urlscan.io logo urlscan.io
SecurityTrails logo

get.nzrplus.com Open in urlscan Pro
34.249.200.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nzrplus.com/0.9315355657991651
Effective URL: https://get.nzrplus.com/
Submission: On July 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 131 HTTP transactions. The main IP is 34.249.200.254, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is get.nzrplus.com.
TLS certificate: Issued by R10 on June 23rd 2024. Valid for: 3 months.
This is the only time get.nzrplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
28 13.32.110.113 16509 (AMAZON-02)
1 7 54.171.28.66 16509 (AMAZON-02)
2 108.156.60.112 16509 (AMAZON-02)
1 151.101.192.176 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 18.239.18.100 16509 (AMAZON-02)
4 2a04:4e42:600... 54113 (FASTLY)
2 146.75.120.157 54113 (FASTLY)
6 2a03:2880:f08... 32934 (FACEBOOK)
9 2.18.64.15 20940 (AKAMAI-ASN1)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 151.101.193.140 54113 (FASTLY)
2 151.101.129.140 54113 (FASTLY)
2 93.184.221.165 15133 (EDGECAST)
2 104.244.42.131 13414 (TWITTER)
6 2a03:2880:f17... 32934 (FACEBOOK)
1 34.249.200.254 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 2606:4700:440... 13335 (CLOUDFLAR...)
1 52.222.232.99 16509 (AMAZON-02)
9 34.96.102.137 396982 (GOOGLE-CL...)
3 65.9.86.47 16509 (AMAZON-02)
131 25
1    2606:4700:3034::ac43:82ed (United States)

ASN13335 (CLOUDFLARENET, US)
nzrplus.com
28    13.32.110.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-113.vie50.r.cloudfront.net
app.nzrplus.com
7    54.171.28.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
dce-frontoffice.imggaming.com
2    108.156.60.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-112.ams1.r.cloudfront.net
static.diceplatform.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
9    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.239.18.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-100.ams58.r.cloudfront.net
js.stripe.com
4    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
6    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o129937.ingest.sentry.io
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
2    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
6    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.249.200.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
get.nzrplus.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
20    2606:4700:4400::ac40:991d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
9    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
3    65.9.86.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-47.ams1.r.cloudfront.net
uploads-ssl.webflow.com
Apex Domain
Subdomains		 Transfer
30 nzrplus.com
nzrplus.com
app.nzrplus.com
get.nzrplus.com Failed
1 MB
20 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 9580
2 MB
9 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4493
133 KB
9 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 760
143 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
571 KB
7 imggaming.com
dce-frontoffice.imggaming.com — Cisco Umbrella Rank: 94799
30 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
799 B
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
94 KB
4 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2560
alb.reddit.com — Cisco Umbrella Rank: 1570
859 B
4 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1363
13 KB
3 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 18141
103 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7165
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 158
317 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2408
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1182
821 B
2 t.co
t.co — Cisco Umbrella Rank: 803
541 B
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1025
15 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2147
151 KB
2 diceplatform.com
static.diceplatform.com — Cisco Umbrella Rank: 171481
46 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 sentry.io
o129937.ingest.sentry.io — Cisco Umbrella Rank: 187711
299 B
131 21
Domain Requested by
28 app.nzrplus.com app.nzrplus.com
20 cdn.prod.website-files.com get.nzrplus.com
cdn.prod.website-files.com
9 dev.visualwebsiteoptimizer.com get.nzrplus.com
dev.visualwebsiteoptimizer.com
analytics.tiktok.com
9 analytics.tiktok.com app.nzrplus.com
analytics.tiktok.com
9 www.googletagmanager.com dce-frontoffice.imggaming.com
www.googletagmanager.com
app.nzrplus.com
get.nzrplus.com
7 dce-frontoffice.imggaming.com 1 redirects app.nzrplus.com
6 www.facebook.com get.nzrplus.com
6 connect.facebook.net app.nzrplus.com
connect.facebook.net
4 www.redditstatic.com www.googletagmanager.com
app.nzrplus.com
www.redditstatic.com
3 uploads-ssl.webflow.com cdn.prod.website-files.com
2 www.google.de get.nzrplus.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com app.nzrplus.com
www.googletagmanager.com
2 analytics.twitter.com get.nzrplus.com
2 t.co get.nzrplus.com
2 alb.reddit.com get.nzrplus.com
2 pixel-config.reddit.com app.nzrplus.com
www.redditstatic.com
2 static.ads-twitter.com www.googletagmanager.com
2 js.stripe.com app.nzrplus.com
js.stripe.com
2 static.diceplatform.com app.nzrplus.com
1 d3e54v103j8qbb.cloudfront.net get.nzrplus.com
1 get.nzrplus.com app.nzrplus.com
1 o129937.ingest.sentry.io app.nzrplus.com
1 nzrplus.com 1 redirects
131 24

This site contains links to these domains. Also see Links.

Domain
app.nzrplus.com
www.instagram.com
twitter.com
www.facebook.com
www.allblacks.com
Subject Issuer Validity Valid
app.nzrplus.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.imggaming.com
GeoTrust TLS RSA CA G1		 2023-10-12 -
2024-11-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
*.diceplatform.com
Amazon RSA 2048 M02		 2023-09-15 -
2024-10-12		 a year crt.sh
get.nzrplus.com
R10		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
prod.website-files.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://get.nzrplus.com/
Frame ID: E42A0F021645611383BED3F46765C4B0
Requests: 127 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C24BD1C5E89C99974A860B5CB8FF2C11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NZR+ | It's Rugby, Plus Some

Page URL History Show full URLs

  1. http://nzrplus.com/0.9315355657991651 HTTP 307
    https://nzrplus.com/0.9315355657991651 HTTP 301
    https://app.nzrplus.com/ Page URL
  2. https://get.nzrplus.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

93 %
HTTPS

36 %
IPv6

21
Domains

24
Subdomains

25
IPs

5
Countries

4853 kB
Transfer

14500 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nzrplus.com/0.9315355657991651 HTTP 307
    https://nzrplus.com/0.9315355657991651 HTTP 301
    https://app.nzrplus.com/ Page URL
  2. https://get.nzrplus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nzrplus.com/0.9315355657991651 HTTP 307
  • https://nzrplus.com/0.9315355657991651 HTTP 301
  • https://app.nzrplus.com/
Request Chain 10
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.nzrplus.com/
Redirect Chain
  • http://nzrplus.com/0.9315355657991651
  • https://nzrplus.com/0.9315355657991651
  • https://app.nzrplus.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eb85c99a8995f941d73df50a4a818eb473a0c44b7786bec6d309dbe6a38758e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=5
content-encoding
gzip
content-type
text/html
date
Sat, 06 Jul 2024 23:29:15 GMT
etag
W/"c04fba151e1198e9169411a3bf4071a7"
last-modified
Fri, 05 Jul 2024 11:32:14 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-id
iPXHdzR3du6JC1Fdz9mg4hmeRAYbsq33F6GyDJuw_PEogwrreKJqcA==
x-amz-cf-pop
VIE50-C2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
cNgg4g3CZeoRxsCQ2TAgx7RkQWS.L7jz
x-cache
Error from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
89f360333e823a80-FRA
content-length
167
content-type
text/html
date
Sat, 06 Jul 2024 23:29:14 GMT
expires
Sun, 07 Jul 2024 00:29:14 GMT
location
https://app.nzrplus.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGuj2fYed9%2Baj1UkvUdM9KrcCoaksu4CFyhGOo8JGyxLbVlB4bEz7s7vZI7mxlqaFQaEXXszXbUW8QB6w68gRbAU4ePwAuVWL9tUAEqGFl1Yurp1Pjagsq%2B7jDhd3onC7DsDpob96q8I4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
3698.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/3698.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
288dbd3777266289de7411ec9a2423d565797920483adc8d179012aa419e7a12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
S9_kph7nt4p.FO5fo7qD2euDOM5tDaK2
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"f75dbd3aebeed70b73f45186ed04fb77"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
rveTdM36oVicPVVAK-29mjGzu9dLuW_0wQGyMSc45u-UY1pgzgQBbg==
5940.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		3 MB
853 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0128a25c69ba58ac78d471fecc71253e06bf0b103cd74879aec33e5603cbd776

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
Y5jMnLwcrSNojQjdUoFN6boCqJcIgZ16
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"0b794f3e846a0bb71f0a3d49032da8e5"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
9IlSn8uCghV8Ymvl4kZzgudw4NXZH81_be3-XETa4o2cKXrcacPX2w==
2344.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		160 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/2344.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0baa8e74d5aa8b56d99583b77293ff0ce36df8a63b9f3d70befb90c42f3bfbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
AjdbP2VKAym4AhRk6u22Rm1Y._YZReTx
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"0d6090f94a18e508f74dd8525a39f0a7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
lx8mdqJQAse_XjSYUZvz9w6W2AVHXUTpUPAU7LHnM9v0RWLX4Xtgdg==
868.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/868.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f12955fb208eae089baf161eabfdb23c7d8cf246812e87fbc8426c15973a68e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
GBaB7W7qF.kYHfy1.Z_OwhytidAhYhIG
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"cb1ec2d302e52fe0e8054241c318d962"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
rE3oLMCclb26cJl5iIZXir8-HW2QnbcPDAjL_DEW8vG0s-VsGSxmdw==
4876.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		689 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/4876.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5be578ed36e2a930bdaf0c729ae76802842e594b01180920747f7cb2a66d3f6a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
0gDFf5eYUY9EywzXCxcNs8Kghk8aRJhP
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"602005d40842d7edeca8bcbe549e3b45"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
0AyhEoxccWlAPHY2K3Qwt5hXsHftvqYi94HpBScGZgU-Xdc_6wuIgw==
app.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcc6f84183fa61975b32c1973b21369926419d015c9db5d39119957a791b8a3c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
7_tnUMf3nUOV3qDzu1BX5WqRLfuBt3c_
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"e99927db56be552d41f415a045df5f13"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
gXsU0q6z-Hj0P67RYbg2k2PhyyzE5TOYUVVaS4kNbtrdT68WwKyH7Q==
5940.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/5940.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6902b034ee5ff9e155f5b83b13ce7802b6c67a76d5ff6891c5b9512c04ce49c6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
Psv7aSJlj_EDGGYJq_oHJlLk4Tj3IXUa
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"e407005d8252af94a9078906f9ea4a9b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
ph9sGPC2JoYBO_KcBrcrAdCKy3wb-ikOyxbPraYLmhd-QAKZkNQ_6Q==
868.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/868.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a666cd65233454d3e259fafd15dd94a48429d6b7205d656f1144dbb1501a366

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
Ik20C2q8CZ.5Gq_3g1zTnDobAMQGlt55
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:13 GMT
server
AmazonS3
etag
W/"016fcbf7a3e3ec369cc209d8a182c5c1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
0oUKa0xboXrg-CNSYNevISdoabH1ksi2oLoVmyv9PdxiljHd75NlUg==
4876.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		360 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/4876.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd0192f032758b071199b7f4b2eba18b864998f1df9785b069c4078309f454e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
1DDLRIJC1uhd3T9pvpe5rp1VUkVqmbKW
content-encoding
gzip
via
1.1 dcb9765526b3272617b95932c8fefee2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
129418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"460e5a538c724026147cc695ebabccf5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
CVPxEY-8_Eiw9OMDZ9Z2G7g-oMp_QmyQd-qE4u8mQV9RCXnmd2SQmQ==
nzrHead.lppvE.js
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
363 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Server
108.156.60.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-112.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
via
1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jul 2023 10:14:18 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
etag
"9b571aee0d300ee8b4a1ba9e3c4d4f72"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
content-length
363
x-amz-cf-id
JQ9O3B9pguFLbye8l1cytudFFvHzv_TYXg4eagrzSmQFU4yEFkERzg==

Redirect headers

date
Sat, 06 Jul 2024 23:29:15 GMT
vary
Realm, Authorization, Origin
loc
eu-west-1
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
processing-time
0
cache-control
no-transform, max-age=10
request-id
facf84589f801b44
content-length
0
v3
js.stripe.com/ 		619 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 23:29:15 GMT
via
1.1 varnish
age
47
x-cache
HIT
content-length
154096
x-request-id
0428c616-7c42-4829-8eaf-d0f1843d3c83
x-served-by
cache-fra-eddf8230156-FRA
last-modified
Wed, 03 Jul 2024 20:41:37 GMT
server
Fastly
etag
"16095b208fce1f9394656811fb5b307e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
/
dce-frontoffice.imggaming.com/api/v1/init/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,content-type,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 06 Jul 2024 23:29:15 GMT
loc
eu-west-1
processing-time
1
request-id
970fd9ba5584c067
vary
Origin
/
dce-frontoffice.imggaming.com/api/v1/init/ 		85 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/4876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
029745173583c64d0531d04d5cdbd070486c0304ba6f87c003dfa6db794793dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-app-var
6.7.1.260042b
Accept-Language
de-DE
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
content-language
en-GB
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
cache-control
private, no-transform, max-age=10
access-control-allow-credentials
true
content-type
application/json
processing-time
51
request-id
c0aacd51d116136c
gtm.js
www.googletagmanager.com/ 		285 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: dce-frontoffice.imggaming.com
URL: https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30161a1bc74d60bf75a8719a3bec9a278595d572c4da3bae119b27e07e3ac4e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98875
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:29:15 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C24B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-100.ams58.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1448
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 23:05:09 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Wed, 03 Jul 2024 20:04:23 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2e6275c73445d58429e5205e011d70ba.cloudfront.net (CloudFront)
x-amz-cf-id
31rY-f3m7ySydObf2HWzNwkN1-yb_tPyMDDnzE7fabOOmXiJUMvAUA==
x-amz-cf-pop
AMS58-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aca01b26b305eccddc6af407c8c0180ce0f92f4e0f974d08e7c68b62caca8a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93621
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:29:15 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72fd8991ecac2b976693309e7a27424691bb3bf36e10b07444ecda7ab69fe946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92583
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:29:15 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-eddf8230138-FRA
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:29:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
alIG1ZDTXdxoMC6W7zyfuBHhKO/Vei/nDrLd8MNTE2ON99Y/PkVj3mtUKeHBCQKODdsz/7caMk2KS5WT/GmhqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c3ce81e14f171d6e25a727e1c74dc3a47d2c59d599e72be3e6992d61d1a980c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57ce4bd
date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706232915B434EEE32A781B117108-67CB7C2B95F97B4B-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=96
content-length
1496
pragma
no-cache
server
nginx
x-tt-logid
20240706232915B434EEE32A781B117108
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
96,2.20.179.79
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073b915053a99ffbbe4253a9ac2d0c05b99ca5bc9bd0f84428dfaec227d69f5be77f76311906f6d0b72736da78b3c3d78784336c645eb39f1277444400fe8aad10f2bd5e86ee24581a5e26059b184e9a568f
expires
Sat, 06 Jul 2024 23:29:15 GMT
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 06 Jul 2024 23:29:15 GMT
loc
eu-west-1
processing-time
1
request-id
638c562d1c23be69
vary
Origin
/
o129937.ingest.sentry.io/api/1321936/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o129937.ingest.sentry.io/api/1321936/envelope/?sentry_key=d25c8126c77f4064b4b0b921d37b2d0b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/2344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
js
www.googletagmanager.com/gtag/ 		285 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-ML4CN7G8
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb4036018aac82f6e69e26ddc7e5c0b3c2c1414763cb730bc795863604f7efd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99049
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:29:15 GMT
564.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/564.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf0dc7114447c90db37c1eee4523ee0416de61a1bc4206e0e1b9f0e1020d83f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
6DAHzxwP9jbBtkfLJU9KdUKHr_YHeY9Q
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"695fad73313b798015f05f98148303bd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
nC8KES7p0O_p-oj-BAY7zm6D7gx5JWVCci6tzoJmjZdSaQITUECNew==
564.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		112 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/564.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22f4787d1e6e2650b7a22ebb56b22858955083d04d0fddcc8eed082220923cca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
T65.OzEJ2X999X0TeIr61k8.3s4woVPt
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"e36af000755594c115e09c81e2443df2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
gd6VOLSoLFc2ZAy3ZVZjT4seH8pMUSYCxj5lzdiTWtTB3PZcbW6_RQ==
4496.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/4496.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1437dfba423ca6116da2dd257ecc686fef1a3f75aabbbd7ef0da6420d9ff505d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
eCel0347pHEl1OWayThBjkkZiFVRGV7d
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"21fa820872ac5cc154107f6ed0fcd342"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
PFsxciHCUZ9ePWJOG1tFNzKJuyEiovvVQzxzkToqT-B5AiXArGaL1A==
4496.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/4496.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bf94181c178099580291edf88f52923fe9ae68f43da70ff3f1cf6c7482de0c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Izy.dn4TxIHnKyLkOML3JC8pW3uvLt68
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"ed121e0fa61d7677b9e52600d43eebda"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
Dhn7UkY_VPpEQ8Zy6JHHj0uuYIboA1mARhyi2Jo-4PF4xqpNVnswlg==
7788.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/7788.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b12291db0198f3593464f9164137bb2e4ea7970d66f372ad09a6f3ae9af4c6d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
K4q6iAfdVmoTDGnximEiQUtVZ7TJNiGI
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:11 GMT
server
AmazonS3
etag
W/"75d1802a95efd0b419330908ebba8568"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
CHvsZEhRbafSDCDv-cecj4DUimnFGfSL8utVc2TDF2kGc3NnWq5miw==
532.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/532.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b52f1b002936093bb6bb29b3a7eb5e6dde482ff7639d0d0f8fd86a3d51cb5e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Zu6kQ9ceblg7U23Q2_H2icLBfS1.Unji
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"0454e1a85cea9c9eb5e55aafebb2ef92"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
Pw2c44U-J8h7VgI4IKAPwL0Pz5h34n1Q2OrH52SXO2SO6yFbbrAJNQ==
4116.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/4116.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ee4f7e159200bdc4a49c06e98bb1e214cd6a98dd53fbefa569f6680c2588931

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
zyZYXWKA49OM4OI3VH8kbQbVKs4Fbtjo
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"934d2aff47ea30b6d763adb5076673fa"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
08D1rLJlxaq7vijS1Rxr4fY5ms5OBVV3PvrE_1ll2Gc1Y9czpKYK_A==
4956.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		511 B
896 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/4956.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
D5gFB5mqmT2D9ajYqfEogI_OyzG6U2xH
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
511
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
"f48980685b25397bcd242dffdc9446e7"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
86d19uiWus3mysOtrIxMfsEVXPnpPdW7KhW9x7DhE42LkYBgf-g30g==
4956.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/4956.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
509bb48a722c487f10208b85f9a54d62295fdf99d7ec2fd5effb2d21b46c564a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Gka1R04h5v95qllXok3iWYW_ivuhR9wT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"4405cda5f7e6d610a767936a39695f92"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
rU9IIXEpe62gC51lTi8syNuJe56RaAHJp4OEkBsRyskuLD8s7axuYQ==
2240.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/2240.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7f8f2f3c6407efa29cdd0d7ddb623447faeb971eb949bade4ac6d0043e81d31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
cLZ28p2S_UIOnrf62F9OxN0cdWvshtFE
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"8d687b3fc3cef520472301fc737fbfb8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
RvyZQpfAFKTdxsfp4PUSkIQY3tdoCRq0O4qAd8mTzO--hpGS-i3Dow==
6356.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/6356.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5b4abd4f24ec02bbf3b0cc7dd5656d0ced5cf0cec4b1ce07cf8d3395fec7c20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
RbogGi5ztxl5v383qPrZUP5m.8.bUrYr
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"995d24d104c96f4a21cad9d37d81ebeb"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
3zUF3pzcGSIWtFOuaT2ceAhT_6lQhtfGzBB2widVS9Ap05IWR1Q6pA==
6352.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/6352.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a78a22df4975842a5e8da9f282bc76e149e196c9ee5d6ffaeebb52a10098ba70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
LyNsybIHLu2G_33LDpLaC3PnM_XeT4_Z
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"59afa5e68d4ec84155aada1730e7e924"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
4qizz1OVajTqSnlmCX9DsRJVWk85HxPcf3qECqh7Kdx4f7DsGnbR4A==
6352.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/6352.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b2d7485e9974fa00b79252e2e8a70b60de1dcfb391b7b87af39ce648e8ec363

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Sgqlb7TrjaGMRDEYVj.n17tbs_xiB8Rx
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"49455bff724491fd9996e655f6f39f52"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
z7CcWAXEwx36ZU4CPcieOPOKaiqOBixd5XthPwjW-Pcm8hIN9eRh-Q==
2308.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/2308.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c02d310a1029df54557874225f32799d494638dfa08fc087126bdbf3cd26ba1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
aj524hlGCIzyVHBOjs02CKQVbvlTaK9X
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"d38cd1095f2e7a86d387a469d6eaba6a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
khwpekoZ-Niz7pMmBPlKFVaKNXFvQfr7FVsKmze5X9fz98DCqHFlFw==
1893.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		363 B
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/1893.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
X3FPB6sGU1dsMO7YGjNBdz0Dx.ly_OAF
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
363
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
"8a9c8ed7c197723e2929b511b17a1870"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Qzbnc74sDCBNfD9gZOmaCkY_MRZU1PNBibU-qrqSToJhR5yE1a28_g==
dice.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		673 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/dice.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e7378809419c6c64601922f3276b40a3086a80e706f570d1418226405426a64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
2eDT.ZhjL4zfi465QOAzP8ZaAF1Yqj7V
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:13 GMT
server
AmazonS3
etag
W/"8868c76698780ef08b63107b453a6eb6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
q4mHrCJvYAL6mArreedYOOxVeJXkxzH3zw5tsupo_UUoQ2w7GipZNg==
dice.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/dice.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2170cc4c670e69d7b4c9081e8d2322482c935a84d89acf302eee8e663cfc0dac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
HoiF3cpMOlyCwBXpuMc259R85Cfa_r.G
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129416
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:11 GMT
server
AmazonS3
etag
W/"fe02ac25ae6b3bdbeed00dceeef1e9db"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
PttNc-le-1iDhy54hwxH4BR1bi1tyzTDPFsRzWLBGs_zUmEz9k-ZTw==
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2d37f730ea6adf1ed6b0f544c1562da85c7e00d7596ee3c57a53ed2ff1f8aa4e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Realm
dce.nzrugby
x-app-var
6.7.1.260042b
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MjAzMDg1NTUsImRldiI6IkJST1dTRVIiLCJlbnQiOnsiYWFpIjpbNDE0NSw0MTQ0XSwiYXNpIjpbNDE0M10sImlhaSI6WzMwNzVdfSwiZW52IjoicHJvZCIsImV4cCI6MTcyMDMwOTE1NSwiZ3VlIjp0cnVlLCJpYXQiOjE3MjAzMDg1NTUsImlwIjoiNDUuMTQxLjE1Mi43NiIsImlzcyI6ImRjZS1pZCIsImxvMiI6IkRFLEhlc3NlLEhlc3NlLEZyYW5rZnVydCBhbSBNYWluLDYwMzI2LDAsMSwwIiwicGFyIjowLCJwcm8iOnsiaWQiOiJ4RVl6Smh8ZjY2NTgzYzYtYTc4OC00ZWY1LWFjYTMtNmRkMjA3NWI4ZGM1IiwidHAiOiJhIn0sInJvbCI6IkNVU1RPTUVSIiwic3ViIjoieEVZekpofGY2NjU4M2M2LWE3ODgtNGVmNS1hY2EzLTZkZDIwNzViOGRjNSIsInV0cCI6IkhVTUFOIn0.lSDaxqqmdJbOGbW8Nh1iYjB3su_U5fkycyu18a3ZXT16D7DpUvy8ytUFDi_RZhCgu2iNSSXmIckq0ILzpXQ6TTlS-6SdrXbQYnPOR_gUJlUuzVKAFcl9I2qbr0NKbBbfwNeqoqkx5bdruhNFzhDUYmkBsFk2cBz67PU83jq8Xa0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
processing-time
5
access-control-allow-credentials
true
content-type
application/json
request-id
161312f64dec775a
content-length
736
config
pixel-config.reddit.com/pixels/t2_gfeyuwzzi/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_gfeyuwzzi/config
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720308555650&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=dcbd249c-860d-4015-a9f8-e19da11c2994&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
696296242296371
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.160&r=stable&domain=app.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:29:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=64, mss=1328, tbw=63807, tp=-1, tpl=-1, uplat=165, ullat=0
pragma
public
x-fb-debug
ROMQnJFYEMqlJxHYg7dtOKsASVNneHG8XkUZUUEKrpwzyDAeO8jUcBL78K2ZyohFQ/BC7Uej4NrxnqPCKMYKAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=dec8c97c-45e9-40b7-a21a-003acad17997&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1a6479cf-f665-4c54-b468-1546957e519b&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
173
date
Sat, 06 Jul 2024 23:29:15 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8f1acdf589341a81
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
969518b9eb52809922257efeab887881c6daa6b266f4ff000350570d5585ff16
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=dec8c97c-45e9-40b7-a21a-003acad17997&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1a6479cf-f665-4c54-b468-1546957e519b&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
113
date
Sat, 06 Jul 2024 23:29:15 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
9bc55843f8c1db48
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
023c094dbc4de959a7c4579404ccd79931b446ce57edfe10f8e8b7266c255dde
content-length
43
splash.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/splash.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-113.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
979878a7b228cc3017175efaf651fa465653723926a69e91325f6774b9034b41

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:35:09 GMT
x-amz-version-id
0mrWAV.lFfIV57lKBqKOutB3GyGCosLx
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
age
129247
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"445d77999bc634c7720b5072327ddefa"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
3Z_1K9Sz3mLMprB4aXJ--352eBDM0e4Ang52sroYn5EeBMRnp5yOVw==
National2Condensed-Medium.ttf
static.diceplatform.com/prod/original/dce.nzrugby/fonts/ 		107 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/fonts/National2Condensed-Medium.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.156.60.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-112.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Origin
https://app.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
via
1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
last-modified
Thu, 03 Aug 2023 13:19:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
etag
W/"a49afdc1e2e5bdf230fca04e4ed78ec1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
a9DmZoUcbXEePxVZb5khlh-a0rQGX_SJkkC0wgCjFJYWQNN7eXl46A==
destination
www.googletagmanager.com/gtag/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106941
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:29:15 GMT
/
get.nzrplus.com/ 		0
0
/
get.nzrplus.com/ 		0
0
authentication-providers
dce-frontoffice.imggaming.com/api/v2/realm/ 		315 B
875 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/realm/authentication-providers
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Realm
dce.nzrugby
x-app-var
6.7.1.260042b
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MjAzMDg1NTUsImRldiI6IkJST1dTRVIiLCJlbnQiOnsiYWFpIjpbNDE0NSw0MTQ0XSwiYXNpIjpbNDE0M10sImlhaSI6WzMwNzVdfSwiZW52IjoicHJvZCIsImV4cCI6MTcyMDMwOTE1NSwiZ3VlIjp0cnVlLCJpYXQiOjE3MjAzMDg1NTUsImlwIjoiNDUuMTQxLjE1Mi43NiIsImlzcyI6ImRjZS1pZCIsImxvMiI6IkRFLEhlc3NlLEhlc3NlLEZyYW5rZnVydCBhbSBNYWluLDYwMzI2LDAsMSwwIiwicGFyIjowLCJwcm8iOnsiaWQiOiJ4RVl6Smh8ZjY2NTgzYzYtYTc4OC00ZWY1LWFjYTMtNmRkMjA3NWI4ZGM1IiwidHAiOiJhIn0sInJvbCI6IkNVU1RPTUVSIiwic3ViIjoieEVZekpofGY2NjU4M2M2LWE3ODgtNGVmNS1hY2EzLTZkZDIwNzViOGRjNSIsInV0cCI6IkhVTUFOIn0.lSDaxqqmdJbOGbW8Nh1iYjB3su_U5fkycyu18a3ZXT16D7DpUvy8ytUFDi_RZhCgu2iNSSXmIckq0ILzpXQ6TTlS-6SdrXbQYnPOR_gUJlUuzVKAFcl9I2qbr0NKbBbfwNeqoqkx5bdruhNFzhDUYmkBsFk2cBz67PU83jq8Xa0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
processing-time
6
access-control-allow-credentials
true
content-type
application/json
request-id
5eef08faff3fd793
content-length
254
authentication-providers
dce-frontoffice.imggaming.com/api/v2/realm/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/realm/authentication-providers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 06 Jul 2024 23:29:15 GMT
loc
eu-west-1
processing-time
0
request-id
d411bec8b50eccd8
vary
Origin
/
get.nzrplus.com/ 		0
0
/
get.nzrplus.com/ 		0
0
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57ce5f1
date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024070211442486CEE947AAC79573EC15
x-tt-trace-id
00-24070211442486CEE947AAC79573EC15-04B0816D8C28569D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01f5ce518d066816ccd30a36e11159c02467e20211ada973577e2ecb3a9081f16d3c5e4f0425a5d39eda990e98a78d3c7d6a9d861e21775716178de026fd0f26160dbdbc2f09f36b723ea1fec93846afd75d8de387ec54da955b6689003bc18b32
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
98499
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57ce638
date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400005A6482EC8658954395AB
x-tt-trace-id
00-2405211400005A6482EC8658954395AB-7D65582794A05721-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bb7da6081e9cf70fa40d500e66dc7f748628c80e0f1c23442ca51ee8a2f8b68964c4f446120724fd2ca9707a41b0908b9313ba92036a2906c239a7d63f0bac733445c05cc1dc4ee260ea56789bff41382955417bb369ac05d71aab0981d5b1c3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
40007
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d57ce647
date
Sat, 06 Jul 2024 23:29:15 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24070623291594E7A4256AEF7D7FCA1C-4925E5ED390B2D33-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=27, cdn-cache; desc=MISS, edge; dur=4, origin; dur=117
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024070623291594E7A4256AEF7D7FCA1C
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
117,2.20.179.79
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073b915053a99ffbbe4253a9ac2d0c05b99c22a2a400dc9653f5fe608ff19e309997f09e4441ecf304847bed130a7ebdb7762213ee236a9d7bb53a9a06555cba52ca83313366340a7e5fccfe00106347a718
access-control-allow-headers
Authorization,*
expires
Sat, 06 Jul 2024 23:29:15 GMT
481997073503704
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.160&r=stable&domain=app.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C187%2C186%2C188%2C193%2C194%2C195%2C191%2C183%2C123%2C152%2C182%2C184%2C114%2C146%2C136%2C140%2C177%2C120%2C219%2C107%2C119%2C220%2C154%2C111%2C127%2C115%2C143
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:29:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4658, tp=12, tpl=0, uplat=65, ullat=0
pragma
public
x-fb-debug
5ICpWRTG2GRRkA2v+eTUjle9m43o9Zc9QdQSPe+a0rUWLEotwrDklvtkDKPZQoAe1xdAAzQvZF1k643esQo0+g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308555861&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=empty&cdl=API_unavailable&it=1720308555660&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2829, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:29:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
Primary Request /
get.nzrplus.com/ 		51 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.nzrplus.com/
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/dice.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f7dad26a2365a1c0dac83d3dc33052452da1ddf2b86ff0d428f29d29943ea107

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
60736
content-encoding
gzip
content-length
17228
content-type
text/html
date
Sat, 06 Jul 2024 23:29:15 GMT
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
HIT
x-cache-hits
2
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
2e0d824a-de1d-47d5-b5ce-7aa2ca7b30dc
x-served-by
cache-dub4356-DUB
x-timer
S1720308556.971630,VS0,VE0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4730v9137464323z89135919949za200zb9135919949&_p=1720308555480&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=588011963.1720308556&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720308555&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2F&dt=&en=dice_navigation.general&_fv=1&_nsi=1&_ss=2&tfd=1187&_z=fetch
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7MSG54SCKT&cid=588011963.1720308556&gtm=45je4730v9137464323z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7MSG54SCKT&cid=588011963.1720308556&gtm=45je4730v9137464323z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=630465510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308555940&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=empty&cdl=API_unavailable&cs_est=true&it=1720308555660&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3216, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:29:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0
nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/ 		79 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f26e4eeb94dfec7384cecd9e17371e2e03cc8580c4cd2877f758b64fa036b7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
x-amz-version-id
MTlMEZkiRmDfKNDNYG9k0IAI8CuRrpTM
cf-cache-status
HIT
x-amz-request-id
V4QDY4FFBJ4JJH44
age
146552
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
14733
x-amz-id-2
v3x5K305DGvGxLUbWESUuEcLhbos0/OncB8RkSgZdyGqHee2qeXUx66XWDQmbO2DfbTruyEOss4=
last-modified
Fri, 05 Jul 2024 06:43:27 GMT
server
cloudflare
etag
"96aec50b16c077a7bb3e5fc19a5e1aec"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
89f3603b3a532c37-FRA
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=650811499cdfe4fd96c4f05b
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 06:44:39 GMT
content-encoding
br
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
age
61486
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
DzJiTBEWush4hTTTmtlVlUG1E1QzuIZThqMEobMJTAewpwh7RHZC1g==
webflow.e0936a4e0.js
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/js/ 		556 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/js/webflow.e0936a4e0.js
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af86ef561b6c436e372a348f945110f1326b9d22bf1814545b21c29d5053aa4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
x-amz-version-id
WV0t6DgHyNtxEyXut73JWBYVUEYIw1BB
cf-cache-status
HIT
x-amz-request-id
V4Q9DG5RHERE7Y1K
age
145774
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
106246
x-amz-id-2
hIdYj9tkVodTLnu7CRkliw9OztsqFzXR/4FMZkjm3frCmp3mueKYLFiZeiaqbyTpXcGs1SWJtII=
last-modified
Fri, 05 Jul 2024 06:43:27 GMT
server
cloudflare
etag
"c2449ae734c9d0e3fca9fdb0bba563c6"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
89f3603b3a4c2c37-FRA
gtm.js
www.googletagmanager.com/ 		285 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30161a1bc74d60bf75a8719a3bec9a278595d572c4da3bae119b27e07e3ac4e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98875
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:29:15 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=772009&u=https%3A%2F%2Fget.nzrplus.com%2F&vn=2
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
c342ed5029a14aa444b9a8d9d96e75f4354b804c8ec6f6c57f0860269c0a2310

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
etag
W/"1720173566_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
650811499cdfe4fd96c4f0b2_haka-amended-2.webp
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0b2_haka-amended-2.webp
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab8f798e70d2f88edd037c1aad4a0a7921431b17b2a8c00c33aa3c1daded59e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
iFPCEqLPQeOvGUN.1sr1nXht854.swI8
cf-cache-status
HIT
x-amz-request-id
V62MW1P5M1JMXHBB
age
268503
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
119104
x-amz-id-2
kI7/kfInPs8CrzCmGGKZowJl3HfEQWCJ3l02rIHi6QqTxsRe2we220jC9sV1zYhM9pk3Qto0WQ8=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"26042cdfee33d016d6fad4498fee615b"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603b9a982c37-FRA
64dcdcc9eab56c0d25a38aba_hero-title-shape-web.svg
cdn.prod.website-files.com/64db5c03233e72553c17930f/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64db5c03233e72553c17930f/64dcdcc9eab56c0d25a38aba_hero-title-shape-web.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8272b2ac7cf5a838eb55a7a2e850933459348014ad9693967572b6fadf4701dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
Q8IyTb9XFfmg9HIRFiawRiVcm0FkZOBx
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BSAQ8MKFN8A56XCS
age
2892302
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l0/RHOuKA3F+67XrIgxp70fhPwocGdAXtVaSUfomwVClIeSGt5Q2Mq2O71R+eaEsocE+o6zXnkY=
last-modified
Wed, 16 Aug 2023 14:27:23 GMT
server
cloudflare
etag
W/"edb77afa22705137e42c98fd1b3d02f6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603b9a9a2c37-FRA
64dc9f021bb0399ff85f6821_rugby-circle.svg
cdn.prod.website-files.com/64db5c03233e72553c17930f/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64db5c03233e72553c17930f/64dc9f021bb0399ff85f6821_rugby-circle.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6d4d453bc4fedb3ecf105d2a9fcccdacd54c3b1620ea7dcee4f6a118b8a7c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
6GR6_AQxFm2iqTp_hrzfi91h2QzPgNDX
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62GXQ71G0WVJ2D2
age
274511
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
exy5G1Syo9ObWJiPQ/6/NsWSUdJAEcCXf/swIJ2DahhFVtliz2if/sKeCjG4imnp72zr+SZiPkM=
last-modified
Wed, 16 Aug 2023 10:03:48 GMT
server
cloudflare
etag
W/"6a401487b014b2d7fee493cc5b3b9c10"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603b9a9d2c37-FRA
64dca2ea5d6c06f4721c0b38_across-icon.svg
cdn.prod.website-files.com/64db5c03233e72553c17930f/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64db5c03233e72553c17930f/64dca2ea5d6c06f4721c0b38_across-icon.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180ae72b8cfada6ae9bf8d07d5aea3121e0c7aa5451b487edb2ae887e88ce697

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
vBrThrzo5IguRjuh_NoFjvB4MnU8N_S_
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62ZPC0EQKV6N9NV
age
2881385
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jQxMhC1vXzeJgQq8b1W0IdwIaHI3MhWXYbH7+bR6nRilDZkNcOZNU1Yi9jt27U9PfjOoE1ZLLkU=
last-modified
Wed, 16 Aug 2023 10:20:28 GMT
server
cloudflare
etag
W/"6063a4fc234023d35b542fa0cf69e235"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603b9a9e2c37-FRA
650811499cdfe4fd96c4f098_national-2-condensed-medium.woff2
uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f098_national-2-condensed-medium.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-47.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28fe7e77f1c1fda5f41b90bac46764818f897d8694cfe72dc206a2289de03362

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 03:38:05 GMT
x-amz-version-id
7cnSyZi8b6Vz5mNrJRID0_cJ1cFKCJ53
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba88.cloudfront.net (CloudFront)
age
762672
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36811
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
AmazonS3
etag
"be44cf5b0c67c870c0b39080cc524b3e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
qFMxghnT92Rv1gK-GuuDwkz2VKU3f_9YOb0cSt2rJZ8Fx2xwySAOqg==
650811499cdfe4fd96c4f09a_manuka-bold.woff2
uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f09a_manuka-bold.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-47.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b0d20d0a82889c0e2d9648eedb2e59bbeff24a1ab33b128524464c9cfb190f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:34:15 GMT
x-amz-version-id
XHtlB5ABP.rePXBQrf_hYEizLifPil5o
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba88.cloudfront.net (CloudFront)
age
2188502
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31932
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
AmazonS3
etag
"b086122c8c32ea5ac4b051ec491c3dd6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
7bdrLa4-gMOffvpHGyjJNztk8e2ZH1rJqz3UdkoumacvFibsIxA8ew==
650811499cdfe4fd96c4f099_national-2-condensed-regular.woff2
uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f099_national-2-condensed-regular.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-47.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
724723fb4d2f21a8b1e2e480a205ba36825c2e7048ebdd9e5b9a9933e8f8ca3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:22:39 GMT
x-amz-version-id
4o5KxOqLyZcnjdAw.UEy9NGtUhpBV.4U
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba88.cloudfront.net (CloudFront)
age
2073998
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35251
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
AmazonS3
etag
"0f5b38a0792772e4ccf0ee23b68762b1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Yd_5b5f4nNFBZVU6lufLWNWsqpR8x5ug4da_1lpEBjaZNmckgRj16g==
650811499cdfe4fd96c4f078_nzr-logo.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f078_nzr-logo.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3812e2730376cb0506c60082397b597d0cb5fcb11a9a81ebe22f3a4c06cbdf0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
34LQnZOkX0mNyc.glUyzEsASn_2MX1.L
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62SPVSC5P9YNRQJ
age
1989808
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8PatEFUKiT2EL1QxEAO9Y8morVrIWmjhsvEG3CIbLh27NJHSuVkCVyXPgoKb7nOqiLyA3nbLcUjmKx+QsTk4GL5IYNu1GIwg
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"5d3abc7ef807c4a12b462832500981da"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603bbaa82c37-FRA
650811499cdfe4fd96c4f09c_radial%20blur.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		1 KB
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f09c_radial%20blur.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422240413f42d73a2f7a6fbaf31b3210da7b8ab41935e670f0bd4a9590109100

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
PLAE_oX4_iTiYYTQ0WJnVdPNWqToggvN
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
GKT7FVVVKV5RYY8B
age
2892300
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
w7T3r7hB40LHGyv0wETO+nuDpRampyqlkF8r6G03foKx2vwesy+aQiyTA2YI17P7YV3zpBsXrBc=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"44fe601a4f9c85e4f5010a26da20a272"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603bbaa92c37-FRA
650811499cdfe4fd96c4f097_video-right-plus.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		2 KB
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f097_video-right-plus.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd08725d27006e4bd265e2b59a5f097db15e6d086d6ae17c8d46a782711d7db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
52Ngh2znftJkHhDr9Z4d9PPYyUIxNrft
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
GKT9BH97BCG1EH00
age
2104357
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GVu8crkzFMLapmDsCz0fYWbAFQowRxl+pA9zBuirzpifViRXrXf1urxOQ72qoA9+UrYpl7qEcvA=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"2e9ed257a02293a7e6053690297359e3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603bbaaa2c37-FRA
650811499cdfe4fd96c4f0af_hero-left-shape.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0af_hero-left-shape.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be6da79ae21538c8f7b25982c82606274400559d01e651bf577a53e33b39bcb1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
2ODRgSabSa1Xfs_takLtoLUCIPCTB7by
cf-cache-status
HIT
x-amz-request-id
GKT17E1V3YE6WJ7Y
age
2884359
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
5991
x-amz-id-2
Q6x+B1tSociNkcfNvA6unWQsnZ4+8GYxRaS5CgWaM/1+LxCuLxbMPQO2Y1XoAb2Mt2TztiOOdmM=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"4d69462fe2f8a772abd5cdbeeebef4cc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603bbaab2c37-FRA
650811499cdfe4fd96c4f087_left-shape.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f087_left-shape.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e48f725551d8da7d2fd92401a8900a4b1cc2f7147d48cc1436b3d98a2e05f96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
B5N2qEQhu.JcTFXk3O9R_eZaP7ySOhrE
cf-cache-status
HIT
x-amz-request-id
V62WXHFC8MHSDT3D
age
2884565
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
149071
x-amz-id-2
GbCQv6NDYUWr1TgbaleO6DmqUHPjbk796i9p6y6ZFBdDL9rHKPjYKZjcopa3XYTN/0g8P8T4CRw=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"963d81db731ab90a7c44b904ae4f152e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603bbaad2c37-FRA
6687942c497a7025b62ad80e_TTW_HeroPlacement.jpg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		267 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/6687942c497a7025b62ad80e_TTW_HeroPlacement.jpg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533eba05e8c137ee679639ceacdcf2e1f0476a17be2d8d63d19fbaa8aee414bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
.ieSqk97C0_jfdx6YM23CX1JyL9e3Ygl
cf-cache-status
HIT
x-amz-request-id
M8TXTDESG0K9XMTR
age
146462
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
273398
x-amz-id-2
u1JD2ycwfpQ91Q6U5tP85RinjW3y7w6SHmhcCYYThLYyGcWz7/mQlZtD7BKQTDJIYr2DllK23tE=
cf-bgj
h2pri
last-modified
Fri, 05 Jul 2024 06:35:26 GMT
server
cloudflare
etag
"dbd2dd8ddfb3e65902c8cd5fb47b9dc6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603bbaaf2c37-FRA
6687957dde1c684f007e6064_SH_Internal_HeroPlacement.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		565 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/6687957dde1c684f007e6064_SH_Internal_HeroPlacement.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c885cdae62293d7b1285f2eac5291002067e34c05d7148b3b8159dddcf55e360

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
Tl0VQCEDboloRpc7KwFheFu1EG1nDUMv
cf-cache-status
HIT
x-amz-request-id
8S3VT8RRWP1C1X3R
age
145773
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
578693
x-amz-id-2
+W0aPhqCmb3ciLn1Al5NKv7+0nBT7o+hvOjiWX2+F9ELq2GcNTP67q3R2CQMX/qFZ0Hde9ig0Po=
last-modified
Fri, 05 Jul 2024 06:41:02 GMT
server
cloudflare
etag
"33fcadf04d5fa0d853dc84ee91edbf38"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603bbab02c37-FRA
js
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47405XVK85&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6812dd22c2f2a435f64d1b37cf423c20ce27dd7361d725a0669b6a162145fd30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93200
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:29:16 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aca01b26b305eccddc6af407c8c0180ce0f92f4e0f974d08e7c68b62caca8a2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93621
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:29:15 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72fd8991ecac2b976693309e7a27424691bb3bf36e10b07444ecda7ab69fe946
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92583
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:29:15 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
uwt.js
static.ads-twitter.com/ 		56 KB
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-type
application/javascript; charset=utf-8
x-cache
HIT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-fra-eddf8230138-FRA
fbevents.js
connect.facebook.net/en_US/ 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 23:29:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
alIG1ZDTXdxoMC6W7zyfuBHhKO/Vei/nDrLd8MNTE2ON99Y/PkVj3mtUKeHBCQKODdsz/7caMk2KS5WT/GmhqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7c4b5655a8cd21a38ebf195433ff449cf68d0f0ea9abf17ca1c851d3bd88a7ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57ce845
date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706232916DD28FE9A15506EAB4C15-75198EF9345B791D-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length
1498
pragma
no-cache
server
nginx
x-tt-logid
20240706232916DD28FE9A15506EAB4C15
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,2.20.179.79
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073b915053a99ffbbe4253a9ac2d0c05b99c6cfc60b8e1a3b6b6115cee413a60e8fcebf68902cffd6f715bd6afdd0a47f17235fa0da3277aae1dec318974fc891ecd05c451d4c84ab28d56e5018328dadb81
expires
Sat, 06 Jul 2024 23:29:16 GMT
va_gq-96d89d1fc0241ee13744f1c58295bb01.js
dev.visualwebsiteoptimizer.com/edrv/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=772009&u=https%3A%2F%2Fget.nzrplus.com%2F&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
e2e985338d0e78ef3be2880fc48228d2bb5cc9da8f316058beb0fdcf2b88ab72

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:10 GMT
server
gfra2
etag
"6687c3ee-110dd"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69853
nc-9ec1391ac8a0b5ef739b9141483db624.js
dev.visualwebsiteoptimizer.com/edrv/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-9ec1391ac8a0b5ef739b9141483db624.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=772009&u=https%3A%2F%2Fget.nzrplus.com%2F&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
5ec2dc49fe6cd088cded962060a7159b209f66c2e9b23bb048ee24b4a48dfbd3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:10 GMT
server
gfra2
etag
"6687c3ee-cc1"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3265
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=772009&d=get.nzrplus.com&u=D9941A03A2ABD2E216D1BC5170849EB3A&h=d7be6db3b459c3b6230c40fd94a38082&t=false
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
config
pixel-config.reddit.com/pixels/t2_gfeyuwzzi/ 		3 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_gfeyuwzzi/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720308556181&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=dcbd249c-860d-4015-a9f8-e19da11c2994&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
696296242296371
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.160&r=stable&domain=get.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e84f3157db316528ab4273af5568a14774de13a0098b00b0ca306f20a1a3124f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:29:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=29, mss=1232, tbw=12308, tp=23, tpl=0, uplat=67, ullat=0
pragma
public
x-fb-debug
qUNbml/2lmm/wB+b0wNDB41Q9VoNwnRSCKYB9+aDSYVPfRya4votCkUXHBECAq3LtCDBEf8v1pH4luuhKREFwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1bf63a06-47c5-4c07-83dc-d9b706048e5b
https://get.nzrplus.com/ 		677 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://get.nzrplus.com/1bf63a06-47c5-4c07-83dc-d9b706048e5b
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f75a87e5b176543ee03f93d11fccca520f089709a448db341d17ceec19e7f406

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
677
Content-Type
application/javascript
650811499cdfe4fd96c4f0ae_Vector.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0ae_Vector.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3486ece9ec0facaf0a69861cad4355f54b16db00bd30441e81928d52a97a3b30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
ZGOZgDjkUyE2VVbErz8vF8vM.iUO2Hug
cf-cache-status
HIT
x-amz-request-id
EANV8NT81JDE3XQW
age
285052
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2088
x-amz-id-2
NhhraLttpB7hodyDLJbyZ1LFwgf45o6eUIDsvDEf+kw++thbK7Jdri35AkOS74OklQxD87h1iy959/sctu4v+A==
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"d6f6cc7ef02558bf4e92f1994803772c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603c8b5d2c37-FRA
650811499cdfe4fd96c4f0c5_Premium%20Originals.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0c5_Premium%20Originals.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14defd388b6f1bfff57729c0f9227304c6aab523db66d16ac717ccf353037307

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
c1vl3e6gZY3C.GEKlXKLgZZZNs4avqu8
cf-cache-status
HIT
x-amz-request-id
EANXT0ZDGRBMEP8A
age
2886794
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
216251
x-amz-id-2
XvSe4fYIR9VeI91b6wHVfkjvpvwVZ02xF2T2zlVwCdyR/R8CqIiu6IMbVgkWoi5bVW0W+AVIm/0=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"625817b43e0c673a271849caf051a3ae"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603c8b5e2c37-FRA
650811499cdfe4fd96c4f0c6_Documentaries2.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0c6_Documentaries2.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8483b5ed7faa144e7d0e78018e84b1e8a2ec9810bc72bff1cc4e473160173ae9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
3FMV31JrsHGEiMiVtXBn2ZG1m7LuJpeL
cf-cache-status
HIT
x-amz-request-id
GKT3AXQS23G14YN0
age
2892300
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
265356
x-amz-id-2
joBfa7talumRvDMwA4sHp5teQDSqzj9cf1M2gJSHaAhz8rvUg6R2aobe4Fq+ak3Sqhcqw+Mn6pg=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"a5217341f0cd651500823ef7fa3241cf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603c8b5f2c37-FRA
650811499cdfe4fd96c4f0c2_Short_Films%20(1).png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		266 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0c2_Short_Films%20(1).png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4900075cb7eee0fef37796d37db656e76f178e5d827d09628112b3cb9620d8ee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
vxKPD7wR.iYlwC67KizDc5kiaAVclR1N
cf-cache-status
HIT
x-amz-request-id
GKTF4A73H20YPBCR
age
2884564
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
272482
x-amz-id-2
XuTAS5X0F/JMtEdwA5E5NZQL7Pn8lPrmwuG0KB8lzXqTDkuMJ28e4rlJqbcro5R16kLTx3GqVRM=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"5bec297698239aeb7a2cd6383f16377c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603c8b612c37-FRA
650811499cdfe4fd96c4f0a0_Right%20text%20cropped.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0a0_Right%20text%20cropped.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8ab5fc11c40c553e094e46fbae83bf6739b282ff073e3e573172d5b4974dfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
Y.Wmedpw4O7gT9T3VymyGGWi60rwaZtB
cf-cache-status
HIT
x-amz-request-id
V62YSG87P9GE78JQ
age
2135930
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56138
x-amz-id-2
sgYZVjXjLd73xG0McKSNsrusHdv1gYSFX6CKDGtlDf1J/ljosIs+c+GcbbloNy3Lpyd/Z/iUQZw=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"2ddd5f8c7d8380ae474c8778aedd0e9e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603c8b622c37-FRA
650811499cdfe4fd96c4f0a7_rugby-shape.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		9 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0a7_rugby-shape.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdfc3505d8e1d823268d38a4d9776110b3bd8eb6d11a135b30ec037ab6d5132

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
ISqNJCSnr8ezjvEEGUfEhHMuhpo3Tdks
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62QSNM64RNT3WP6
age
2034748
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WeDzprrAOg4h/OrcUGlX/P3i8NZLHID7LSntwcDwDSjwQ1Ok+I4IkHRMSER7Un0+3maLAeaSTIsa3KXpEY7d2AE5qvQ40Cum
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"b8c3ae72656d8f9cb9b430bce4c2216d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3603c8b642c37-FRA
adsct
t.co/1/i/ 		43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c4a5f59d-a6bb-415a-9f95-7e951ac7dc81&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d328e841-2bd1-4806-90c5-0bccd20fb2bc&tw_document_href=https%3A%2F%2Fget.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
182
date
Sat, 06 Jul 2024 23:29:16 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
74644e93c14dc8bd
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
78578bd744ac702537b4e5987bcebc1c191dc04eaa1dbc5352b9539e50f1fd2e
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c4a5f59d-a6bb-415a-9f95-7e951ac7dc81&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d328e841-2bd1-4806-90c5-0bccd20fb2bc&tw_document_href=https%3A%2F%2Fget.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
184
date
Sat, 06 Jul 2024 23:29:15 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
4d32bf3cb754d7a4
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
023c094dbc4de959a7c4579404ccd79931b446ce57edfe10f8e8b7266c255dde
content-length
43
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-47405XVK85&gtm=45je4730v9166116559z89135919949za200zb9135919949&_p=1720308556078&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=588011963.1720308556&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720308556&sct=1&seg=0&dl=https%3A%2F%2Fget.nzrplus.com%2F&dr=https%3A%2F%2Fapp.nzrplus.com%2F&dt=NZR%2B%20%7C%20It%27s%20Rugby%2C%20Plus%20Some&en=page_view&_fv=1&_ss=2&tfd=393&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47405XVK85&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-47405XVK85&cid=588011963.1720308556&gtm=45je4730v9166116559z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47405XVK85&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-47405XVK85&cid=588011963.1720308556&gtm=45je4730v9166116559z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=254569730
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s.gif
dev.visualwebsiteoptimizer.com/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=772009&u=D9941A03A2ABD2E216D1BC5170849EB3A&s=1720308555&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22https%253A%252F%252Fapp.nzrplus.com%252F%22%2C%22lt%22%3A1720308556297%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fget.nzrplus.com%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1720308555297&v=46df0bc2b&_ru=https%3A%2F%2Fapp.nzrplus.com%2F
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:29:16 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57ce5f1
date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024070211442486CEE947AAC79573EC15
x-tt-trace-id
00-24070211442486CEE947AAC79573EC15-04B0816D8C28569D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01f5ce518d066816ccd30a36e11159c02467e20211ada973577e2ecb3a9081f16d3c5e4f0425a5d39eda990e98a78d3c7d6a9d861e21775716178de026fd0f26160dbdbc2f09f36b723ea1fec93846afd75d8de387ec54da955b6689003bc18b32
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
98499
481997073503704
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.160&r=stable&domain=get.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C187%2C186%2C188%2C193%2C194%2C195%2C191%2C183%2C123%2C152%2C182%2C184%2C114%2C146%2C136%2C140%2C177%2C120%2C219%2C107%2C119%2C220%2C154%2C111%2C127%2C115%2C143
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3caf09a707676d83f97a152b21ab7f832678c59191098a1fb27eae8613e8b5dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:29:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=40, mss=1232, tbw=25346, tp=37, tpl=0, uplat=55, ullat=0
pragma
public
x-fb-debug
7geHXo8WeXFCdsomKN16K/+qHur5mkC5T6vsTIZaj0yYnwiVC7hpegxL/ZR6vROW1jFp3lOhXsYjcp2Qi67kpA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308556303&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=other&cdl=API_unavailable&it=1720308556219&coo=false&rqm=GET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4673, tp=12, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:29:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308556303&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=other&cdl=API_unavailable&it=1720308556219&coo=false&rqm=FGET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x51d8f83e13bc223a","source_keys":["1","2"]},{"key_piece":"0xf96ccc63522be674","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 23:29:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388668987788554125", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=24, mss=1232, tbw=5064, tp=16, tpl=0, uplat=38, ullat=0
pragma
no-cache
x-fb-debug
s99xZ1VWflNpdndowARieMCY4QCM0qn/WUA00a2FcOQCT3aetOapEmtbEyxl/tztw2MWPNvazWl6wVsvLGNl6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388668987788554125"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57ce638
date
Sat, 06 Jul 2024 23:29:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400005A6482EC8658954395AB
x-tt-trace-id
00-2405211400005A6482EC8658954395AB-7D65582794A05721-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bb7da6081e9cf70fa40d500e66dc7f748628c80e0f1c23442ca51ee8a2f8b68964c4f446120724fd2ca9707a41b0908b9313ba92036a2906c239a7d63f0bac733445c05cc1dc4ee260ea56789bff41382955417bb369ac05d71aab0981d5b1c3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
40007
pixel
analytics.tiktok.com/api/v2/ 		0
704 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d57ce98e
date
Sat, 06 Jul 2024 23:29:16 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706232916733AA03CB444388DAEBF-64CA58AA8EB0C9B5-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=24, cdn-cache; desc=MISS, edge; dur=3, origin; dur=117
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240706232916733AA03CB444388DAEBF
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
117,2.20.179.79
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073b915053a99ffbbe4253a9ac2d0c05b99c5fb2258dda6fc9397cd7975689d5f7934df79cc154f6732e746866c79729c6d1307452d0ff933d0a00c057379050b44df3848dd65d035d869fc3d4f586f2c2ac
access-control-allow-headers
Authorization,*
expires
Sat, 06 Jul 2024 23:29:16 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308556371&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=other&cdl=API_unavailable&cs_est=true&it=1720308556219&coo=false&rqm=GET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=26, mss=1232, tbw=8392, tp=22, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:29:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308556371&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=other&cdl=API_unavailable&cs_est=true&it=1720308556219&coo=false&rqm=FGET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc6498ba2880a5342","source_keys":["1","2"]},{"key_piece":"0xebf1d19cf4719c37","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 23:29:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388668988312361733", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=26, mss=1232, tbw=8623, tp=26, tpl=0, uplat=40, ullat=0
pragma
no-cache
x-fb-debug
n0HPEgWBl0aM0GLE122U56NYeU6D+KSppc+06DBulNYr4OUZgw6sRwJY/q1d/YpKQ9rp6l541Kwekov9zKBbsg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388668988312361733"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
650811499cdfe4fd96c4f09f_Favicon%20(1).jpg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f09f_Favicon%20(1).jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0a90125f9c35fa1a92ac6fd0872a3d8731403f257b5f87e68dcd75bf08ddee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
x-amz-version-id
0ob_NN2LyXU.LcFK.Gl2757OUqp9CCER
cf-cache-status
HIT
x-amz-request-id
JC6R6BJ2NG9BCKPE
age
2888698
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2006
x-amz-id-2
8c6M8t8OTz5KCOwU53raKUbtDFe5RYviCEWEplqWxd5Y7EhGZjRuZ5pgoamMvhTP0R9S+PShsIo=
cf-bgj
h2pri
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"60f5534f11bf1f655720a1ac9271396f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3603dec6c2c37-FRA
act
analytics.tiktok.com/api/v2/pixel/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
44eb99ef.d57ceb6a
date
Sat, 06 Jul 2024 23:29:16 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706232916B0D7C79BA055146E00B8-7C03188E32F848AA-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
190,2.20.179.79
server-timing
cdn-cache; desc=MISS, edge; dur=145, origin; dur=50, inner; dur=19
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240706232916B0D7C79BA055146E00B8
x-cache-remote
TCP_MISS from a104-78-78-45.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
50,104.78.78.45
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073be0fd970991b011332c0befb7aa67e0c8c67fd392c58be6f4c6847bcb4e9da65632e6c3724a5858f6b9f4b44db666ab1d7ea14e7111316a151e81262833f46db4c84db84d1723a2bd5947d35aca2ee904ed0f6a024928e14e32a8fa14b3478089
access-control-allow-headers
Authorization,*
expires
Sat, 06 Jul 2024 23:29:16 GMT
track-08ccb11efa18f078a2a9dd8f40d0dd27.js
dev.visualwebsiteoptimizer.com/7.0/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-08ccb11efa18f078a2a9dd8f40d0dd27.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
2553f36a94622c3bbd62ed136f0607dc6bfac0d555d9ddce2c4cae2dae381d38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:17 GMT
server
gfra2
etag
"6687c3f5-1154"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4436
opa-2055dcb4db758a08c758ea27bcb6063a.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		140 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-2055dcb4db758a08c758ea27bcb6063a.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
c4a5a5160dd97ca10fde46947068fcf5cafc1682aa31ffe3c008412e2bf2dfcb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:12 GMT
server
gfra2
etag
"6687c3f0-8ccf"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36047
settings.js
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=772009&settings_type=1&vn=&eventArch=1&uuid=&exc=1|2
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
3556ad21230a94e552feae31efc5b3e9aaea88e009425ccd915bb9ad91afac4d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
etag
W/"1720173566_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
worker.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:16 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:12 GMT
server
gfra2
etag
"6687c3f0-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13599

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308555861&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=empty&cdl=API_unavailable&it=1720308555660&coo=false&rqm=FGET
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308555940&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308555861.612293065254053440&ler=empty&cdl=API_unavailable&cs_est=true&it=1720308555660&coo=false&rqm=FGET
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4730v9137464323za200zb9135919949&_p=1720308555480&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=588011963.1720308556&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1720308555&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=4&tfd=1288&_z=fetch

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer object| code object| _vwo_code number| _vwo_settings_timer object| google_tag_manager object| google_tag_data function| rdt function| twq function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| $ function| jQuery function| tram object| Webflow number| _vwo_j_e object| _VWO string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue undefined| _vwo_clicks object| VWOOmni object| mainThread number| _vwo_library_timer string| _vis_opt_lib string| _vwo_cdn function| redditNormalizeEmail object| regeneratorRuntime object| twttr object| gaGlobal function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s boolean| _vwo_spaR object| _vwo_exp string| _vwo_uuid object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| _vwo_pa boolean| vwo_libExecuted number| ___vwo object| __nls string| pushcrewHash

20 Cookies

Domain/Path Name / Value
.nzrplus.com/ Name: _gcl_au
Value: 1.1.1552317407.1720308556
.tiktok.com/ Name: _ttp
Value: 2itSobbqpW9f3QzNi7ghA2SVMK2
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172030855578166609
.twitter.com/ Name: guest_id_ads
Value: v1%3A172030855578166609
.twitter.com/ Name: personalization_id
Value: "v1_w6i6OkO3y5Rrv2PMER+bew=="
.twitter.com/ Name: guest_id
Value: v1%3A172030855578166609
.nzrplus.com/ Name: _tt_enable_cookie
Value: 1
.nzrplus.com/ Name: _ttp
Value: lFFCn0uTXXbxVlilg9i_9T9Pwyo
.nzrplus.com/ Name: _fbp
Value: fb.1.1720308555861.612293065254053440
.t.co/ Name: muc_ads
Value: 7a6ec29b-8043-4db9-ab8c-1528ec902642
.nzrplus.com/ Name: _ga
Value: GA1.1.588011963.1720308556
.nzrplus.com/ Name: _ga_7MSG54SCKT
Value: GS1.1.1720308555.1.0.1720308555.60.0.0
.get.nzrplus.com/ Name: _vwo_uuid_v2
Value: D9941A03A2ABD2E216D1BC5170849EB3A|d7be6db3b459c3b6230c40fd94a38082
.nzrplus.com/ Name: _rdt_uuid
Value: 1720308555649.dcbd249c-860d-4015-a9f8-e19da11c2994
.nzrplus.com/ Name: _ga_47405XVK85
Value: GS1.1.1720308556.1.0.1720308556.60.0.0
.nzrplus.com/ Name: _vwo_uuid
Value: D9941A03A2ABD2E216D1BC5170849EB3A
.nzrplus.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.nzrplus.com/ Name: _vis_opt_s
Value: 1%7C
.nzrplus.com/ Name: _vis_opt_test_cookie
Value: 1
.nzrplus.com/ Name: _vwo_ds
Value: 3%3At_0%2Ca_0%3A0%241720308555%3A47.18647176%3A%3A%3A2_0%2C1_0%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
app.nzrplus.com
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
dce-frontoffice.imggaming.com
dev.visualwebsiteoptimizer.com
get.nzrplus.com
js.stripe.com
nzrplus.com
o129937.ingest.sentry.io
pixel-config.reddit.com
region1.analytics.google.com
static.ads-twitter.com
static.diceplatform.com
stats.g.doubleclick.net
t.co
uploads-ssl.webflow.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
get.nzrplus.com
region1.analytics.google.com
www.facebook.com
104.244.42.131
108.156.60.112
13.32.110.113
146.75.120.157
151.101.129.140
151.101.192.176
151.101.193.140
18.239.18.100
2.18.64.15
2001:4860:4802:34::36
2606:4700:3034::ac43:82ed
2606:4700:4400::ac40:991d
2a00:1450:4001:828::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::396
34.120.195.249
34.249.200.254
34.96.102.137
52.222.232.99
54.171.28.66
65.9.86.47
93.184.221.165
0128a25c69ba58ac78d471fecc71253e06bf0b103cd74879aec33e5603cbd776
029745173583c64d0531d04d5cdbd070486c0304ba6f87c003dfa6db794793dd
0b0d20d0a82889c0e2d9648eedb2e59bbeff24a1ab33b128524464c9cfb190f4
0b52f1b002936093bb6bb29b3a7eb5e6dde482ff7639d0d0f8fd86a3d51cb5e8
0c0a90125f9c35fa1a92ac6fd0872a3d8731403f257b5f87e68dcd75bf08ddee
0e7378809419c6c64601922f3276b40a3086a80e706f570d1418226405426a64
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63
1437dfba423ca6116da2dd257ecc686fef1a3f75aabbbd7ef0da6420d9ff505d
14defd388b6f1bfff57729c0f9227304c6aab523db66d16ac717ccf353037307
180ae72b8cfada6ae9bf8d07d5aea3121e0c7aa5451b487edb2ae887e88ce697
1ab8f798e70d2f88edd037c1aad4a0a7921431b17b2a8c00c33aa3c1daded59e
2170cc4c670e69d7b4c9081e8d2322482c935a84d89acf302eee8e663cfc0dac
22f4787d1e6e2650b7a22ebb56b22858955083d04d0fddcc8eed082220923cca
2553f36a94622c3bbd62ed136f0607dc6bfac0d555d9ddce2c4cae2dae381d38
288dbd3777266289de7411ec9a2423d565797920483adc8d179012aa419e7a12
28fe7e77f1c1fda5f41b90bac46764818f897d8694cfe72dc206a2289de03362
2b2d7485e9974fa00b79252e2e8a70b60de1dcfb391b7b87af39ce648e8ec363
2bf94181c178099580291edf88f52923fe9ae68f43da70ff3f1cf6c7482de0c9
2d37f730ea6adf1ed6b0f544c1562da85c7e00d7596ee3c57a53ed2ff1f8aa4e
2dd08725d27006e4bd265e2b59a5f097db15e6d086d6ae17c8d46a782711d7db
2f26e4eeb94dfec7384cecd9e17371e2e03cc8580c4cd2877f758b64fa036b7a
30161a1bc74d60bf75a8719a3bec9a278595d572c4da3bae119b27e07e3ac4e3
3486ece9ec0facaf0a69861cad4355f54b16db00bd30441e81928d52a97a3b30
3556ad21230a94e552feae31efc5b3e9aaea88e009425ccd915bb9ad91afac4d
3a666cd65233454d3e259fafd15dd94a48429d6b7205d656f1144dbb1501a366
3b12291db0198f3593464f9164137bb2e4ea7970d66f372ad09a6f3ae9af4c6d
3caf09a707676d83f97a152b21ab7f832678c59191098a1fb27eae8613e8b5dd
422240413f42d73a2f7a6fbaf31b3210da7b8ab41935e670f0bd4a9590109100
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4900075cb7eee0fef37796d37db656e76f178e5d827d09628112b3cb9620d8ee
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
509bb48a722c487f10208b85f9a54d62295fdf99d7ec2fd5effb2d21b46c564a
533eba05e8c137ee679639ceacdcf2e1f0476a17be2d8d63d19fbaa8aee414bf
5be578ed36e2a930bdaf0c729ae76802842e594b01180920747f7cb2a66d3f6a
5eb85c99a8995f941d73df50a4a818eb473a0c44b7786bec6d309dbe6a38758e
5ec2dc49fe6cd088cded962060a7159b209f66c2e9b23bb048ee24b4a48dfbd3
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6812dd22c2f2a435f64d1b37cf423c20ce27dd7361d725a0669b6a162145fd30
6902b034ee5ff9e155f5b83b13ce7802b6c67a76d5ff6891c5b9512c04ce49c6
6c02d310a1029df54557874225f32799d494638dfa08fc087126bdbf3cd26ba1
6e48f725551d8da7d2fd92401a8900a4b1cc2f7147d48cc1436b3d98a2e05f96
724723fb4d2f21a8b1e2e480a205ba36825c2e7048ebdd9e5b9a9933e8f8ca3b
72fd8991ecac2b976693309e7a27424691bb3bf36e10b07444ecda7ab69fe946
7af86ef561b6c436e372a348f945110f1326b9d22bf1814545b21c29d5053aa4
7c4b5655a8cd21a38ebf195433ff449cf68d0f0ea9abf17ca1c851d3bd88a7ea
7ee4f7e159200bdc4a49c06e98bb1e214cd6a98dd53fbefa569f6680c2588931
8272b2ac7cf5a838eb55a7a2e850933459348014ad9693967572b6fadf4701dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8483b5ed7faa144e7d0e78018e84b1e8a2ec9810bc72bff1cc4e473160173ae9
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88
979878a7b228cc3017175efaf651fa465653723926a69e91325f6774b9034b41
9f6d4d453bc4fedb3ecf105d2a9fcccdacd54c3b1620ea7dcee4f6a118b8a7c7
a3812e2730376cb0506c60082397b597d0cb5fcb11a9a81ebe22f3a4c06cbdf0
a78a22df4975842a5e8da9f282bc76e149e196c9ee5d6ffaeebb52a10098ba70
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca01b26b305eccddc6af407c8c0180ce0f92f4e0f974d08e7c68b62caca8a2b
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393
b5b4abd4f24ec02bbf3b0cc7dd5656d0ced5cf0cec4b1ce07cf8d3395fec7c20
b7f8f2f3c6407efa29cdd0d7ddb623447faeb971eb949bade4ac6d0043e81d31
ba8ab5fc11c40c553e094e46fbae83bf6739b282ff073e3e573172d5b4974dfe
bcc6f84183fa61975b32c1973b21369926419d015c9db5d39119957a791b8a3c
be6da79ae21538c8f7b25982c82606274400559d01e651bf577a53e33b39bcb1
c342ed5029a14aa444b9a8d9d96e75f4354b804c8ec6f6c57f0860269c0a2310
c3ce81e14f171d6e25a727e1c74dc3a47d2c59d599e72be3e6992d61d1a980c4
c4a5a5160dd97ca10fde46947068fcf5cafc1682aa31ffe3c008412e2bf2dfcb
c885cdae62293d7b1285f2eac5291002067e34c05d7148b3b8159dddcf55e360
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
d0baa8e74d5aa8b56d99583b77293ff0ce36df8a63b9f3d70befb90c42f3bfbb
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
ddf0dc7114447c90db37c1eee4523ee0416de61a1bc4206e0e1b9f0e1020d83f
e2e985338d0e78ef3be2880fc48228d2bb5cc9da8f316058beb0fdcf2b88ab72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84f3157db316528ab4273af5568a14774de13a0098b00b0ca306f20a1a3124f
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
eb4036018aac82f6e69e26ddc7e5c0b3c2c1414763cb730bc795863604f7efd1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12955fb208eae089baf161eabfdb23c7d8cf246812e87fbc8426c15973a68e7
f75a87e5b176543ee03f93d11fccca520f089709a448db341d17ceec19e7f406
f7dad26a2365a1c0dac83d3dc33052452da1ddf2b86ff0d428f29d29943ea107
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbdfc3505d8e1d823268d38a4d9776110b3bd8eb6d11a135b30ec037ab6d5132
fd0192f032758b071199b7f4b2eba18b864998f1df9785b069c4078309f454e2
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236