dnnjx.shop Open in urlscan Pro
104.21.60.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
Effective URL:
https://dnnjx.shop/?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU=
Submission: On July 15 via api (July 15th 2021, 11:03:50 am UTC) from BE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 104.21.60.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is dnnjx.shop.
TLS certificate: Issued by R3 on July 10th 2021. Valid for: 3 months.

This is the only time dnnjx.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	104.21.60.77 104.21.60.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	6

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

script.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.60.77 (United States)

ASN13335 (CLOUDFLARENET, US)

dnnjx.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	google.com 1 redirects script.google.com www.google.com	101 KB
3	googleusercontent.com n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com	22 KB
2	dnnjx.shop dnnjx.shop	3 KB
2	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com	461 B
12	5

	Domain	Requested by
4	script.google.com	script.google.com
3	n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com	script.google.com n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
2	dnnjx.shop	n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com script.google.com
1	encrypted-tbn0.gstatic.com	n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
1	www.gstatic.com	n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
1	www.google.com	1 redirects
1	fonts.googleapis.com	script.google.com
12	7

This site contains no links.

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.dnnjx.shop R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh

This page contains 3 frames:

Frame: https://dnnjx.shop/r.php
Frame ID: 81CAA216E4F988B9F4E93658E93406E3
Requests: 7 HTTP requests in this frame

Frame: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel
Frame ID: 611DA9CF1209CA49571CB9360E8772D8
Requests: 2 HTTP requests in this frame

Frame: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/blank
Frame ID: 760A27379047467D819D146B7215ADA4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF... Page URL
https://dnnjx.shop/?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU= Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

12
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

151 kB
Transfer

564 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec Page URL
https://dnnjx.shop/?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 exec Show response
script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/ 3 KB
2 KB 356ms
354ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf7e019dfc848601c5ec434ad545ed2f23305f2320fe75a3e4d33db34417e2a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hAcuP2faiDUC13+ZcG1TgQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: script.google.com
:scheme: https
:path: /macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Jul 2021 11:03:35 GMT
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hAcuP2faiDUC13+ZcG1TgQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 icon
fonts.googleapis.com/ 568 B
461 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://script.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 11:03:35 GMT
server: ESF
date: Thu, 15 Jul 2021 11:03:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jul 2021 11:03:35 GMT

GET
H3-29 200 3156742397-mae_html_css_ltr.css
script.google.com/static/macros/client/css/ 260 KB
37 KB 31ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/static/macros/client/css/3156742397-mae_html_css_ltr.css

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

532ca8455e437fa7886a337c209dafcabf0a28b108ce75b8ed222344d43f083d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /static/macros/client/css/3156742397-mae_html_css_ltr.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: script.google.com
referer: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:03:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
last-modified: Mon, 28 Jun 2021 12:13:56 GMT
server: sffe
age: 0
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=0
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37972
x-xss-protection: 0
expires: Thu, 15 Jul 2021 11:03:35 GMT

GET
H3-29 200 1923107659-warden_bin_i18n_warden__de.js Show response
script.google.com/static/macros/client/js/ 170 KB
62 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/static/macros/client/js/1923107659-warden_bin_i18n_warden__de.js

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f3c868a09615524630441a04356dc4a60e93db2ff7d69894f3a5836be367dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /static/macros/client/js/1923107659-warden_bin_i18n_warden__de.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: script.google.com
referer: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:03:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
last-modified: Mon, 28 Jun 2021 12:13:56 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=0
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63333
x-xss-protection: 0
expires: Thu, 15 Jul 2021 11:03:35 GMT

GET
H2 200 userCodeAppPanel Show response
n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/ Frame 611D 899 B
967 B 135ms
115ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1b639aca7d366ef3e197f68ecd8e8ea18f8457d7c34fa492abcd8fe977e6005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
:scheme: https
:path: /userCodeAppPanel
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://script.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://script.google.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Jul 2021 11:03:35 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2748860093-mae_html_user_bin_i18n_mae_html_user__de.js Show response
n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/static/macros/client/js/ Frame 611D 56 KB
21 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/static/macros/client/js/2748860093-mae_html_user_bin_i18n_mae_html_user__de.js

Requested by

Host: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
URL: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a1d6a20fd6e68a07c6bac08f8215f30e4119533f857dd07b0b0786d4b9baf5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:03:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
last-modified: Mon, 28 Jun 2021 12:13:56 GMT
server: sffe
age: 0
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=0
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21873
x-xss-protection: 0
expires: Thu, 15 Jul 2021 11:03:35 GMT

GET
H3-29 200 blank Show response
n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/ Frame 760A 107 B
139 B 118ms
118ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/blank

Requested by

Host: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
URL: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e96a0764601b88a69e05cd4e457e4fd48ec506820f4984c88ac97a57f11a4e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
:scheme: https
:path: /blank
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel

Response headers

content-type: text/html; charset=utf-8
x-ua-compatible: chrome=IE9
expires: Fri, 15 Jul 2022 11:03:35 GMT
date: Thu, 15 Jul 2021 11:03:35 GMT
cache-control: public, max-age=31536000
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 wardeninit
script.google.com/ 103 B
104 B 115ms
115ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/wardeninit?_reqid=47016&rt=j

Requested by

Host: script.google.com
URL: https://script.google.com/static/macros/client/js/1923107659-warden_bin_i18n_warden__de.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
x-same-domain: 1
origin: https://script.google.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 31
:path: /wardeninit?_reqid=47016&rt=j
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: script.google.com
referer: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
:scheme: https
sec-fetch-site: same-origin
:method: POST
X-Same-Domain: 1
Referer: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/ Frame 760A
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
20 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
URL: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 10:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 15 Jul 2021 11:42:12 GMT

Redirect headers

date: Thu, 15 Jul 2021 11:00:42 GMT
x-content-type-options: nosniff
server: sffe
age: 173
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Thu, 15 Jul 2021 11:30:42 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ Frame 760A 4 KB
4 KB 33ms
14ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQB5jhV7hrugNx5FC9EhZo22BixJ-AeUOX_6A

Requested by

Host: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
URL: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/static/macros/client/js/2748860093-mae_html_user_bin_i18n_mae_html_user__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:03:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 22 Jun 2019 04:34:34 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4095
x-xss-protection: 0
expires: Fri, 15 Jul 2022 11:03:35 GMT

GET
H2 200 Primary Request / Show response
dnnjx.shop/ 5 KB
2 KB 199ms
117ms Document
text/html 104.21.60.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dnnjx.shop/?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU=
Requested by: Host: n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
URL: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/userCodeAppPanel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.60.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db835d145faf6ead164112702f998684c2421f3182c1261eef2657ddc1d40630

Request headers

:method: GET
:authority: dnnjx.shop
:scheme: https
:path: /?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com/

Response headers

date: Thu, 15 Jul 2021 11:03:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: so=am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU%3D em=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xoI5pE4JT4ldddVm6L0vHczeNKHFNUlN2ItrKi6RlBVugwf2xsVITq6qOaWlQcdqSsttAebuPFXy7J5wosvpXh6eamSp0EC07LAZXgmcrHJYn9tByYFYWermPKi"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66f2815009be15f0-ARN
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 404 r.php Show response
dnnjx.shop/ 0
554 B 135ms
99ms Document
text/html 104.21.60.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dnnjx.shop/r.php
Requested by: Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbxHjsGuNMGxG4N_Kgl1Gvgg9HuJ0sH7xOyE-hAQ2UTKvWr5hyH5-aZmFpX2uuF1yxqD/exec
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.60.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: dnnjx.shop
:scheme: https
:path: /r.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://dnnjx.shop/?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: so=am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dnnjx.shop/?JnM9am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU=

Response headers

date: Thu, 15 Jul 2021 11:03:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0htJrzbq2eVTGjIORl170HoZFpehakMKz%2BgVanQ9UChncBsPguFO79y8c9Q9zgjkw%2FvZXJ1BNk6iqPpaKznmJXkBxSPV4XuMhIKIsOeKTi9L7fFP6%2FWpBku0ozz"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66f281542b3fcaf0-ARN
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dnnjx.shop/	1969-12-31 23:59:59	Name: so Value: am1sX0RhdGluZ18xNTA3MjAyMV9zY3JpcHRnb29nbGU%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hAcuP2faiDUC13+ZcG1TgQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dnnjx.shop
encrypted-tbn0.gstatic.com
fonts.googleapis.com
n-26crkmgvx4xed6dftyuffdqicd44oi7avgnh34y-0lu-script.googleusercontent.com
script.google.com
www.google.com
www.gstatic.com
104.21.60.77
2a00:1450:4001:810::2004
2a00:1450:4001:812::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0
532ca8455e437fa7886a337c209dafcabf0a28b108ce75b8ed222344d43f083d
5a1d6a20fd6e68a07c6bac08f8215f30e4119533f857dd07b0b0786d4b9baf5d
7f3c868a09615524630441a04356dc4a60e93db2ff7d69894f3a5836be367dd6
a1b639aca7d366ef3e197f68ecd8e8ea18f8457d7c34fa492abcd8fe977e6005
cf7e019dfc848601c5ec434ad545ed2f23305f2320fe75a3e4d33db34417e2a7
db835d145faf6ead164112702f998684c2421f3182c1261eef2657ddc1d40630
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96a0764601b88a69e05cd4e457e4fd48ec506820f4984c88ac97a57f11a4e6a

dnnjx.shop Open in urlscan Pro 104.21.60.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

86 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

151 kBTransfer

564 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

dnnjx.shop Open in urlscan Pro
104.21.60.77 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

151 kB
Transfer

564 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions