hr.nabzclan.vip Open in urlscan Pro
104.21.79.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hr.nabzclan.vip/
Effective URL:
https://hr.nabzclan.vip/index.php
Submission: On March 11 via api (March 11th 2024, 12:49:24 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 40 HTTP transactions. The main IP is 104.21.79.114, located in and belongs to CLOUDFLARENET, US. The main domain is hr.nabzclan.vip.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.

This is the only time hr.nabzclan.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	104.21.79.114 104.21.79.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:303... 2606:4700:3031::6815:4f72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c08::66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::93	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
40	10

10 104.21.79.114 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hr.nabzclan.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3031::6815:4f72 (United States)

ASN13335 (CLOUDFLARENET, US)

hr.nabzclan.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c08::66 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	nabzclan.vip 1 redirects hr.nabzclan.vip	589 KB
16	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 148	78 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	308 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	455 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	96 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
40	6

	Domain	Requested by
20	hr.nabzclan.vip	1 redirects hr.nabzclan.vip static.cloudflareinsights.com
13	fundingchoicesmessages.google.com	hr.nabzclan.vip
2	analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	hr.nabzclan.vip www.googletagmanager.com
1	pagead2.googlesyndication.com
1	www.googletagmanager.com	hr.nabzclan.vip
1	www.google.com	hr.nabzclan.vip
1	static.cloudflareinsights.com	hr.nabzclan.vip
40	8

This site contains links to these domains. Also see Links.

Domain
cocotweaks.com
xfworld.net
xentr.net

Subject Issuer	Validity	Valid
nabzclan.vip GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hr.nabzclan.vip/index.php
Frame ID: AF8A0137D7C558FFBBD53273F6903134
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CocoTweaks LLC

Page URL History Show full URLs

https://hr.nabzclan.vip/ HTTP 301
https://hr.nabzclan.vip/index.php Page URL

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

8
Subdomains

10
IPs

2
Countries

770 kB
Transfer

1754 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cocotweaks.com/

Search URL Search Domain Scan URL

URL: https://xfworld.net/
Title: Addon provided by xfworld.net ©2000-2022

Search URL Search Domain Scan URL

URL: https://xentr.net/
Title: Xenforo Theme © by ©XenTR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hr.nabzclan.vip/ HTTP 301
https://hr.nabzclan.vip/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
hr.nabzclan.vip/
Redirect Chain

https://hr.nabzclan.vip/
https://hr.nabzclan.vip/index.php

44 KB
9 KB

340ms
340ms

Document
text/html

104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.nabzclan.vip/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.30

Resource Hash

ea26115e16e46398de9a46f4538ac27511d1bb27ae87ca4ec4cc13f81baeba80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 862ba9e6fbe52363-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 12:49:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 11 Mar 2024 12:49:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEsNTeBakKvqrENTdS7%2F2sLfn70XmjL1k9jxYU2n%2BP0MlzNPgNgHc3EgMSv0iiJIi5KwkayWhKlFGJhzRCeoOWPWc30mwZGQ0NN2rrWI5Okq9%2BJ33ClGs7%2FxFEtc99Oe3lk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 862ba9e4fa652363-EWR
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 12:49:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 11 Mar 2024 12:49:17 GMT
location: https://hr.nabzclan.vip/index.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkPEPTOhSUbiK7HMH9UVj7fLlcWtSXtYJaQ2FXUbIOyqUzmFNUgvoEfbGJkonBtU1G6f2OKrbBcTuDNtqkSQme7FNY4bVtVZaiw9n9DInD%2FNmli4wOjwUhEp%2F8Y2LOu8qNc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

GET
H2 200 9yTdmAAMnPV4vnpcB7PZPOliXfs.js Show response
hr.nabzclan.vip/cdn-cgi/apps/head/ 5 KB
2 KB 30ms
28ms Script
application/javascript 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/cdn-cgi/apps/head/9yTdmAAMnPV4vnpcB7PZPOliXfs.js
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818ee236961f8772ae77061f8659a994465aa42d4250153f758f9903578e34e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
x-amz-version-id: M7SZMHJYXfQXOLAgs9R48qM2lhBbhzVa
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q5VTF7FZXXP1HRGN
age: 98839
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MIjNsfgr0/Wkkbt1GDG3stqw7Eo39Lb/M66KY+arfRdyk9jcrMyFohgAvHfKE7CY3gK+PIaCVCw=
last-modified: Tue, 10 Oct 2023 20:43:08 GMT
server: cloudflare
etag: W/"2c6d301c56d0f3933fdb44ac5f219474"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgkdFUhqFhzYxdq897thgpA1oqiPoHWwnPHNJJ3hutDFYKFHCL2jeeL9p3Gj480mwVEHqF6sDM5GYUWHsRLlb%2BDiMuPVGUoE1MmXAyOLJuOp%2F23LfuoED4K%2B8pgYQG0OSgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 862ba9e92d242363-EWR

GET
H2 200 fa-regular-400.woff2
hr.nabzclan.vip/styles/fonts/fa/ 165 KB
165 KB 32ms
30ms Font
font/woff2 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://hr.nabzclan.vip/index.php
Origin: https://hr.nabzclan.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94321
alt-svc: h3=":443"; ma=86400
content-length: 168768
last-modified: Wed, 17 May 2023 02:26:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksl9CQ1pWDc82trPa0oWEneQFzY8Rqg3FJlZgCQk9k6WO8xPhr%2FY1WcnJx3fXCtEkkzZFveu5y3Qs9UDUjXboU16G4xQszvGOJcG1TKkG6ULaHD36H8HBnEwOf3HjaNlW2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 862ba9e92d272363-EWR
expires: Sun, 17 Mar 2024 10:10:44 GMT

GET
H2 200 fa-solid-900.woff2
hr.nabzclan.vip/styles/fonts/fa/ 134 KB
134 KB 20ms
18ms Font
font/woff2 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: https://hr.nabzclan.vip/index.php
Origin: https://hr.nabzclan.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94321
alt-svc: h3=":443"; ma=86400
content-length: 136824
last-modified: Wed, 17 May 2023 02:26:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDlk%2F7A7D%2F6bTmiTTUhaJebW1E%2ByuT70fq9UB1ZQ0T5uGNaK5g3Dht7lGviGCMlLC7RjZiDWZvKaiqR3pf%2B53V4q8GccMAm0xYFCf8Fs4aTQ4qY8nPnWSwpIgrKA%2BHKK6rE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 862ba9e92d282363-EWR
expires: Sun, 17 Mar 2024 10:10:44 GMT

GET
H2 200 fa-brands-400.woff2
hr.nabzclan.vip/styles/fonts/fa/ 75 KB
75 KB 31ms
29ms Font
font/woff2 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: https://hr.nabzclan.vip/index.php
Origin: https://hr.nabzclan.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94321
alt-svc: h3=":443"; ma=86400
content-length: 76740
last-modified: Wed, 17 May 2023 02:26:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCt1Y1UNb4tdw0ZqBtC%2FNoTJkORK9CkYGMuIch8xHpaoo7Sx8GMohA9KxISRgR7SUFv9lKSgpM871lctkyaCjdoRviQzbZ00LvP2db%2FixUuQBAEWqxI5xwLH2a%2Fgl1mQZzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 862ba9e92d292363-EWR
expires: Sun, 17 Mar 2024 10:10:44 GMT

GET
H2 200 css.php
hr.nabzclan.vip/ 398 KB
65 KB 436ms
435ms Stylesheet
text/css 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.nabzclan.vip/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1705291216&k=034405c740f279c15adbbc41dfccb627ca90db04

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.30

Resource Hash

0f21bc47b6f2a9df2d4bda8ef0386e4e2671f28f51576c592562caa48d7dcd8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 04:00:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqR9Gj168PsJcK%2FnMLDefn5sYElKwM2Y6%2FzkUYwmFA25GyGfEo3UE5xcqbZVi0MZMJEfYQTEX8PFSt3AW559b2OElJb3lv6PUr1huTRgGoz%2BLuF2JTcCzxX%2FQmDwx%2BpJtgc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9e92d2a2363-EWR
expires: Tue, 11 Mar 2025 12:49:18 GMT

GET
H2 200 css.php
hr.nabzclan.vip/ 16 KB
3 KB 281ms
281ms Stylesheet
text/css 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.nabzclan.vip/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Astructured_list.less%2Cpublic%3Aextra.less&s=1&l=1&d=1705291216&k=6ed470531f0b0df945f1e963c5baf773cfc3bfa5

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.30

Resource Hash

06032ecb35ea0172866f5418d0f2695fd7cee02a2ce8d391de748c5e78aef1dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 04:00:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvwuIU%2Bjma1jcmS9fuNkqcLZ4b4eM0UQ0%2Fv2%2BF4rt7Cv8WzInUpXbdEea%2B8WQLuqab796YMj5Ovwp8qR%2BDHy1I%2BaPdJvIFxUAa0%2Fp3PGQamRNd1QOznQED8nrjPjJ3Jto8M%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9e92d2b2363-EWR
expires: Tue, 11 Mar 2025 12:49:18 GMT

GET
H2 200 xenforo-logo.png
hr.nabzclan.vip/styles/default/xenforo/ 2 KB
2 KB 29ms
29ms Image
image/png 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hr.nabzclan.vip/styles/default/xenforo/xenforo-logo.png
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57dbee7ea15d5d09282409c670a2ec13c181735f5f7b80bd57877ae319ba513b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94320
alt-svc: h3=":443"; ma=86400
content-length: 2062
last-modified: Wed, 17 May 2023 02:26:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZL9HzaCsXEnmuYJh9k%2B7XEifIPzfuAZ2U6xm8%2FcH5satU3zrmTDOhtb1HjvXS2WISeUw%2B7AeylSHfKGd1K8dtiq3G2oZZt7h%2BGEneW%2FZlZuV1jJ5Vvm2X0ywl9%2BE4YaNKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 862ba9e92d2c2363-EWR
expires: Sun, 17 Mar 2024 10:10:44 GMT

GET
H2 200 rocket-loader.min.js Show response
hr.nabzclan.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 13ms
13ms Script
application/javascript 104.21.79.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.nabzclan.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.79.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e75beb-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kiNFUXsoO4DZqJmNxHr8EWv%2F3%2FHbLsgINeP%2BhpSnx9rTtpRUxcwm7hUKa%2Fga0eeyVFeGrKVvNyrr0odksI2hXZchT7biGrcAYa9JqLZz%2BCn6%2B76QL4ymPBfMeYYw46W4n0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 862ba9eaee232363-EWR
expires: Wed, 13 Mar 2024 12:49:18 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 250ms
63ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://hr.nabzclan.vip/
Origin: https://hr.nabzclan.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 862ba9ec285743fe-EWR

GET
H3 200 J6IWpe5hRu0EdLNuY34z2K3zevU.js Show response
hr.nabzclan.vip/cdn-cgi/apps/body/ 9 KB
4 KB 247ms
246ms Script
application/javascript 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/cdn-cgi/apps/body/J6IWpe5hRu0EdLNuY34z2K3zevU.js
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/apps/head/9yTdmAAMnPV4vnpcB7PZPOliXfs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c8b68e7d37111299d6361f04dd78c761ba773331c20b3fe8a45e49a01d5c9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
x-amz-version-id: hbH5fDvR.hXcnohpdm9C3gTIpCGj5rdo
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JJWFX3YRVPD75YMN
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9a1l9eS534MdKcdm+SXZDIW28sC798wzPuEn3gcibvjtLfPTYXIjLZ9MAKfUsjHGePUrEi6EY6o=
last-modified: Tue, 10 Oct 2023 20:43:07 GMT
server: cloudflare
etag: W/"00a59ce33df99758a5f0b5030c2b9e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ%2F3Dy4D51Njmp%2F7m1NXDpXVC4af7cxPY0ZmaYbf525UTCtiHbQ5t5%2FLnUj3PbgXNvOeJmUS3%2BEVxIDIDe4sEw1vAgIH%2FSu9nwridsi%2F5V%2BGJ%2FLM%2B4%2Fcz0qSjrUpb8yKphVwdeYVhYlWGPsKF%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 862ba9ec9b430f46-EWR
priority: u=3,i=?0

GET
H3 200 1.jpg
hr.nabzclan.vip/data/avatars/s/0/ 3 KB
3 KB 300ms
300ms Image
image/jpeg 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hr.nabzclan.vip/data/avatars/s/0/1.jpg?1704734448
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f0ccc14635b9608c939c1a6df561cae7379bfa2677cd4aa386692441821ac4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2805
last-modified: Mon, 08 Jan 2024 17:20:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0lmFuC8ecJ%2B6OuqHzrdwlK6reGvPMqqNu6KTmC%2Fn3%2FVWQlLfOucdzcdsOoiZjMPwRU5j2NUueO5OKuXqf9SomImTIZSelKjHhGaVDvAbCZYxbCGgfTjNAQQg40eKJnChfsZRWvjLKY7tmjzmis%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 862ba9ed1b850f46-EWR
priority: u=3,i
expires: Mon, 18 Mar 2024 07:11:50 GMT

GET
H3 200 core-compiled.js Show response
hr.nabzclan.vip/js/xf/ 210 KB
61 KB 496ms
495ms Script
application/javascript 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/js/xf/core-compiled.js?_v=e11cd6c2
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c9aca0e08033189d268816f63efa0a635fe7bba4f3add2f5453a2b8f067ccf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=215799
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 17 May 2023 02:26:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEQjAFiaHGW5LRqJiiSwLApjzqkOi8nif0zY0w6X8Z92nGT%2FMZt6EnH%2B7RtxbfnwtCoYg8RzIuC%2FyDdgPyFr5ojnb13PxOtJlXn%2BzLG4Cn%2FC8vlDdVVH2I%2Bkx8lR4ys9OyMQHN9yeZXTJWA1Cmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9ed2b8a0f46-EWR
priority: u=1,i=?0
expires: Sun, 17 Mar 2024 10:10:45 GMT

GET
H3 200 vendor-compiled.js Show response
hr.nabzclan.vip/js/vendor/ 42 KB
13 KB 119ms
119ms Script
application/javascript 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/js/vendor/vendor-compiled.js?_v=e11cd6c2
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=43704
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 17 May 2023 02:26:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8llLhNDVI71meAKVIq4Mn2uQrR70Ad%2FpXcbCBZpofddPiKNei5m147YRklijpjhTDSckF54pM8YkIjJtYwjCPOWSgtnVFtPtfqIS%2FfHyhLgo8vNjrqz070zdjEQibq9oLktUJkfD5j674W83DC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9ed2b8b0f46-EWR
priority: u=1,i=?0
expires: Sun, 17 Mar 2024 10:10:45 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
hr.nabzclan.vip/js/vendor/jquery/ 87 KB
32 KB 315ms
314ms Script
application/javascript 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/js/vendor/jquery/jquery-3.5.1.min.js?_v=e11cd6c2
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 02:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnuzvsAmEPkZHXkf7ho2RWEmJD6v%2BVP1JKl92CibioBAXc4jiAcE94tJDK%2BOZgfPoF6DQiQwV9CwemWJFapFGlrjZeobhtkCmmjf8vppTpWgaJRT9pkcSe2ayJEL6zHI5TaOxEFKKehSFjmFUQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9ed2b8c0f46-EWR
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0
expires: Sun, 17 Mar 2024 10:10:45 GMT

GET
H3 200 preamble.min.js Show response
hr.nabzclan.vip/js/xf/ 4 KB
2 KB 94ms
93ms Script
application/javascript 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/js/xf/preamble.min.js?_v=e11cd6c2
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 02:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNLhTuLbaP56QEV3miY%2F7yDMC1SK1yvNEOqwx8pyVyEqawucu%2FNpscDPoOU3C7qBZC4mRpdJ3ykRq61KVIWTRMAx7hXaXfziLYEhaU1kBbBm9oLYnlAoahy18tjiKzBkgJDWafdsumxTa4JOAJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9ed2b8d0f46-EWR
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0
expires: Mon, 18 Mar 2024 07:11:50 GMT

GET
H3 200 s.js Show response
hr.nabzclan.vip/cdn-cgi/zaraz/ 22 KB
11 KB 56ms
56ms Script
text/javascript 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQ29jb1R3ZWFrcyUyMExMQyUyMiUyQyUyMnglMjIlM0EwLjQ0ODYzMjg4MjI5MjA1OTU1JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZoci5uYWJ6Y2xhbi52aXAlMkZpbmRleC5waHAlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTYwMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 324378c0dff3cd211664a283d966e91ce15d558d099c853423604758e4d55267

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F0uO6gKmAwqDbMteohbfKMScgS2r8Ru3QwRbqorLerVy%2F9SgZwafxWrM9GnCXdZxoQB%2Fyg9l5k7Vkl5ELccPBPPjZooqdO0C3Bwd%2BpOfHT1m0eJMwN9oX%2BUGsKnTTUqJgSXFCu5Xe6vEOVyBCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
priority: u=3,i=?0
cf-ray: 862ba9ed2b8e0f46-EWR

POST
H2 204 collect Show response
stats.g.doubleclick.net/g/ 0
254 B 57ms
23ms XHR
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-NECMPJ6LRJ&cid=49b43965-3bef-4287-aaf2-4956d6d54459&_u=KGDAAEADQAAAAC%7E&z=1390542872
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 12:49:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr.nabzclan.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub-6605374199763197 Show response
fundingchoicesmessages.google.com/i/ 183 KB
60 KB 77ms
42ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-6605374199763197?ers=1

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42e2469153b9e519871b138668fcd6cff52e22cb90d347d9556e7b9e10cebf47

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-08vQt-LSsmoSyluUQBdhWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-08vQt-LSsmoSyluUQBdhWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgGxEDfH-d-717MJ_LjbzAMAXOwplw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub-6605374199763197 Show response
fundingchoicesmessages.google.com/b/ 10 KB
6 KB 63ms
34ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-6605374199763197

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed842b1efdb85359e5c6138e196a6dcf52cfdae41872d0bc6684b64a842a0a51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qHSpeuOnjSm-cwXeMvt1JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qHSpeuOnjSm-cwXeMvt1JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitHikmJw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgGxEDfH-d-717MJvHh-lAMAWI4pww"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
0 69ms
36ms Fetch
image/gif 2607:f8b0:4004:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-NECMPJ6LRJ&cid=49b43965-3bef-4287-aaf2-4956d6d54459&_u=KGDAAEADQAAAAC%7E&z=1390542872&slf_rd=1

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQ29jb1R3ZWFrcyUyMExMQyUyMiUyQyUyMnglMjIlM0EwLjQ0ODYzMjg4MjI5MjA1OTU1JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZoci5uYWJ6Y2xhbi52aXAlMkZpbmRleC5waHAlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTYwMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 12:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://hr.nabzclan.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 AGSKWxWIpbm6AUO4uj4QrxHbWzajljYtBqjFeTL5H2b1xu_CEEMjb5hDFMX8qUT1MesLUnbmDmXf8pUYKFROHo8prFAoYQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 64ms
32ms XHR
text/html 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIpbm6AUO4uj4QrxHbWzajljYtBqjFeTL5H2b1xu_CEEMjb5hDFMX8qUT1MesLUnbmDmXf8pUYKFROHo8prFAoYQ==

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c8SJU7VfI9QlAWHrIIVqiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-c8SJU7VfI9QlAWHrIIVqiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw05BiqGV4xtQKxDt8PFic0mewhgCxEDfH-d-717MJHLjwUxMA7TgN3g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
96 KB 114ms
79ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NECMPJ6LRJ

Requested by

Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/cdn-cgi/apps/body/J6IWpe5hRu0EdLNuY34z2K3zevU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e154a3b8c5aa4e5a3fc132792e2a4b92923cc2661a3227249ad522678050f454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 12:49:19 GMT

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 AGSKWxWZL0M17V2uKUPlXAnZkakeOgwcyieaIe9rP9yib6t7GZoHfOEIeTWWYMBr0hALT7IHVz2wDBjmMF6_KTwIRX8goMBXP3kGdGzKjisCHK2LfxIdwaarM4M1zo_RnBy8vwG-cgmiJg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 41ms
40ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZL0M17V2uKUPlXAnZkakeOgwcyieaIe9rP9yib6t7GZoHfOEIeTWWYMBr0hALT7IHVz2wDBjmMF6_KTwIRX8goMBXP3kGdGzKjisCHK2LfxIdwaarM4M1zo_RnBy8vwG-cgmiJg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMTYxMzU5LDk4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2hyLm5hYnpjbGFuLnZpcC9pbmRleC5waHAiLG51bGwsW1s4LCJid3JNY3M2WmNZZyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMzkjt-1iIsG81Xe67gadpAQdcYYpg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900ef098cee9a12c8e5289c603a88d77d0dbf41ddf6e006e54bfa70185bb04c5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RaL98c3BigRVKDiguzZ28w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RaL98c3BigRVKDiguzZ28w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII0JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4h3-Hiw8K2bzqoCxIbrp7NGAnHM8-msKUDslD6DNQSIfepnsMYBsRA3x_nfu9ezCayY2mwDAGkYLj0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
245 B 164ms
24ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NECMPJ6LRJ&gtm=45je4360v9168125018za220&_p=1710161359056&_gaz=1&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&cid=1830973461.1710161359&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710161359&sct=1&seg=0&dl=https%3A%2F%2Fhr.nabzclan.vip%2Findex.php&dt=CocoTweaks%20LLC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2062
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NECMPJ6LRJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 12:49:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr.nabzclan.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 24ms
23ms Ping
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NECMPJ6LRJ&cid=1830973461.1710161359&gtm=45je4360v9168125018za220&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NECMPJ6LRJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 12:49:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr.nabzclan.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
hr.nabzclan.vip/cdn-cgi/ 0
141 B 12ms
11ms XHR
text/plain 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hr.nabzclan.vip/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hr.nabzclan.vip/index.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 862ba9f11dfb0f46-EWR

POST
H3 200 job.php Show response
hr.nabzclan.vip/ 13 B
610 B 396ms
395ms XHR
application/json 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/job.php
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/js/vendor/jquery/jquery-3.5.1.min.js?_v=e11cd6c2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 1c4ad1d9a39baf5d48d8b276f5716971964de9bbdce7913a032f5e021ffb616b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hr.nabzclan.vip/index.php
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
content-length: 13
pragma: no-cache
last-modified: Mon, 11 Mar 2024 12:49:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekpkbGsed0scqPqJnr%2FC2qr%2BSmlMrEYpSoNXB19iIL9MUAgHs3wkJbqP6b%2FqgaHmKZ9o4arYQisyTzzTYQ0RNRvJWwiN9b9RC28MTYie3PGcccheygvUy7ZlsRkdZOXuZ49H6bwpV82ItfVqYjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0,pre-check=0
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9f1be580f46-EWR
priority: u=1,i
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3 200 layer160x600. Show response
fundingchoicesmessages.google.com/f/AGSKWxXvRRDSYLR3OkEY-56c2v_3kDU5golwpVjqCDFjiiHIbKf9VTh_U0afuLyLfBV2MTJdfcqrjtVc0Hroh14u5nrESsur3_2Cdh1jqjp-YCHNKXWn-hqRq0C0RK3o27oXNttncC61PQds-HwpOjD7o10ncXZ6-... 54 B
110 B 35ms
35ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXvRRDSYLR3OkEY-56c2v_3kDU5golwpVjqCDFjiiHIbKf9VTh_U0afuLyLfBV2MTJdfcqrjtVc0Hroh14u5nrESsur3_2Cdh1jqjp-YCHNKXWn-hqRq0C0RK3o27oXNttncC61PQds-HwpOjD7o10ncXZ6-y4MrBnPS7OgpLnHM_9qjBsMd4ORWIng/_/clicksor./eyewondermanagement28./exo_bck_/adspromo./layer160x600.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwQWmLjf8sNQMgrE_af2VgB3CsMpQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f39e961b1598d7f58defee88bb06b96dc3a6886c7af618b0c396dcdf006d6d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wFQWbOYiI6YcREJh2AyEIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-wFQWbOYiI6YcREJh2AyEIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgGxEA_H-d-717MJPOj_2cgMAIX9Kh0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
455 B 48ms
16ms Script
text/javascript 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 16:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 16:18:34 GMT

POST
H3 204 AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 36ms
35ms XHR
text/html 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BM08eyAH9OjPkBVVFUoj7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr.nabzclan.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-BM08eyAH9OjPkBVVFUoj7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBiWMS_i6mW4RlTKxDv8PFgcUqfwRoCxEI8HOd_717PJrBj9sYmZgA1DA8x"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hr.nabzclan.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
47ms XHR
text/html 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IYn5usZY0DwEXAI4f2Wh2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr.nabzclan.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-IYn5usZY0DwEXAI4f2Wh2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII0JBiqGV4xtQKxDt8PFic0mewhgCxEA_H-d-717MJ7HjxZwYzAP3BDm4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
44ms XHR
text/html 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7Z9Ta0aA5gQzDj37CYd-Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr.nabzclan.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7Z9Ta0aA5gQzDj37CYd-Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII0pBiqGV4xtQKxDt8PFic0mewhgCxEA_H-d-717MJNLzrnccMAPvMDdU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 88ms
88ms XHR
text/html 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdLKUok9416-6DrkWRa0H5GSV0KNeaS_IhGYaUWPVJEwToXlVhLnO5HPiITL2JRbVcBlESBHJWHMKKMwxMiJjJm2Sa2F778ouhQSSJ-6JF69x2IgyPMHJlevbd8a__Y6eFOJzBRg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tC7BeovsprLlpf_PVA5o2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr.nabzclan.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tC7BeovsprLlpf_PVA5o2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII0pBiqGV4xtQKxDt8PFic0mewhgCxEA_H-d-717MJNJy9uYkZAPxUDhQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXnBH-CL_A9-LIBJms8eOlLOdwaPfmEaqO-bXUGumxl2e2yZrroXWrGYMBn1HypOjF1b2VlUL6UGAEmZxYYjtdscTw-J5UtzmX9mIFcy1rD_J3OruDq39NPwQYVLYTIp-BQCQiKZw== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 43ms
43ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXnBH-CL_A9-LIBJms8eOlLOdwaPfmEaqO-bXUGumxl2e2yZrroXWrGYMBn1HypOjF1b2VlUL6UGAEmZxYYjtdscTw-J5UtzmX9mIFcy1rD_J3OruDq39NPwQYVLYTIp-BQCQiKZw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMTYxMzU5LDg0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaHIubmFiemNsYW4udmlwL2luZGV4LnBocCIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c232506929dcab15a21a211e1ce5d848ff06c37cef7f50cd3a61cb4078bc7d3c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jNJUW1l10SPsBuYmRe0wtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jNJUW1l10SPsBuYmRe0wtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgGxEA_H-d-717MJzFi7YB4zAIPWKbY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVG2aE-Eps-3l6wBtXSAeAz9NaQfF1i3aPZQhZVrtBUmXqkhYYBzLfY28jWOm5y_JHoCviw9fqVoHJww2DlKNkBLm8qSUHEAOP01SaQ_ZVM-9shXwXSVLy1NdodWbi8-HG89Kc-_Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 42ms
41ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVG2aE-Eps-3l6wBtXSAeAz9NaQfF1i3aPZQhZVrtBUmXqkhYYBzLfY28jWOm5y_JHoCviw9fqVoHJww2DlKNkBLm8qSUHEAOP01SaQ_ZVM-9shXwXSVLy1NdodWbi8-HG89Kc-_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMTYxMzU5LDg4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaHIubmFiemNsYW4udmlwL2luZGV4LnBocCIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fc856bfa46132fea1d0ca10e740c01f7af2d1eeac7ab2a5d2eab32fdd0fb22a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZlpslSDd5CEONOKIqDRMFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZlpslSDd5CEONOKIqDRMFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgGxEA_H-d-717MJnHj1egszAIJlKnk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWCr0lXd2nWDfPH1LS9k8lCY84TNPjDmjkD9KLuspEaEoR0KPthWmWZMzq3T_eA5aklPYbkn0YIBzWgD8s2kIK9U4xoZiZJ9wdDrR2RSmU_9klxeLttFAsJdrYswKK9jricFRgLRg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 44ms
43ms Script
application/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWCr0lXd2nWDfPH1LS9k8lCY84TNPjDmjkD9KLuspEaEoR0KPthWmWZMzq3T_eA5aklPYbkn0YIBzWgD8s2kIK9U4xoZiZJ9wdDrR2RSmU_9klxeLttFAsJdrYswKK9jricFRgLRg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMTYxMzU5LDkzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9oci5uYWJ6Y2xhbi52aXAvaW5kZXgucGhwIixudWxsLFtbOCwiYndyTWNzNlpjWWciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

157b6b9545b5b0272eafa1829c128216923cb0264b86e85b41f4d5f14c66a953

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BYo-gwpdxh7T2smStf1YJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BYo-gwpdxh7T2smStf1YJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgGxEA_H-d-717MJLLj37DQzAIEmKlY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjbl3WMNJRq37N8VK9MfJrur_FnwjnxF1B5tZVgybdomQSKOxB5ghS4rdZ1kw-Clq13qPYcyg3UmxJZi2bXu6fFJ627sQ4sJtXI1NUj2UCHLTPgTsoAw86U-a7u9KwN5JGKF-BLQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 37ms
36ms XHR
text/html 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjbl3WMNJRq37N8VK9MfJrur_FnwjnxF1B5tZVgybdomQSKOxB5ghS4rdZ1kw-Clq13qPYcyg3UmxJZi2bXu6fFJ627sQ4sJtXI1NUj2UCHLTPgTsoAw86U-a7u9KwN5JGKF-BLQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xDa569YOVc3FHTbJegq1KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr.nabzclan.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 12:49:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-xDa569YOVc3FHTbJegq1KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BiWMS_i6mW4RlTKxDv8PFgcUqfwRoCxELcHBd-717PJnDi3wlGACV-Dy4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hr.nabzclan.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 job.php Show response
hr.nabzclan.vip/ 14 B
613 B 132ms
132ms XHR
application/json 2606:4700:3031::6815:4f72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hr.nabzclan.vip/job.php
Requested by: Host: hr.nabzclan.vip
URL: https://hr.nabzclan.vip/js/vendor/jquery/jquery-3.5.1.min.js?_v=e11cd6c2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hr.nabzclan.vip/index.php
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:49:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
content-length: 14
pragma: no-cache
last-modified: Mon, 11 Mar 2024 12:49:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmDxtcrj8ft71j3TqFUWHR7Zm2cGfnfd%2FZJVFt29VArumwipxBQ%2FtbC3O2ons%2BjdBznD1WQVk0veZtbbPKzrv6EAXrgEY7Shec41JfmWgpC2DKlgbR%2FuUfXBSR0MaM%2FAjphUY5iyiOT58drhmUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0,pre-check=0
x-turbo-charged-by: LiteSpeed
cf-ray: 862ba9f4d8280f46-EWR
priority: u=1,i
expires: Tue, 03 Jul 2001 06:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 24ms
23ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NECMPJ6LRJ&gtm=45je4360v9168125018za220&_p=1710161359056&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&cid=1830973461.1710161359&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710161359&sct=1&seg=0&dl=https%3A%2F%2Fhr.nabzclan.vip%2Findex.php&dt=CocoTweaks%20LLC&en=scroll&epn.percent_scrolled=90&_et=6&tfd=7075
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NECMPJ6LRJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hr.nabzclan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 12:49:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hr.nabzclan.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hr.nabzclan.vip/	1969-12-31 23:59:59	Name: xf_csrf Value: 1Rm1d47_SRZDdTiL
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr__engagementDuration Value: 0
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr__engagementStart Value: 1710161358912
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr__counter Value: 1
.nabzclan.vip/	1970-01-20 19:02:43	Name: google-analytics_v4_Wckr__ga4sid Value: 1072363310
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr__session_counter Value: 1
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr__ga4 Value: 49b43965-3bef-4287-aaf2-4956d6d54459
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr___z_ga_audiences Value: 49b43965-3bef-4287-aaf2-4956d6d54459
.nabzclan.vip/	1970-01-21 04:38:41	Name: google-analytics_v4_Wckr__let Value: 1710161358912
.nabzclan.vip/	1970-01-21 04:38:41	Name: _ga Value: GA1.1.1830973461.1710161359
.nabzclan.vip/	1970-01-21 04:38:41	Name: _ga_NECMPJ6LRJ Value: GS1.1.1710161359.1.0.1710161359.60.0.0
.nabzclan.vip/	1970-01-21 03:48:17	Name: FCNEC Value: %5B%5B%22AKsRol_GtQcRKCg3bvxIJvaT1s1sOcVqTKKVbStWytWgMx2Y59q4bx9k-bb4GKMmYE1LJykou3-ihqTTWPU44dPKw2PJus6Jz99rOz6h03DtGzm-GSUFfnRlHFXkw3kDrHiknsToG7664YSx4y1ihnDP9r5_KXyZ2w%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fundingchoicesmessages.google.com
hr.nabzclan.vip
pagead2.googlesyndication.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google.com
www.googletagmanager.com
104.21.79.114
2001:4860:4802:36::181
2606:4700:3031::6815:4f72
2606:4700::6810:4f49
2607:f8b0:4004:c06::93
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::66
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c19::9c
06032ecb35ea0172866f5418d0f2695fd7cee02a2ce8d391de748c5e78aef1dd
0f0ccc14635b9608c939c1a6df561cae7379bfa2677cd4aa386692441821ac4b
0f21bc47b6f2a9df2d4bda8ef0386e4e2671f28f51576c592562caa48d7dcd8a
157b6b9545b5b0272eafa1829c128216923cb0264b86e85b41f4d5f14c66a953
1c4ad1d9a39baf5d48d8b276f5716971964de9bbdce7913a032f5e021ffb616b
2fc856bfa46132fea1d0ca10e740c01f7af2d1eeac7ab2a5d2eab32fdd0fb22a
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
324378c0dff3cd211664a283d966e91ce15d558d099c853423604758e4d55267
42e2469153b9e519871b138668fcd6cff52e22cb90d347d9556e7b9e10cebf47
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
57dbee7ea15d5d09282409c670a2ec13c181735f5f7b80bd57877ae319ba513b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
76c9aca0e08033189d268816f63efa0a635fe7bba4f3add2f5453a2b8f067ccf
818ee236961f8772ae77061f8659a994465aa42d4250153f758f9903578e34e5
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
900ef098cee9a12c8e5289c603a88d77d0dbf41ddf6e006e54bfa70185bb04c5
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9f39e961b1598d7f58defee88bb06b96dc3a6886c7af618b0c396dcdf006d6d8
a9c8b68e7d37111299d6361f04dd78c761ba773331c20b3fe8a45e49a01d5c9f
c232506929dcab15a21a211e1ce5d848ff06c37cef7f50cd3a61cb4078bc7d3c
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e154a3b8c5aa4e5a3fc132792e2a4b92923cc2661a3227249ad522678050f454
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea26115e16e46398de9a46f4538ac27511d1bb27ae87ca4ec4cc13f81baeba80
ed842b1efdb85359e5c6138e196a6dcf52cfdae41872d0bc6684b64a842a0a51
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1
f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

hr.nabzclan.vip Open in urlscan Pro 104.21.79.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

89 %IPv6

6 Domains

8 Subdomains

10 IPs

2 Countries

770 kBTransfer

1754 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hr.nabzclan.vip Open in urlscan Pro
104.21.79.114 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

8
Subdomains

10
IPs

2
Countries

770 kB
Transfer

1754 kB
Size

12
Cookies

40 HTTP transactions
1 data transactions