cksxss.xyz Open in urlscan Pro
2606:4700:3033::ac43:b828 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cksxss.xyz/lp/continue/indextwo.html
Submission: On February 05 via manual (February 5th 2022, 3:48:47 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::ac43:b828, located in United States and belongs to CLOUDFLARENET, US. The main domain is cksxss.xyz.

This is the only time cksxss.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3033::ac43:b828		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e		15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240		16276 (OVH) (OVH)
1	192.99.13.63 192.99.13.63		16276 (OVH) (OVH)
16	6

12 2606:4700:3033::ac43:b828 (United States)

ASN13335 (CLOUDFLARENET, US)

cksxss.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.13.63 (Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cksxss.xyz cksxss.xyz	181 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14234 s4.histats.com — Cisco Umbrella Rank: 12293	5 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
16	4

	Domain	Requested by
12	cksxss.xyz	cksxss.xyz
1	s4.histats.com	s10.histats.com
1	s10.histats.com	cksxss.xyz
1	www.google-analytics.com	cksxss.xyz
1	fonts.googleapis.com	cksxss.xyz
16	5

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://cksxss.xyz/lp/continue/indextwo.html
Frame ID: B6632B5FE3ACC6036A5D4DCC24A13003
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Install Required

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

16
Requests

13 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

4
Countries

207 kB
Transfer

583 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request indextwo.html Show response
cksxss.xyz/lp/continue/ 35 KB
8 KB 627ms
598ms Document
text/html 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213aff929fd8c3c9cfc314155b75abd891e66a01b11565f361c389139f53f2a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 05 Feb 2022 15:48:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 27 Jan 2022 20:39:12 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZF2KeyvbWjAX7Du9leSarz64t0SWC2kTqjcAkRMCq1RWN2lTOddiYiJT5%2Fiidztvgw5KgKLZTelwO6JR9OWSimGyPV6R8Y0LKV9Y8iWZ9L74CA9HFWHvHPX5ic0ByAXmeuBGpr4wlvH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6d8d48c60d7b90e6-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 15:33:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 15:48:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 15:48:40 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
cksxss.xyz/lp/continue/ 95 KB
34 KB 1265ms
1248ms Script
application/javascript 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cksxss.xyz/lp/continue/jquery-1.12.4.min.js
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer: http://cksxss.xyz/lp/continue/indextwo.html
Origin: http://cksxss.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: W/"5f3afe30-17b8e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZrgemTWew5isU9jdSgU0HyPcV9g8RArPbHnSqZqRG80pr9nUOgVrI1Dioz3bjMb8K2eRziWLtk7avnpwk4ZS5yc9%2BE9m7YMhKDufHMdVVUt29s27mKe2BGCkU%2F4yKClNywnMRABiVhn"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d8d48c9f94f691f-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery-ui.js Show response
cksxss.xyz/lp/continue/ 329 KB
78 KB 1361ms
1344ms Script
application/javascript 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cksxss.xyz/lp/continue/jquery-ui.js
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: W/"5f3afe30-52380"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMgbAQGhnxQAnzFvYnI6ipgEGJb5zV4prPNbi9VUIDJnC0ZLi2HX1ofQhgWldTwI6jsytMf%2FyEAv%2FDgAzhB9Bg2DZhRCLiH5zsYe3hkRUoW%2FvgoU8rTv4AKZjHY9DxH1OxsbWitTHyqP"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d8d48c9f8269171-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 404
Not Found sw.js
cksxss.xyz/ 0
0 533ms
533ms Script
text/html 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cksxss.xyz/sw.js
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Ywntpekmf017umfUiTaiiTrXXyvGqpJu6XfTYViJZcnPbdvdoFtCBmOfs8Sxj6hfpj1SuTCUkxtOD13JTmLWJc%2BcH9yWwYBDPO1JkSSZW7fh7cV%2BE7inz00jtM2YtR2Hmgo6hIWqRv"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d8d48cb8a1490e6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK modernArrow5.png
cksxss.xyz/lp/continue/ 2 KB
3 KB 533ms
532ms Image
image/png 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cksxss.xyz/lp/continue/modernArrow5.png
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: "5f3afe30-86b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjGJcoABHAlz6fLbkKQjcVuz726pULPuZf7UOolSOPETmHdxleyfG%2FVj5iTSW%2FjqC7SE8xcXroDvnAnjZImM07z3v50RPpZ0E9K1eguSi8z13pBYEIbhRhlu9SM9AbofKHt1KzpnS1%2F%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6d8d48d1d982691f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2155

GET
H/1.1 200
OK iconNotify.png
cksxss.xyz/lp/continue/ 1 KB
2 KB 597ms
596ms Image
image/png 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cksxss.xyz/lp/continue/iconNotify.png
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: "5f3afe30-568"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ta4sWRu%2BsLtnc55bN9589pZf1BvwaVvk2aKWRT5Qmt7218klOJNc9TWNPB9pkTwIjrnjn8OoiieOFu8j5aj7IjGbxhcd9eAAHL4qS03MlkV%2B1sgjFnNesoBmK7XPIOOnkYVKhBEu4Lqy"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6d8d48d40efd9171-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1384

GET
H/1.1 200
OK fav.png
cksxss.xyz/lp/continue/ 3 KB
4 KB 536ms
535ms Image
image/png 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cksxss.xyz/lp/continue/fav.png
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: "5f3afe30-b68"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGEoEWnu1BQlxcYGhH0SV4oNpz753%2B3MC3otaiYABIjarGzQNIqYqxnockDcvgXSD6ba2NJPz0Z%2B4%2FGqiZ%2B%2FvOXxBiAVzvesF8GyrJUzXV%2FRyVmDG%2FAuW76CfKYh7ipV%2BAr5r%2BgAMz9%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6d8d48d44ed090e6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2920

GET
H/1.1 200
OK addToChrome.png
cksxss.xyz/lp/continue/ 2 KB
3 KB 553ms
535ms Image
image/png 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cksxss.xyz/lp/continue/addToChrome.png
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: "5f3afe30-7fb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LijU2w%2FShOTSLu2vNS5U63%2FrqSkhb%2FzSgDDnDfVOFVMOiF19Kgd4%2FeNNDHVuPD5N0nRO7bjNZd5H3vOcudGTGGtCrlM7j64dgaPJkpZzRKYf3qZFvW%2B4a9FbpVnJ4tVwuLzTTzwCrdVr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6d8d48d46b119158-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2043

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

64ms
19ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html

Protocol

H2

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6230
date: Sat, 05 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 05 Feb 2022 16:04:52 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found sw.js
cksxss.xyz/ 0
0 24ms
24ms Script
text/html 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cksxss.xyz/sw.js
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAHd4GOjWXZMQAXWssNMOP3vVd30fcM1OBJ0viPHHP7nt%2FMOPY3l5vPVn0%2FCQU0abuGYb5%2Bie2OsCFrUvPtyaYs3sdSnvv42wdQmymrCGzV31TLHo7e5tYBGvrGQcaxOwTIJJhgOmV69"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d8d48d42e6590e6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK cursor2.png
cksxss.xyz/lp/continue/ 26 KB
27 KB 799ms
781ms Image
image/png 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cksxss.xyz/lp/continue/cursor2.png
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:43 GMT
CF-Cache-Status: MISS
last-modified: Mon, 17 Aug 2020 22:01:20 GMT
Server: cloudflare
etag: "5f3afe30-6813"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxc1Qlj6kHmxBeeo8qlcrC%2FodGwy7zXMXypLcA2fx1Ttv1Y1ozzkcE6GQIheeWA1sd7gs4RKOiOmDOcMnNRCP%2BixPvr21UXiiPLIM6ZAmM9V2nPcJa5CS9GVipv%2F5dzQYLDO2TGkPw%2BX"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6d8d48d46f3d696a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 26643

GET
H/1.1 200
OK bg.png
cksxss.xyz/lp/continue/ 21 KB
22 KB 803ms
787ms Image
image/png 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cksxss.xyz/lp/continue/bg.png
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f931d632614ead64e095cb7b89a27e42bc66cdecc9b01cfa154461bf75f82bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/lp/continue/indextwo.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:43 GMT
CF-Cache-Status: MISS
last-modified: Tue, 08 Dec 2020 09:25:16 GMT
Server: cloudflare
etag: "5fcf467c-53bf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FTYXxpc2V%2BuwhVFFivS6ezhyzGFJU%2BAc64Ql%2FHGLhNBSZd%2FOa5Nxu9NKca7B8Zk2tC6qDptaC4OXB89HQX2P2d%2BWEzOCqIDH48cqkTbNWISRgUMZ2YytLMauZFfMmIfMAf9j%2FBd%2Bt%2F3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6d8d48d46eeb5bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 21439

GET
H/1.1 404
Not Found light.mp3
cksxss.xyz/lp/continue/ 571 B
1 KB 570ms
569ms Media
text/html 2606:4700:3033::ac43:b828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cksxss.xyz/lp/continue/light.mp3
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:b828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2

Request headers

Referer: http://cksxss.xyz/lp/continue/indextwo.html
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fivU1PPArGGgiuScIvZ1tcgXyf5N%2FxQQ4GaiS2bg2vsn%2Bd15mz3597itigLSmkuafoCi9JTDAdH6KFC4fVmwBuaLCD5i4t4tsKPL6pZwQDO%2FCiQU5tyxlqk5Ox4rJGaYo3yZ3nty4%2Ffy"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d8d48d53fe3691f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 39ms
20ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: cksxss.xyz
URL: http://cksxss.xyz/lp/continue/indextwo.html
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 15:38:44 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 42475
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: D972D783:C58E_2E69C9F0:0050_61FE9C5A_B67C:AFFF
content-length: 4547
x-request-id: 667222752

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 65 B
199 B 310ms
102ms Script
text/html 192.99.13.63
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3450293&@f16&@g1&@h1&@i1&@j1644076122337&@k0&@l1&@mInstall%20Required&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-196079845&@b3:1644076122&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fcksxss.xyz%2Flp%2Fcontinue%2Findextwo.html&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.13.63 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns504751.ip-192-99-13.net
Software: /
Resource Hash: 2e2cdd91cf4f375553b01c9b2d168cd0282324319216964a80f21059aa826f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 15:48:42 GMT
Connection: close
Content-Length: 65
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://cksxss.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| url1 string| url2 string| pid string| ver string| info string| hostnameDD string| GoogleAnalyticsObject function| ga function| AddmyTime function| AddmyTime1 boolean| isChrome boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| openInstall2 function| successCallback function| successCallback1 function| failureCallback function| Yes function| No function| myMove function| myMove1 object| cursor object| canvas object| ctx undefined| cx undefined| cy number| x number| y object| animationDD function| animateDD object| addTimer object| myVar object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _HistatsCounterGraphics_0_setValues number| Py number| px number| py

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstCfa3450293 Value: 1644076122337
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstCla3450293 Value: 1644076122337
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstCmu3450293 Value: 1644076122337
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstPn3450293 Value: 1
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstPt3450293 Value: 1
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstCnv3450293 Value: 1
			cksxss.xyz/	1970-01-20 09:26:52	Name: HstCns3450293 Value: 1
			.cksxss.xyz/	1970-01-20 18:12:28	Name: _ga Value: GA1.2.106013014.1644076122
			.cksxss.xyz/	1970-01-20 00:42:42	Name: _gid Value: GA1.2.614854109.1644076122

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://cksxss.xyz/sw.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://cksxss.xyz/sw.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://cksxss.xyz/lp/continue/light.mp3 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cksxss.xyz
fonts.googleapis.com
s10.histats.com
s4.histats.com
www.google-analytics.com
192.99.13.63
2606:4700:3033::ac43:b828
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
46.105.201.240
213aff929fd8c3c9cfc314155b75abd891e66a01b11565f361c389139f53f2a3
22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e2cdd91cf4f375553b01c9b2d168cd0282324319216964a80f21059aa826f12
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906
5f931d632614ead64e095cb7b89a27e42bc66cdecc9b01cfa154461bf75f82bf
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61