urlscan.io logo urlscan.io
SecurityTrails logo

dbqj1.xn--db-0s7du05h.com Open in urlscan Pro Puny
dbqj1.db旗舰.com IDN
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://dbqj1.xn--db-0s7du05h.com/
Submission: On June 09 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dbqj1.xn--db-0s7du05h.com.
TLS certificate: Issued by E1 on April 14th 2024. Valid for: 3 months.
This is the only time dbqj1.xn--db-0s7du05h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dbqj1.xn--db-0s7du05h.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.167.174.162 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-167-174-162.ap-east-1.compute.amazonaws.com
pr.pdfxpkqi.com
Apex Domain
Subdomains		 Transfer
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
334 KB
6 xn--db-0s7du05h.com
dbqj1.xn--db-0s7du05h.com
4 MB
5 google.com
apis.google.com — Cisco Umbrella Rank: 185
drive.google.com — Cisco Umbrella Rank: 420
225 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
5 KB
1 pdfxpkqi.com
pr.pdfxpkqi.com
5 KB
23 5
Domain Requested by
6 fonts.gstatic.com fonts.googleapis.com
6 dbqj1.xn--db-0s7du05h.com 1 redirects dbqj1.xn--db-0s7du05h.com
4 apis.google.com dbqj1.xn--db-0s7du05h.com
apis.google.com
3 www.gstatic.com dbqj1.xn--db-0s7du05h.com
3 fonts.googleapis.com dbqj1.xn--db-0s7du05h.com
1 pr.pdfxpkqi.com
1 drive.google.com dbqj1.xn--db-0s7du05h.com
23 7

This site contains links to these domains. Also see Links.

Domain
pr.pdfxpkqi.com
Subject Issuer Validity Valid
xn--db-0s7du05h.com
E1		 2024-04-14 -
2024-07-13		 3 months crt.sh
*.apis.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
pr.yposohch.com
Amazon RSA 2048 M03		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 4 frames:

Primary Page: https://dbqj1.xn--db-0s7du05h.com/
Frame ID: 2F4CA23F279B2AB699F0FD7FE98DF8BF
Requests: 19 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__&r=654296804
Frame ID: 6404E24FA30903D0ED38645B45C8FB82
Requests: 1 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: 182414426588B744DAF3320CAF473F41
Requests: 1 HTTP requests in this frame

Frame: https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: BF55968B7505838419D647263D76DE57
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2024欧洲杯投注

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

23
Requests

96 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

4357 kB
Transfer

6185 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dbqj1.xn--db-0s7du05h.com/ 		58 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76a9571f993884d325d0c260b20fc5f003c47e44b383d7afbaf37942baed8d3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8912d26418184d79-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 09 Jun 2024 17:25:36 GMT
last-modified
Fri, 31 May 2024 12:00:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jo%2B9XmBSE7xOD%2FLPzAKLf7G9QC5KLAFoD4dH8QRevZEEwChxFfncgWtz2AL6uUCSvFZFaPDBgOWHtoNi%2FRBtsx%2F6g4l9DwgDo5tpIw1Wej%2FAbNJT76u4OPfvfPNQdUqOOaNO3M%2FNmwp9Q55%2B5eLzMjNTPMcdHZEA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/ 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc5c228a08343bbfeb0809835ea26b1deee4397968ae0e566ed669091636300a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 11:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111476
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jun 2025 11:23:15 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/ 		261 B
274 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5786f0c241a5ba31adebbb92cfa5cb7a9a71b917f8626c6cb4826e61de87b65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jun 2025 01:01:41 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8afe7c51bde49c1198c0c63fa9c40b59ada442c8c9d307875110e46981a5d37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 17:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 17:11:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 17:25:39 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dd1c1c9bbb75704b7b000db161ea0ec0bffcc1141b9983d18649083c7532964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 17:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 15:55:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 17:25:39 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Ai%2Cbi%2C700%2C400%7CSource%20Code%20Pro%3Ai%2Cbi%2C700%2C800&display=swap
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ef4cd0aa3df29247f547355fdbc13bd2615fe39f842e67557246cf37f436dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 17:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 17:25:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 17:25:39 GMT
rs=AGEqA5mhyLnjO3riZ6Nf5sblwJ0Xs19aNQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.clZsqaJA1AM.L.W.O/am=AgM/d=1/ 		1 MB
173 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.clZsqaJA1AM.L.W.O/am=AgM/d=1/rs=AGEqA5mhyLnjO3riZ6Nf5sblwJ0Xs19aNQ
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6f182dec6568dab6cc1e0913b5ddbdd63fe08e7ea1ad497f5e9809dd1f81b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176342
x-xss-protection
0
last-modified
Tue, 21 May 2024 01:17:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sat, 07 Jun 2025 09:54:22 GMT
client.js
apis.google.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842d1802d7ed78986a99711f4b9f690cbb76fb3b662ed726138d340801b82b45
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 09 Jun 2024 17:25:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5891
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"b16da2d438896fc4"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:39 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb019de6763a0da1af89727a5747dc04e08538a747cb39afa8be2e365bb2206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 16:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37099
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 22:33:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 17:43:43 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.wmJJChQt2mo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-HLEGAmaHQS9OI_-1KDHtQqCEEAg/ 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.wmJJChQt2mo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-HLEGAmaHQS9OI_-1KDHtQqCEEAg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb98e9930ef604d9254256ce0dd099da476b2d4c15d14472fda8dfdb04adaa3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111486
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Jun 2025 14:13:01 GMT
2.png
dbqj1.xn--db-0s7du05h.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbqj1.xn--db-0s7du05h.com/2.png
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f62bfcbc923fbaf8d3cfe8a04ac4854581f131fb2a6cdc0a589c88deb745e83

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:25:40 GMT
cf-cache-status
MISS
last-modified
Thu, 30 May 2024 12:59:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66587845-1cadc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DpSPWobZBLkXCvEN7y5r5ovNqd8mnY8fzakyEAKG26ZuBe%2Bf5CMiT4a%2Fjo%2FEJy%2FxJDRvVfUZcEYdwj4I7fuEgqT9Ta3gGC3a213NtrFY0h%2BBz2TThwnRkwV%2BaNnAT4IcmDHROffz9acY8LTZ79OMBNj98HZ5Co9T"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8912d27d69f24d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
1879494
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 6404 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__&r=654296804
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dbqj1.xn--db-0s7du05h.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
16382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Jun 2024 12:52:38 GMT
expires
Mon, 09 Jun 2025 12:52:38 GMT
last-modified
Tue, 12 Dec 2023 13:42:01 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auth_warmup
drive.google.com/ Frame 1824 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/auth_warmup
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-IaR2b64CSBYbIHNJ39Z8ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dbqj1.xn--db-0s7du05h.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-IaR2b64CSBYbIHNJ39Z8ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sun, 09 Jun 2024 17:25:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmJw0gDi9BmsQUC8JOIi66HEi6xC3BxTTk_fzCYw4eCNfCXVpPzC-JSizLLUjJKSgsSCzOLUorLUongjAyMTA1NjAz0Do_gCAwDXFBnp"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
1.png
dbqj1.xn--db-0s7du05h.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbqj1.xn--db-0s7du05h.com/1.png
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e8ba264851510c3b88245d4631fa08a004c2ee380994d083e0e7758605162f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:25:40 GMT
cf-cache-status
MISS
last-modified
Thu, 30 May 2024 12:59:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66587845-1e2ffe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LETapT5mXJC8UZjqvy%2BFXi8exh8j9sjVCaj8Ix%2F5j29%2FPkb0zio2AfknpLW8tQRh%2BDTp3hnSm9sdV2Qq4ejJYObw9tX7IDuGMGcOdO3o30aLhtSmTF9I%2BSLcx1%2Fb9AIVizhHiqKbYfpoNHEafev%2FZG7Pgl9xjq4x"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8912d27d9a4f4d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
1978366
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dbqj1.xn--db-0s7du05h.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:42:37 GMT
x-content-type-options
nosniff
age
200583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 09:42:37 GMT
HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
fonts.gstatic.com/s/sourcecodepro/v23/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dbqj1.xn--db-0s7du05h.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:34:28 GMT
x-content-type-options
nosniff
age
229872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21528
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:21:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 01:34:28 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dbqj1.xn--db-0s7du05h.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:26:17 GMT
x-content-type-options
nosniff
age
230363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 01:26:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dbqj1.xn--db-0s7du05h.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 17:07:38 GMT
x-content-type-options
nosniff
age
173882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 17:07:38 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Ai%2Cbi%2C700%2C400%7CSource%20Code%20Pro%3Ai%2Cbi%2C700%2C800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dbqj1.xn--db-0s7du05h.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:15:53 GMT
x-content-type-options
nosniff
age
202187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 09:15:53 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dbqj1.xn--db-0s7du05h.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 03:00:19 GMT
x-content-type-options
nosniff
age
224721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34184
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 23:36:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 03:00:19 GMT
main.js
dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame BF55
Redirect Chain
  • https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5214f7449dba67a48ece4cd584b67715db33f4d7b40a916e25efe50474957b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 17:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oek0qlq8xa50Ep7AlI9%2FxzhQQKAAyMtW2K%2BrPhyuVgX6OBRCNi%2F3wXbvQg8hwFzxVoHOr5GJ%2FufW4kKrOFIGDMF0UEJScU4jlfBU30gfh9iszKqydzcK4W3J4q2FYLcyW6IyCQCo4HStSfqSApzJRWS36SjvrRSl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8912d27e3b734d79-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 09 Jun 2024 17:25:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4OtzOpdoZuaOs5XGBihy5qsgc3bwLIJrwWNKP6qbNJpSjqKWYEARpbGKIaI2bjD%2FXhvGJ2LRIIwfwz0pudMMARYZEL1L7YTdGlkXVO6M1PDObCq6mQq4bM5GjkG2sw1vdCyvsD9tfqj72ga6t2Y0IB8ErkjUPjL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control
max-age=300, public
cf-ray
8912d27dfaf24d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
8912d26418184d79
dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame BF55 		0
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/h/g/jsd/r/8912d26418184d79
Requested by
Host: dbqj1.xn--db-0s7du05h.com
URL: https://dbqj1.xn--db-0s7du05h.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jun 2024 17:25:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d50CyiCD%2BxhWbYnN%2BwYHCfhv4ZZ9SAPRGXKigbaOipq%2BnXcUfCs5hCoOsItkj5Hl2XkStDyxMnqkJA4v3m3wdpT%2B%2FVvs9YrdfimWR6vH3P7MpE3ytfrD%2B03Xbm6ffprC7dgy46t1ScmpW0TuFnBcx%2B1LuuaJwGNm"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8912d27eecd14d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.png
pr.pdfxpkqi.com/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pr.pdfxpkqi.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.167.174.162 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-167-174-162.ap-east-1.compute.amazonaws.com
Software
openresty /
Resource Hash
d9372c4ab2628f6315c54555f0aee0f1c4ba1abf69824f7704630d4d74775604

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dbqj1.xn--db-0s7du05h.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:25:42 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 01:37:10 GMT
server
openresty
etag
W/"661dd646-1310"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
powered_by
ip-172-31-20-26.ap-east-1.compute.internal

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| DOCS_timing function| _DumpException object| WIZ_global_data function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| userfeedback object| help object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 514=BaebqTLqeM1TYYZx7bJDDgEOqx2Tqh17-eYn0EtSrwvQFcfc_-SLYlEg3GmHXvtqW_j6mgBFC-2NNEjwiGvVZfC0omjAAFYGCDgqY9Zrb8CS0V1XTs0k8R_PK5-rRbQRun3BGCc5KuT8MfIqtypW3mLD8CXIparbrcptip6gOJyh5iGCOGFo
.xn--db-0s7du05h.com/ Name: cf_clearance
Value: bB7IPWwKfID2_LzUrrPMt886140slQh10SYMeJQbkBE-1717953940-1.0.1.1-c.Xo.Jn9JW6Fs9UXA6rRLLfxGdZohxgiCUu95RrFutlvCFxAN8WzMhINGZtqkpAGSl7aJVXSGF.OOaC8tMn6tQ

1 Console Messages

Source Level URL
Text
other warning URL: https://dbqj1.xn--db-0s7du05h.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
dbqj1.xn--db-0s7du05h.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
pr.pdfxpkqi.com
www.gstatic.com
18.167.174.162
2a00:1450:4001:803::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:830::200e
2a06:98c1:3120::3
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
0f62bfcbc923fbaf8d3cfe8a04ac4854581f131fb2a6cdc0a589c88deb745e83
2dd1c1c9bbb75704b7b000db161ea0ec0bffcc1141b9983d18649083c7532964
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
5786f0c241a5ba31adebbb92cfa5cb7a9a71b917f8626c6cb4826e61de87b65e
842d1802d7ed78986a99711f4b9f690cbb76fb3b662ed726138d340801b82b45
8afe7c51bde49c1198c0c63fa9c40b59ada442c8c9d307875110e46981a5d37b
98ef4cd0aa3df29247f547355fdbc13bd2615fe39f842e67557246cf37f436dd
9eb019de6763a0da1af89727a5747dc04e08538a747cb39afa8be2e365bb2206
b4e8ba264851510c3b88245d4631fa08a004c2ee380994d083e0e7758605162f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c76a9571f993884d325d0c260b20fc5f003c47e44b383d7afbaf37942baed8d3
cb98e9930ef604d9254256ce0dd099da476b2d4c15d14472fda8dfdb04adaa3c
d5214f7449dba67a48ece4cd584b67715db33f4d7b40a916e25efe50474957b1
d6f182dec6568dab6cc1e0913b5ddbdd63fe08e7ea1ad497f5e9809dd1f81b3b
d9372c4ab2628f6315c54555f0aee0f1c4ba1abf69824f7704630d4d74775604
dc5c228a08343bbfeb0809835ea26b1deee4397968ae0e566ed669091636300a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef