urlscan.io logo urlscan.io
SecurityTrails logo

nubia.apps.dj Open in urlscan Pro
84.46.254.71  Public Scan

Go To Rescan Add Verdict Report
URL: https://nubia.apps.dj/
Submission: On September 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 84.46.254.71, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is nubia.apps.dj.
TLS certificate: Issued by R10 on September 23rd 2024. Valid for: 3 months.
This is the only time nubia.apps.dj was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 84.46.254.71 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 172.67.74.163 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 142.250.186.163 15169 (GOOGLE)
2 192.243.61.225 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.39.128.117 16276 (OVH)
19 11
2    84.46.254.71 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi2105904.contaboserver.net
nubia.apps.dj
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gasakcdn.pages.dev
1    172.67.74.163 (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
1    2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
2    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
postponeclement.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
suggestqueries.google.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    2606:4700:10::ac42:8476 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
6 pages.dev
gasakcdn.pages.dev
3 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12218
s4.histats.com — Cisco Umbrella Rank: 12232
5 KB
2 postponeclement.com
postponeclement.com
2 gstatic.com
fonts.gstatic.com
36 KB
2 picsum.photos
picsum.photos — Cisco Umbrella Rank: 74282
fastly.picsum.photos — Cisco Umbrella Rank: 105993
57 KB
2 apps.dj
nubia.apps.dj
4 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
51 KB
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 1778
799 B
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 20023
664 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
19 10
Domain Requested by
6 gasakcdn.pages.dev nubia.apps.dj
2 postponeclement.com gasakcdn.pages.dev
2 fonts.gstatic.com fonts.googleapis.com
2 nubia.apps.dj
1 s4.histats.com s10.histats.com
1 s10.histats.com nubia.apps.dj
1 pagead2.googlesyndication.com gasakcdn.pages.dev
1 suggestqueries.google.com nubia.apps.dj
1 fastly.picsum.photos nubia.apps.dj
1 picsum.photos 1 redirects
1 3.bp.blogspot.com nubia.apps.dj
1 fonts.googleapis.com nubia.apps.dj
19 12

This site contains no links.

Subject Issuer Validity Valid
nubia.apps.dj
R10		 2024-09-23 -
2024-12-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
gasakcdn.pages.dev
Cloudflare Inc ECC CA-3		 2024-01-11 -
2024-12-31		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
postponeclement.com
R11		 2024-08-08 -
2024-11-06		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
s10.histats.com
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
histats.com
R11		 2024-08-06 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nubia.apps.dj/
Frame ID: 234F8E99FDEA5D723666638D7E59473D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

95 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

159 kB
Transfer

276 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://picsum.photos/600/400 HTTP 302
  • https://fastly.picsum.photos/id/562/600/400.jpg?hmac=lTiTwtanY2WrJbAMRRmlhoCyEHWap5YZur3ZiZBOe28

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nubia.apps.dj/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.46.254.71 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi2105904.contaboserver.net
Software
nginx /
Resource Hash
2aa8b02498a50b62fd43611227fc571a272d32fdaaf75c87d4ee574792276610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Mon, 23 Sep 2024 11:25:05 GMT
etag
W/"66f10467-340d"
last-modified
Mon, 23 Sep 2024 06:02:15 GMT
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Sep 2024 11:25:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 11:25:05 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 23 Sep 2024 11:01:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Content-Length
etag
"v1764"
age
2303
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 10:46:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 10:46:42 GMT
content-disposition
inline;filename="btn_close.gif"
content-type
image/gif
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
362
x-xss-protection
0
server
fife
byup.js
gasakcdn.pages.dev/ 		279 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/byup.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db19427eb0006b02a888557a7bb7f9de977005d9a3ff6dd91ef3216fffafe6ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"6f372cb7ac14004a8c06f006f5d2ea82"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acwuzlNOyzaCZyJ%2BCl7gRQtiKDecpNnc%2FxsR2cl%2FOOUSOEsofEceZzBW2ppfLQgeyMlgKPN0%2BzNGN%2Ff1GYOK1QV0%2FsNRoCYAsGlbz50pgc5mq%2FZ1Ufx5ygNWvKWXoxp8apQqM9NfKmMp0giFNTPVjXc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7a2c104e6735ec-FRA
access-control-allow-origin
*
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
400.jpg
fastly.picsum.photos/id/562/600/
Redirect Chain
  • https://picsum.photos/600/400
  • https://fastly.picsum.photos/id/562/600/400.jpg?hmac=lTiTwtanY2WrJbAMRRmlhoCyEHWap5YZur3ZiZBOe28
56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/562/600/400.jpg?hmac=lTiTwtanY2WrJbAMRRmlhoCyEHWap5YZur3ZiZBOe28
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a85e2d2d3203048ac9963b8f02a7c8e68c88c313f6bfdd2d9fb3b8cdeb8c5f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

age
1492337
picsum-id
562
x-cache
HIT
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
image/jpeg
vary
Origin
x-cache-hits
0
content-disposition
inline; filename="562-600x400.jpg"
x-served-by
cache-fra-etou8220149-FRA
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin
*
x-timer
S1727090706.150963,VS0,VE2
via
1.1 varnish
accept-ranges
bytes
content-length
57448
server
nginx

Redirect headers

strict-transport-security
max-age=15552000
cache-control
private, no-cache, no-store, must-revalidate
location
https://fastly.picsum.photos/id/562/600/400.jpg?hmac=lTiTwtanY2WrJbAMRRmlhoCyEHWap5YZur3ZiZBOe28
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emK2M19kF3ffH4U7gWABbixaeTXuuPSUcXQ%2Bzbe9%2FcHa%2F5Y3sVdl7WCwU3L1M5aYfOPN4sTNnBLsSNsVAAuoz27RL%2BffcXJH1YtxCKFhHADfAlEkRJMBS9OBQeKQkl0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c7a2c108da46aec-FRA
content-length
0
date
Mon, 23 Sep 2024 11:25:06 GMT
vary
Origin
server
cloudflare
hobby.js
gasakcdn.pages.dev/ 		280 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/hobby.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa88659c378c03a7df112145a076d1d1c2946634b9010402e43ce139fb5ec70d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"afecea10cfb40e02fd8c8cee8547510b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1yklu8kr%2BLbHCCFKKjrr%2F4WmRNL18ns3NOo986YrIlgDVQ%2FRnF5c2FunckCm2pTHaksxn7eW7vKIwMVzw4cVA5dn0EEMEp96Wvw7IeEjcHaWago84eANI5DsloajGMj33S1JeirO5vUsE8FQjzkBck%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7a2c105e8835ec-FRA
access-control-allow-origin
*
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
spare.js
gasakcdn.pages.dev/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/spare.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd3b5667c63a7967a2206b47e38d637776f147b62373e21858834f333204c04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"3cfceaca3c5494f30f5085f4ad767a0b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fJ9sk01EhG4VAFtl9snfkkBmjJN9vG7Ln%2BfaaAU5M1rx110dRDRhspDPD0XjD5wmjwKeG8CKFdoWQY4xQ2GxzCxVYr7AUdDtas4GV7%2FGdT8eFFqKNxAdsame69F4HaO5rwk7Z6p%2FIZUVg2oSnUDsT0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7a2c105e8c35ec-FRA
access-control-allow-origin
*
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
extra.js
gasakcdn.pages.dev/ 		1 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/extra.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1d0ed781ac185aa16548c9ed7d74304f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IuqKhLVMIdDNdjgMJR%2F89uoEjgP3P6J9hSbNrirXdjJ6McxdgMekA9UNg9jsR3vrsyj5ADFw%2FoyrUQ9Ym43K9bT6FkoT5Ivi3Y8tynh71HSAso8yKZMmNJmeadL0XWmk4p4Td%2BOfZmftjTqqUclNuzI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7a2c105e8f35ec-FRA
access-control-allow-origin
*
content-length
1
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
supp.js
gasakcdn.pages.dev/ 		1 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/supp.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1d0ed781ac185aa16548c9ed7d74304f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjoelAoAInaSe9BKkqLZo71GIqHdyh3dAqUYsJOqcQu3rosu3PkWw%2FDGUkdE2FMRc061fIbPlq2DOolGfprg%2BR7gO%2BjEDVQx4r7baiDhJulMIJKyqazf7OJpSTvvq%2FtAwWzWXlDeqGzpWHArc2wk2VM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7a2c106e9335ec-FRA
access-control-allow-origin
*
content-length
1
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
slight.js
gasakcdn.pages.dev/ 		1 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/slight.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1d0ed781ac185aa16548c9ed7d74304f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntqUay%2BNy9GMHShW%2BAvycy7P7Ouo6Kh2neQZEwCORAfsno%2B42m87viBY4l2OHLCpwfMa6lCi8d8eriZS5uX5LEG%2B4smapRtyDFn1nGWzBP8UlIDlHjquTZiUzjonJgUylIGOIrXirY0x0JoU7pQzd0A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7a2c106e9435ec-FRA
access-control-allow-origin
*
content-length
1
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nubia.apps.dj
Referer
https://fonts.googleapis.com/

Response headers

age
516807
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 11:51:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 11:51:39 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
invoke.js
postponeclement.com/9c436c4d1c753df3ce1c30907520c196/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/byup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 23 Sep 2024 11:25:06 GMT
Content-Type
application/javascript
Server
nginx/1.21.6
invoke.js
postponeclement.com/c160cb85beae5d49f08aeb93156fe646/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/hobby.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 23 Sep 2024 11:25:06 GMT
Content-Type
application/javascript
Server
nginx/1.21.6
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nubia.apps.dj
Referer
https://fonts.googleapis.com/

Response headers

age
516841
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 11:51:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 11:51:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
search
suggestqueries.google.com/complete/ 		20 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-7hzyjqjwFINfGidcoHOgrw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding
br
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
expires
-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
x-frame-options
SAMEORIGIN
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-7hzyjqjwFINfGidcoHOgrw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cache-control
no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
pragma
no-cache
accept-ch
Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy
unload=()
x-xss-protection
0
server
gws
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/spare.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
116b6af677c3cb4331e0a32e1b82dcfb888326264957ed45b8cd26a82b9ca03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6761802538234504398
x-content-type-options
nosniff
expires
Mon, 23 Sep 2024 11:25:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52528
x-xss-protection
0
server
cafe
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: nubia.apps.dj
URL: https://nubia.apps.dj/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:8476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
66643
cf-ray
8c7a2c15ac40383d-FRA
accept-ranges
bytes
content-length
4547
date
Mon, 23 Sep 2024 11:25:06 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4864650&@f16&@g1&@h1&@i1&@j1727090706849&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:32603128&@b3:1727090707&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fnubia.apps.dj%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561935.ip-54-39-128.net
Software
/
Resource Hash
0ea429d1c12c62a6bd446f548e961b1f0871423bdce41c65351fe4630f939923

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
50
Date
Mon, 23 Sep 2024 11:24:47 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
favicon.ico
nubia.apps.dj/ 		548 B
219 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nubia.apps.dj/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.46.254.71 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi2105904.contaboserver.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nubia.apps.dj/

Response headers

content-encoding
br
date
Mon, 23 Sep 2024 11:25:07 GMT
content-type
text/html
vary
Accept-Encoding
server
nginx

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| baseUrl function| toTitleCase object| atOptions function| autoRelated function| parseSpintax object| seco object| sece function| detectAdBlock object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
nubia.apps.dj/ Name: HstCfa4864650
Value: 1727090706849
nubia.apps.dj/ Name: HstCla4864650
Value: 1727090706849
nubia.apps.dj/ Name: HstCmu4864650
Value: 1727090706849
nubia.apps.dj/ Name: HstPn4864650
Value: 1
nubia.apps.dj/ Name: HstPt4864650
Value: 1
nubia.apps.dj/ Name: HstCnv4864650
Value: 1
nubia.apps.dj/ Name: HstCns4864650
Value: 1

9 Console Messages

Source Level URL
Text
javascript warning URL: https://gasakcdn.pages.dev/byup.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gasakcdn.pages.dev/byup.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://gasakcdn.pages.dev/hobby.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gasakcdn.pages.dev/hobby.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://nubia.apps.dj/(Line 304)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nubia.apps.dj/(Line 304)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://nubia.apps.dj/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
fastly.picsum.photos
fonts.googleapis.com
fonts.gstatic.com
gasakcdn.pages.dev
nubia.apps.dj
pagead2.googlesyndication.com
picsum.photos
postponeclement.com
s10.histats.com
s4.histats.com
suggestqueries.google.com
142.250.185.98
142.250.186.163
172.67.74.163
192.243.61.225
2606:4700:10::ac42:8476
2a00:1450:4001:800::200a
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a04:4e42:200::347
2a06:98c1:3121::3
54.39.128.117
84.46.254.71
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
0a85e2d2d3203048ac9963b8f02a7c8e68c88c313f6bfdd2d9fb3b8cdeb8c5f4
0ea429d1c12c62a6bd446f548e961b1f0871423bdce41c65351fe4630f939923
116b6af677c3cb4331e0a32e1b82dcfb888326264957ed45b8cd26a82b9ca03d
1cd3b5667c63a7967a2206b47e38d637776f147b62373e21858834f333204c04
2aa8b02498a50b62fd43611227fc571a272d32fdaaf75c87d4ee574792276610
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
aa88659c378c03a7df112145a076d1d1c2946634b9010402e43ce139fb5ec70d
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db19427eb0006b02a888557a7bb7f9de977005d9a3ff6dd91ef3216fffafe6ce