers

:method: GET
:authority: cooljayheatair.com
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Sep 2021 20:39:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cooljayheatair.com/wp-json/>; rel="https://api.w.org/"
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVx5qjr19PbpDgkE7RKulaCQD%2BJqiJKFvTaC8cM7YeqNGw%2BjoUrwMFY%2BAEskxrvoyci6%2F07Qc0qm14uFSW8gn2LBsuyqdXlSTNA%2F%2Fa%2BdXDuRqhtjTZ8cYSYqMyIMC3IL%2Fcv7tgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69261b07988dede7-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 21 Sep 2021 20:39:54 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://cooljayheatair.com/login.php
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7UPY7VlIgKDhqSok9cO3KmNoQVE8QvDdKVp%2BXxsagQbHZfh0jfMtUz6omB%2FYKLBrcw07PKdoJ3SJ%2FzCZRdwOrAJfVkbdQaxoT9I44%2BGnK0Wa3SDp5u2YAfiFGoaEvieyONgc2lSwhrc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69261b036c8bede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
cooljayheatair.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 328ms
326ms Stylesheet
text/css 172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 May 2021 17:49:33 GMT
server: cloudflare
etag: W/"60a3fe2d-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4t9m1UjALaXdMS3rRG9l9rRykeTLVyAGPSeIP5fUOYgWvtpE%2BSu5luP3GqueUyu%2FZHu%2FGHZqC8HeSPRtC2zWIOXx2ij2%2BsaiiXcVkpuLDQ7wG9XKzF6wHH4FD5yvflOps1QPiVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69261b0c1d0aede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 20:39:55 GMT

GET
H2 200 oxygen.css
cooljayheatair.com/wp-content/plugins/oxygen/component-framework/ 19 KB
4 KB 325ms
324ms Stylesheet
text/css 172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.8
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6fd9afadb59c4ec0eb9192eeb02adbab6bf09d2e1ade82819f4d7d63028aec6

Request headers

:path: /wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Jun 2021 20:17:32 GMT
server: cloudflare
etag: W/"60d396dc-4a1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH4fEk568297NcAVCGKKYgJQlgL6k9z57IEEy38%2Bg8Dq15KaX1Wgdw%2F6OD57Y6oOL92tV9MV9kpovOfQKTomG%2FEbXdcO3BDHpJKpWt5vF3q%2BZzU4swqOfklmZJ1zJxkCNK61wKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69261b0c1d0cede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 20:39:55 GMT

GET
H2 200 jquery.min.js Show response
cooljayheatair.com/wp-includes/js/jquery/ 87 KB
32 KB 527ms
526ms Script
application/javascript 172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 12 Feb 2021 16:02:58 GMT
server: cloudflare
etag: W/"6026a6b2-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omArXg24CzXUpew0F4g7emhnbM8n1S49TWfQXQnBlzw8u4Xr1bVVQRdBluc1QbOgpTPNMEPe2tiX03QrpyjFFBd%2FC7dXPcQuKJ3IQd4OfM0QfxlIjj5B4tunOL8Ty9RKOC%2FjHhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69261b0c2d11ede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 20:39:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 95ms
35ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo:100,200,300,400,500,600,700,800,900|Archivo+Black:100,200,300,400,500,600,700,800,900

Requested by

Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

1c09401579e268fff3e509757bc40efda7deaf25fd1b7ee2bff9c196cfc624d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 20:39:55 GMT
server: ESF
date: Tue, 21 Sep 2021 20:39:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 20:39:55 GMT

GET
H2 200 main-24.css
cooljayheatair.com/wp-content/uploads/oxygen/css/ 7 KB
2 KB 322ms
321ms Stylesheet
text/css 172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/wp-content/uploads/oxygen/css/main-24.css?cache=1624469866&ver=5.7.3
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39dff40f248e653e86d4b01db88cc93c7d2fde8559556b99f0303fa3dc09ea12

Request headers

:path: /wp-content/uploads/oxygen/css/main-24.css?cache=1624469866&ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Jun 2021 17:37:46 GMT
server: cloudflare
etag: W/"60d3716a-1a23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVNlT0TxdewtNkbHFru0lpThbmdRqqXA9svyjG5Wa5CCslSbyOYMm6EQzLUcjI42D%2B%2FQochE6%2FdieRyMDNSZkXeMtyyzLkVQcszuN5YI%2Bk7950TiuDm8QbLI%2FD6MpnKEc6929ug%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69261b0c2d10ede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 20:39:55 GMT

GET
H2 200 archive-21.css
cooljayheatair.com/wp-content/uploads/oxygen/css/ 3 KB
1 KB 315ms
314ms Stylesheet
text/css 172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/wp-content/uploads/oxygen/css/archive-21.css?cache=1623442514&ver=5.7.3
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50ed1b2f4abf30470648de3bdbf0b8c00ee91cb4da8e554ed8e98392fb7433a

Request headers

:path: /wp-content/uploads/oxygen/css/archive-21.css?cache=1623442514&ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Jun 2021 20:15:14 GMT
server: cloudflare
etag: W/"60c3c452-a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5W0HtrhMoFWax71zRxA4M91D7%2BngBHdR%2FkJytqPCXMi2mAwqSjrjhO0MZTpkvm6gIHIzSeeJrfAsT%2FxmjzsotAn7ecCmb3UgyII4Lgp2PJuIJqGlYCZkBJ4Kqhl8DMBabkIDsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69261b0c2d13ede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 20:39:55 GMT

GET
H2 200 universal.css
cooljayheatair.com/wp-content/uploads/oxygen/css/ 59 KB
8 KB 317ms
317ms Stylesheet
text/css 172.67.175.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cooljayheatair.com/wp-content/uploads/oxygen/css/universal.css?cache=1624481750&ver=5.7.3
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11facd7c939649e59fdc49c89fb2dc0da45456e165d80f002cdfde809879b70

Request headers

:path: /wp-content/uploads/oxygen/css/universal.css?cache=1624481750&ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Jun 2021 20:55:50 GMT
server: cloudflare
etag: W/"60d39fd6-ea83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npUc5XdwoebDYz3o1qRkTlB2PuVtK20kJ5bBW2kIVPwjt7FXX2aWANy%2BTU%2F%2F%2Fypo1g35%2F2uwiOY1VKSj8x4J3ob%2Bbj5ZgRK3ObcnMHBpFiV0rahb8T9yseRtY7b2yh4ckKaTGuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69261b0c2d14ede7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 20:39:55 GMT

GET
H3 200 Black-logo.png
cooljayheatair.com/wp-content/uploads/2021/06/ 3 KB
3 KB 326ms
325ms Image
image/png 104.21.64.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cooljayheatair.com/wp-content/uploads/2021/06/Black-logo.png
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9e6685a4a0fc86dbd8e368c7faf88294fdb38260909c33408bc639bff07000

Request headers

:path: /wp-content/uploads/2021/06/Black-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2877
last-modified: Thu, 10 Jun 2021 18:27:42 GMT
server: cloudflare
etag: "60c2599e-b3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkNppJdj8B9uzh8mqtBtBmG8LVHthedaxxbNcyM%2F0JLYwuCSDIs9JpMsa5d9LEL5pAf%2BlnKwfcAIGqNvBI11DLCCJUIxYCfCnfJMAhHflCjKmZYstWsIwBOjMTPiDS2ma6G8QSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69261b0e3a783a47-CDG
expires: Thu, 21 Oct 2021 20:39:56 GMT

GET
H3 200 White-logo.png
cooljayheatair.com/wp-content/uploads/2021/06/ 3 KB
3 KB 323ms
322ms Image
image/png 104.21.64.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cooljayheatair.com/wp-content/uploads/2021/06/White-logo.png
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad9034bced7f3199bcf3251afa817a3aacff9c967acf3f68fe9e12061090602

Request headers

:path: /wp-content/uploads/2021/06/White-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2877
last-modified: Thu, 10 Jun 2021 18:27:39 GMT
server: cloudflare
etag: "60c2599b-b3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXOyCpuIVSzsjMOkv%2BaL7%2F4%2F%2Bit%2BZsAoJE3d9YBgdlT43y3BsnqQFsoZWn7GAWrgne1WAWfPBcxbfkVcd0lRA89hct1O0MGMdbMOWP7bPqW4DTNLS4nEWfYvpMaES2w7fqxqk7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69261b0f7c303a47-CDG
expires: Thu, 21 Oct 2021 20:39:56 GMT

GET
H3 200 RW-WHite.png
cooljayheatair.com/wp-content/uploads/2021/06/ 7 KB
7 KB 306ms
306ms Image
image/png 104.21.64.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cooljayheatair.com/wp-content/uploads/2021/06/RW-WHite.png
Requested by: Host: cooljayheatair.com
URL: https://cooljayheatair.com/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cced97f41ea494b74ce919545f8bb215d4a239287c31615ebdc40fa8af3222

Request headers

:path: /wp-content/uploads/2021/06/RW-WHite.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cooljayheatair.com
referer: https://cooljayheatair.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://cooljayheatair.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:39:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6916
last-modified: Fri, 11 Jun 2021 13:07:06 GMT
server: cloudflare
etag: "60c35ffa-1b04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWaOhupoWv179Yw9gtqchBu0DmYc7hKJWN4xDADFSBVXnx%2FgIh3ptUAIMOW8eYKtXlPlbg14e1snq5w3bPXPedXutJUjTGHpP1173yMADEYBVUwsnOWti%2F%2FYWv2zvhmVPKQd1f0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69261b0f8c493a47-CDG
expires: Thu, 21 Oct 2021 20:39:56 GMT

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v9/ 31 KB
31 KB 97ms
47ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v9/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:100,200,300,400,500,600,700,800,900|Archivo+Black:100,200,300,400,500,600,700,800,900

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

754193d1263868f8bea1722f2e973378006bbe58128caace3aae25345436e12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cooljayheatair.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:13:31 GMT
x-content-type-options: nosniff
age: 390385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31548
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 23:34:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 08:13:31 GMT

GET
H2 200 HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v10/ 18 KB
19 KB 74ms
24ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivoblack/v10/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:100,200,300,400,500,600,700,800,900|Archivo+Black:100,200,300,400,500,600,700,800,900

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

4f8fef903345b2b5cdeede31a24d3f76beff567e03f19f1bfb168e37e821d0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cooljayheatair.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 20:10:02 GMT
x-content-type-options: nosniff
age: 88194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18584
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:28:15 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 20:10:02 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster undefined| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cooljayheatair.com/login.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cooljayheatair.com
fonts.googleapis.com
fonts.gstatic.com
www.cooljayheatair.com
104.21.64.37
142.250.184.202
142.250.186.163
172.67.175.233
1c09401579e268fff3e509757bc40efda7deaf25fd1b7ee2bff9c196cfc624d0
1c9e6685a4a0fc86dbd8e368c7faf88294fdb38260909c33408bc639bff07000
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
39dff40f248e653e86d4b01db88cc93c7d2fde8559556b99f0303fa3dc09ea12
4ad9034bced7f3199bcf3251afa817a3aacff9c967acf3f68fe9e12061090602
4f8fef903345b2b5cdeede31a24d3f76beff567e03f19f1bfb168e37e821d0d7
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
754193d1263868f8bea1722f2e973378006bbe58128caace3aae25345436e12f
98cced97f41ea494b74ce919545f8bb215d4a239287c31615ebdc40fa8af3222
9ebb89e0eb75e0d7fc9dcd5a5e68eb38b99a4e5c61468a1a795428f4a1e2c7d5
b6fd9afadb59c4ec0eb9192eeb02adbab6bf09d2e1ade82819f4d7d63028aec6
f11facd7c939649e59fdc49c89fb2dc0da45456e165d80f002cdfde809879b70
f50ed1b2f4abf30470648de3bdbf0b8c00ee91cb4da8e554ed8e98392fb7433a