urlscan.io logo urlscan.io
SecurityTrails logo

nrsw13.sbs Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://nrsw13.sbs/
Submission: On April 30 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 8 countries across 12 domains to perform 32 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is nrsw13.sbs.
TLS certificate: Issued by GTS CA 1P5 on April 27th 2024. Valid for: 3 months.
This is the only time nrsw13.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 188.114.97.3 13335 (CLOUDFLAR...)
2 2404:2280:1cc... 24429 (TAOBAO Zh...)
7 2a00:1450:400... 15169 (GOOGLE)
1 8.218.38.110 45102 (ALIBABA-C...)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 58.254.150.48 136958 (UNICOM-GU...)
2 2610:150:c002... 46844 (SHARKTECH)
2 154.23.138.124 140224 (SGPL-AS-A...)
1 2001:4860:480... 15169 (GOOGLE)
3 52.224.31.34 8075 (MICROSOFT...)
1 103.235.46.40 55967 (BAIDU Bei...)
1 43.198.232.79 16509 (AMAZON-02)
2 142.250.185.136 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2a01:111:202c... 8068 (MICROSOFT...)
32 14
6    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
nrsw13.sbs
2    2404:2280:1cc:0:3::e (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
lf3-cdn-tos.bytecdntp.com
7    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    8.218.38.110 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
areyoutherenow.com
2    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    58.254.150.48 (Guangzhou, China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)
zz.bdstatic.com
2    2610:150:c002::1:a540 (Denver, United States)

ASN46844 (SHARKTECH, US)
api.cgyx.tv
2    154.23.138.124 (Hong Kong, Hong Kong)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
30e71f268e63aaf4dgg.4vgyjja.cn
30e3e8d551357d9bcgg.4vgyjja.cn
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    52.224.31.34 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
1    103.235.46.40 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
sp0.baidu.com
1    43.198.232.79 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-198-232-79.ap-east-1.compute.amazonaws.com
cherylssb.com
2    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
h.clarity.ms — Cisco Umbrella Rank: 5966
c.clarity.ms — Cisco Umbrella Rank: 1371
28 KB
6 nrsw13.sbs
nrsw13.sbs
27 KB
2 4vgyjja.cn
30e71f268e63aaf4dgg.4vgyjja.cn
30e3e8d551357d9bcgg.4vgyjja.cn
20 KB
2 cgyx.tv
api.cgyx.tv — Cisco Umbrella Rank: 544226
22 KB
2 bytecdntp.com
lf3-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 192907
34 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
767 B
1 cherylssb.com
cherylssb.com
269 B
1 baidu.com
sp0.baidu.com — Cisco Umbrella Rank: 26788
116 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
241 B
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 40308
563 B
1 areyoutherenow.com
areyoutherenow.com
709 B
32 12
Domain Requested by
9 www.googletagmanager.com nrsw13.sbs
6 nrsw13.sbs nrsw13.sbs
3 h.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 api.cgyx.tv nrsw13.sbs
api.cgyx.tv
2 www.clarity.ms nrsw13.sbs
www.clarity.ms
2 lf3-cdn-tos.bytecdntp.com nrsw13.sbs
1 c.bing.com 1 redirects
1 cherylssb.com nrsw13.sbs
1 sp0.baidu.com nrsw13.sbs
1 region1.google-analytics.com www.googletagmanager.com
1 30e3e8d551357d9bcgg.4vgyjja.cn nrsw13.sbs
1 30e71f268e63aaf4dgg.4vgyjja.cn nrsw13.sbs
1 zz.bdstatic.com nrsw13.sbs
1 areyoutherenow.com nrsw13.sbs
32 15
Subject Issuer Validity Valid
nrsw13.sbs
GTS CA 1P5		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.bytecdntp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-06-30 -
2024-07-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
areyoutherenow.com
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
api.cgyx.tv
Sectigo RSA Domain Validation Secure Server CA		 2023-07-20 -
2024-07-19		 a year crt.sh
4ukbzju.cn
CerSign DV SSL CA		 2024-02-27 -
2024-05-27		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
cherylssb.com
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nrsw13.sbs/
Frame ID: 11FEBD5E458CA2374435D989771832AF
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

男人书屋-免费的中文色情小说网站,包括成人文学,成人小说,情色小说,黄色小说,性爱小说,色情文学,色情小说等内容的网站

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

40 %
IPv6

12
Domains

15
Subdomains

14
IPs

8
Countries

232 kB
Transfer

601 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B8161FCAA2D3474A83EB78E8B08720D6&RedC=c.clarity.ms&MXFR=055F27084B0A6E6E2C8933794F0A6034 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B8161FCAA2D3474A83EB78E8B08720D6&MUID=373042B661FC6F991B4656C760856EFF

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nrsw13.sbs/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nrsw13.sbs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14519c955e33aa89c9263573d31517ad381771d515b982e89fc57004e2900de4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87c7fcb3edd95c43-AMS
content-encoding
br
content-type
text/html;charset=utf-8
date
Tue, 30 Apr 2024 13:48:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xpccKaKtbVB6esyT1gHisQSOc8kI%2BLFVborESpr5lxIEyWOScm9IjcPnKZW2IFH8JPz4J5PF46VPoufztSEwLh2C95WOUjVAnK0mB63CvLq2ZHJaVe7N12TUWQ5s"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
nrsw13.sbs/template/18jin/libs/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nrsw13.sbs/template/18jin/libs/style.css
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f064f957c7e24bfad1a5ab06412fe5c851aec36830bfe13531ab5e68882f112

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 May 2023 05:04:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3460
etag
W/"4541-5fcce056c4f00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=przb2gXfgE6i6d%2Bg0Y0u0cdD6F%2FlbPryVrMvibBg4k3W24Kixwac7vPKTBoi6YJY0ki1thEJ5bvWEsDHjqLW9gMRJjXcuxeIymbplcmEg4A6hkhQ8nf1vlDxyVc2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87c7fcb7fa7f5c43-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:42:34 GMT
content-encoding
gzip
via
cache9.l2de2[226,225,200-0,M], cache12.l2de2[228,0], ens-cache1.de5[0,0,200-0,H], ens-cache4.de5[0,0]
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
x-tt-trace-id
00-240430194234DBB28599DBA8E12425DD-0708F9EB5C9130B8-00
age
7529
x-swift-cachetime
2592000
x-cache
HIT TCP_MEM_HIT dirn:13:149162560
server-timing
inner; dur=10
x-swift-savetime
Tue, 30 Apr 2024 11:42:34 GMT
content-length
30947
last-modified
Sun, 24 Apr 2022 19:10:58 GMT
server
Tengine
x-tt-logid
20240430194234DBB28599DBA8E12425DD
etag
W/"6265a0c2-15d9d"
vary
Accept-Encoding
ali-swift-global-savetime
1714477354
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01fe1bb25d99df687b96731faa3b6ada533c49107fba5089f9cc5bd2f19dbd6541ec91e1d7416bae115b4ef546a8e9c51eee17e7a667e39a124a7620f46049a2a09ec6c149f434a9a08437387cc379539b
x-response-cinfo
2001:1af8:4020:a034:9876::5
x-response-cache
edge_hit
timing-allow-origin
*, *
eagleid
a3b55c9817144848837302397e
expires
Thu, 30 May 2024 11:42:00 GMT
jquery.lazy.min.js
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery.lazy/1.7.11/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery.lazy/1.7.11/jquery.lazy.min.js
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 23:33:17 GMT
content-encoding
gzip
via
cache1.l2de2[203,202,200-0,M], cache4.l2de2[204,0], ens-cache5.de5[0,0,200-0,H], ens-cache4.de5[2,0]
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
x-tt-trace-id
00-240427073317DAF068A18941472CF867-77FFD14D1F491AA7-00
age
310486
x-swift-cachetime
2592000
x-cache
HIT TCP_HIT dirn:13:910074049
server-timing
inner; dur=8
x-swift-savetime
Fri, 26 Apr 2024 23:33:17 GMT
content-length
2332
last-modified
Tue, 18 Jan 2022 00:38:43 GMT
server
Tengine
x-tt-logid
20240427073317DAF068A18941472CF867
etag
W/"61e60c13-139f"
vary
Accept-Encoding
ali-swift-global-savetime
1714174397
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
015b18679bd19e7ad3dc69fdcbc634e7d8dbbd57f6fc5352671cfa340f2137296d1ee5da1da7e342acb40cc3def7ddc5915e5664a4603edddf88d816b10cce1f8bd5c9dddfcb9c4b5bcc3060b05753c2bbe4fa74f004fc72f1dc62fc5887089cce
x-response-cinfo
2001:1af8:4020:a034:9876::5
x-response-cache
edge_hit
timing-allow-origin
*, *
eagleid
a3b55c9817144848837302401e
expires
Sun, 26 May 2024 23:30:49 GMT
js
www.googletagmanager.com/gtag/ 		296 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VKC52BN7DN
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ca1a39b3a40974beb1dcfe589f78b8539a578cc7bbfc3c797a81a16883f602e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100876
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Apr 2024 13:48:04 GMT
uwfaq
areyoutherenow.com/pxgoqsvsn/uwfaq1xnm0vwtcyy7mgfc/2181/ 		39 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://areyoutherenow.com/pxgoqsvsn/uwfaq1xnm0vwtcyy7mgfc/2181/uwfaq
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.38.110 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.22.1 / PHP/5.2.14p1
Resource Hash
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 13:48:05 GMT
Content-Encoding
gzip
X-Powered-By
PHP/5.2.14p1
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Connection
keep-alive
Pramga
no-cache
Last-Modified
Tue, 30 Apr 2024 13:48:05 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1000
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description
common.js
nrsw13.sbs/template/18jin/libs/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrsw13.sbs/template/18jin/libs/common.js
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed6096b9ea629213524fca2a2649b6e0e6f6eb3c9e49f3a569476fa4de77133

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 May 2023 19:15:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3460
etag
W/"22c0-5fc24dbd8e440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trS2VddiY1IXLUInazX7DZ9Vt41d7HqRwgaxoOaJzLA55No1FSBFIoVdI2oLSQ1q%2Fjxx3a%2Bm%2BrdG%2BTmc%2FCi5meA%2F5tkUDpMrYmRS5DpBAXPK%2Bh9Bm2yfAnJVSCnR"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87c7fcb7fa835c43-AMS
alt-svc
h3=":443"; ma=86400
read.js
nrsw13.sbs/template/18jin/libs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrsw13.sbs/template/18jin/libs/read.js
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6a12f4b5854463af1720b889b17691029e6ed022dfcf39388368005f5f6835

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 29 May 2023 04:57:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3131-5fccdeb13ec80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5W3UY3Lq8q%2B%2Bq2%2FWgc4a9JfY%2Bopn8C%2BcIWWK8IUPUSc%2BD3NRkUFr1GDV3YSmB7GNJZBbdMtx6Ocpo6r6jEQK2IQjZTDkUP%2BM2%2BQlaiqq4TX92hhexNtgQq7Q3Rxg"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
87c7fcbbeec05c43-AMS
alt-svc
h3=":443"; ma=86400
ha66wqy1js
www.clarity.ms/tag/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ha66wqy1js
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2d3b013a54cd2d55dfe0a119fee91bba1a8bf97da1b5831e471f47c7e523398

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 30 Apr 2024 13:48:04 GMT
x-azure-ref
20240430T134804Z-r1d6fbd655djk8wg4tap75sq6w00000000n0000000008fny
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
736
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
push.js
zz.bdstatic.com/linksubmit/ 		308 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 Guangzhou, China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
content-encoding
br
tracecode
20425555580225742858043016
ohc-response-time
1 0 0 0 0 0
last-modified
Mon, 13 Nov 2023 14:41:01 GMT
server
JSP3/2.0.14
age
16389
etag
"6552357d-134"
ohc-cache-hit
gz3un51 [2], zhuzuncache53 [2]
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
ohc-global-saved-time
Tue, 30 Apr 2024 08:34:02 GMT
tongji.js
api.cgyx.tv/tj/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cgyx.tv:66/tj/tongji.js?v=1.3
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2610:150:c002::1:a540 Denver, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
nginx /
Resource Hash
c251a0dd3558c8b0c6296b471b95b8415c593b5a4adda3ac5ae3b525fb7126cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 16:30:50 GMT
server
nginx
etag
W/"661ff93a-da35"
vary
Accept-Encoding
content-type
application/javascript
3059
30e71f268e63aaf4dgg.4vgyjja.cn/sc/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://30e71f268e63aaf4dgg.4vgyjja.cn:8005/sc/3059?n=upkcqeof
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.23.138.124 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx/1.18.0 / PHP/5.6.31
Resource Hash
bf5ab5659895974a98bf1bfcc7b0e3f65611d7d55581f6c96b9cc8dd26ef2c14

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
max-age=1800
Date
Tue, 30 Apr 2024 13:48:05 GMT
Server
nginx/1.18.0
X-Powered-By
PHP/5.6.31
Transfer-Encoding
chunked
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
so.png
nrsw13.sbs/template/18jin/libs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrsw13.sbs/template/18jin/libs/so.png
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/template/18jin/libs/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef07455b66119f28aebbdd8278db9eb1e8776ae9dfd6f90616ba55ce2f4d4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/template/18jin/libs/style.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:03 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
last-modified
Sat, 20 May 2023 18:42:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
216255
etag
"646914a7-6d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iIq4909eUJjmYXywtQvoFamrbz2aEe%2BT%2FLyGiAHV3ZO7oxVBku23D9W5HAHwd6j1rUSJxRGG3DoNEx%2FRo4ieqnjmG9aaSKMl8f1s7WNXNg1qMmrhNJFRdVTKhd3a"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
cf-ray
87c7fcbbfed05c43-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 28 May 2024 01:43:48 GMT
4108
30e3e8d551357d9bcgg.4vgyjja.cn/sc/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://30e3e8d551357d9bcgg.4vgyjja.cn:8005/sc/4108?n=jrpovgmw
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.23.138.124 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx/1.18.0 / PHP/5.6.31
Resource Hash
a715c9e125c27a0ce9ea40aad320941e980a1217ada86fc8c6daa891eef39bd5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
max-age=1800
Date
Tue, 30 Apr 2024 13:48:05 GMT
Server
nginx/1.18.0
X-Powered-By
PHP/5.6.31
Transfer-Encoding
chunked
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
collect
region1.google-analytics.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VKC52BN7DN&gtm=45je44t0v9119315216za200&_p=1714484883810&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1620718872.1714484884&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714484884&sct=1&seg=0&dl=https%3A%2F%2Fnrsw13.sbs%2F&dt=%E7%94%B7%E4%BA%BA%E4%B9%A6%E5%B1%8B-%E5%85%8D%E8%B4%B9%E7%9A%84%E4%B8%AD%E6%96%87%E8%89%B2%E6%83%85%E5%B0%8F%E8%AF%B4%E7%BD%91%E7%AB%99%2C%E5%8C%85%E6%8B%AC%E6%88%90%E4%BA%BA%E6%96%87%E5%AD%A6%2C%E6%88%90%E4%BA%BA%E5%B0%8F%E8%AF%B4%2C%E6%83%85%E8%89%B2%E5%B0%8F%E8%AF%B4%2C%E9%BB%84%E8%89%B2%E5%B0%8F%E8%AF%B4%2C%E6%80%A7%E7%88%B1%E5%B0%8F%E8%AF%B4%2C%E8%89%B2%E6%83%85%E6%96%87%E5%AD%A6%2C%E8%89%B2%E6%83%85%E5%B0%8F%E8%AF%B4%E7%AD%89%E5%86%85%E5%AE%B9%E7%9A%84%E7%BD%91%E7%AB%99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1821
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VKC52BN7DN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 13:48:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nrsw13.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=nrsw13.sbs%2F&tdp=G-VKC52BN7DN;119315216;0;0;0&rtg=119315216&rlo=3&slo=2&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=nrsw13.sbs%2F&tdp=G-VKC52BN7DN;119315216;0;0;0&rtg=119315216&rlo=3&slo=2&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 13:48:04 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&mtd=__c0&mec=__c3&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1gct&ti=1gct&mec=__c6&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAACCA&h=Ag&epr=1G.2G&mec=__c6&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&e=gtm.init&eid=0&u=AAAAAAAAAAAAACCA&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ogtgooglesignals.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&mec=__c6&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ha66wqy1js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:04 GMT
content-encoding
br
last-modified
Sun, 28 Apr 2024 10:11:23 GMT
etag
W/"0x8DC676B8EE909B4"
vary
Accept-Encoding
x-azure-ref
20240430T134804Z-r1d6fbd655djk8wg4tap75sq6w00000000n0000000008fp9
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4c70339a-101e-0065-5c5b-99809f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
h.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://nrsw13.sbs
Date
Tue, 30 Apr 2024 13:48:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://nrsw13.sbs/
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.40 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 13:48:06 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
start
api.cgyx.tv/api/v1/api2/statistics/ 		102 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cgyx.tv:66/api/v1/api2/statistics/start?s=8bba58700da1a1ac78497ee2e51cf733&d=a0ZlRm95R0NzdysvN0tiV2xLdjNQekxxMzU2ckdlNkVhbTZGYXUwZkxQT044RlloNWQ1ekFmVnlJMnJHU2F5MHQ0eTJmV3ZlL3lMNWVtTGdXMTRkOHRSZ1gyK3VaTE53NHdmQU15dmhLNmg3eGU1UHhnclNTZDZQblloRTk3ckV3YUdWUnRxTy82a2ovY3FHbXpFQVNsSUg0blR5cUxlZFhVMjBiUWRRMEdrellCOVRBdjRYSkFvSDNWZkxOcEpmNjF4aEJISG1uRnd1NmU3c2libzFZbWpEaEhrUWJ1S21TUHVLd0dIUWJVMENnaVA1RDc1YVFNMnFIbEtnRkE3bWg4SVBZcjc3YjR6Y1puVnhnUisySTIvQnQ5S2J0NmhnN1RINFpMaXpLd2oyUDhVams2Yk96SWhRT29QS2V3TWxtTXFNUE9xYktFS1Z5UGFMZFVOaGtBUzNkaitCbUFqWmlzK2J5ZW91bUZNdkhGN25IVnMzbGo4UWlVUkFJVGNsRDNOeGZyUnBxdi83c296ZGxzRnJrcXRUMnY3K3hFYkR1WE9BV2N3N3dZdDJ6Ti9QZGo5alhnOHphNVZNb2RQdWlQQ2ZvQmJxdTB4U0lHUTdUVXpRQ3VMSnd6S08yTnpqNkxlS3FDMXRpVnBvbjR6SjJhM0dyOEM2OVRRVUlEaDNBZEhrNjVJTVVHdnUzaHhaVHlIak1kcHpHVDg0U20vaTZja0VoMjdudVcreXlKUlR5WUMzc1FHVVR6N0Q1ejk4UjVOUWVZS2M3R1VnQlNwbmM1azlXL2lXbW5XS0xOMDkrSHNGRXpzT21wcWIrZGwwTXo1ZWlXOVJoblRBdGo3dXRaVUtnenoyMHhna3l3a3dTMFVhb3J3UEhESWFEOEV3V3ZoNkVSTW1wVGVEdHN0WkxyQTAvV3crRXBtd2NYWFI4a0xKZEpSRkxSSTY3VElCQTZTVW9FZDhBWUtWSzd2U1h4UVV5VVJRSUI1VlQ5aGJRQnlxQlFZNzN6b2tFNzZkMGVPVktuSE9sdzF0aCtGZTZYN3ZPc3FrTUxyMEM4ZHhlbG55N01DZlBvemtxQUNZd0FHVnpoVlZkTWN6U3E5TStNK2xHcm42RGZvTzJCdlluQVN3R3c9PQ==&t=1714484885298
Requested by
Host: api.cgyx.tv
URL: https://api.cgyx.tv:66/tj/tongji.js?v=1.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2610:150:c002::1:a540 Denver, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
nginx /
Resource Hash
61476920373bd4254878de03800bf208503395bf41281c7127c103ca34cd2749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:05 GMT
strict-transport-security
max-age=31536000
server
nginx
access-control-max-age
10080
access-control-allow-methods
POST,GET,DELETE,OPTIONS,HEAD
content-type
application/json
access-control-allow-origin
https://nrsw13.sbs
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
content-length
102
6bea43e5320e0654a5f8b05cbb40dae6
cherylssb.com/co/ 		0
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cherylssb.com/co/6bea43e5320e0654a5f8b05cbb40dae6?t=0.014895687737410457&d=3&m=0&h=B**8%7Dz%2F%2F_%3D%7DS%5EuU%7Dc%7D%2F
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.198.232.79 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-232-79.ap-east-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 13:48:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/javascript;charset=UTF-8
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtm.dom&eid=8&u=AgAAAAAAAAAAACCA&h=Ag&mec=__c6&z=0
Requested by
Host: nrsw13.sbs
URL: https://nrsw13.sbs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:06 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B8161FCAA2D3474A83EB78E8B08720D6&RedC=c.clarity.ms&MXFR=055F27084B0A6E6E2C8933794F0A6034
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B8161FCAA2D3474A83EB78E8B08720D6&MUID=373042B661FC6F991B4656C760856EFF
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B8161FCAA2D3474A83EB78E8B08720D6&MUID=373042B661FC6F991B4656C760856EFF
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://nrsw13.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 13:48:06 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 13:48:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A75534BC7A243A4BED61DA8B271B87B Ref B: LON212050719051 Ref C: 2024-04-30T13:48:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B8161FCAA2D3474A83EB78E8B08720D6&MUID=373042B661FC6F991B4656C760856EFF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
h.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://nrsw13.sbs
Date
Tue, 30 Apr 2024 13:48:06 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
favicon.ico
nrsw13.sbs/template/18jin/libs/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nrsw13.sbs/template/18jin/libs/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a8d87b807d0c67d6d25894e68cf81dd4d4dd4b0153cb18c59f081d25d2934a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:07 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 20 May 2023 21:34:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9ed-5fc26cc5a9ac0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bo4IQG2uc537EO%2F%2BDlht%2BC%2BtSXrQx%2F5eH9H3h5NXjQAZuuxxe3rME9hsQFa6HLw3wkXZdQf3q97RfgMV%2BzIgdHqkW1HatP%2FVKdQujng1UuXFsXv1Zh0TIXw3lyZ7"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
87c7fccd89e35c43-AMS
alt-svc
h3=":443"; ma=86400
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VKC52BN7DN&v=3&t=t&pid=2024653658&cv=1&rv=44t0&tc=16&es=1&e=gtm.load&eid=9&u=AgAAAAAAAAAAACCA&h=Ag&mec=__c6&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 13:48:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
h.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://nrsw13.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://nrsw13.sbs
Date
Tue, 30 Apr 2024 13:48:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| gtag object| dataLayer function| clarity object| cltj object| s undefined| n undefined| j undefined| style undefined| a object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| conn number| v object| CryptoJS function| cnn object| res number| stimer function| logout function| setCookie function| getCookie function| doParse string| checkbg function| nr_setbg function| getset function| getset1 function| set function| LastRead object| lastread number| upkcqeof_is_ws object| u8bytr8a number| upkcqeof_is_kk number| jrpovgmw_is_ws object| dhwilhj number| jrpovgmw_is_kk

12 Cookies

Domain/Path Name / Value
.nrsw13.sbs/ Name: _ga_VKC52BN7DN
Value: GS1.1.1714484884.1.0.1714484884.0.0.0
.nrsw13.sbs/ Name: _ga
Value: GA1.1.1620718872.1714484884
www.clarity.ms/ Name: CLID
Value: 12093b79f26348e392f3417653fa1fc9.20240430.20250430
.nrsw13.sbs/ Name: _clck
Value: 38wwyr%7C2%7Cfld%7C0%7C1581
.nrsw13.sbs/ Name: _clsk
Value: 1kmiuro%7C1714484884883%7C1%7C1%7Ch.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 373042B661FC6F991B4656C760856EFF
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 373042B661FC6F991B4656C760856EFF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 373042B661FC6F991B4656C760856EFF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

14 Console Messages

Source Level URL
Text
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nrsw13.sbs/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30e3e8d551357d9bcgg.4vgyjja.cn
30e71f268e63aaf4dgg.4vgyjja.cn
api.cgyx.tv
areyoutherenow.com
c.bing.com
c.clarity.ms
cherylssb.com
h.clarity.ms
lf3-cdn-tos.bytecdntp.com
nrsw13.sbs
region1.google-analytics.com
sp0.baidu.com
www.clarity.ms
www.googletagmanager.com
zz.bdstatic.com
103.235.46.40
142.250.185.136
154.23.138.124
188.114.97.3
2001:4860:4802:32::36
2404:2280:1cc:0:3::e
2610:150:c002::1:a540
2620:1ec:29:1::45
2a00:1450:4001:810::2008
2a01:111:202c::237
43.198.232.79
52.224.31.34
58.254.150.48
68.219.88.97
8.218.38.110
0f064f957c7e24bfad1a5ab06412fe5c851aec36830bfe13531ab5e68882f112
14519c955e33aa89c9263573d31517ad381771d515b982e89fc57004e2900de4
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
61476920373bd4254878de03800bf208503395bf41281c7127c103ca34cd2749
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
6ef07455b66119f28aebbdd8278db9eb1e8776ae9dfd6f90616ba55ce2f4d4a2
8b6a12f4b5854463af1720b889b17691029e6ed022dfcf39388368005f5f6835
8ca1a39b3a40974beb1dcfe589f78b8539a578cc7bbfc3c797a81a16883f602e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a715c9e125c27a0ce9ea40aad320941e980a1217ada86fc8c6daa891eef39bd5
aed6096b9ea629213524fca2a2649b6e0e6f6eb3c9e49f3a569476fa4de77133
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633
bf5ab5659895974a98bf1bfcc7b0e3f65611d7d55581f6c96b9cc8dd26ef2c14
c251a0dd3558c8b0c6296b471b95b8415c593b5a4adda3ac5ae3b525fb7126cb
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
d1a8d87b807d0c67d6d25894e68cf81dd4d4dd4b0153cb18c59f081d25d2934a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2d3b013a54cd2d55dfe0a119fee91bba1a8bf97da1b5831e471f47c7e523398
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e