urlscan.io logo urlscan.io
SecurityTrails logo

app.nzrplus.com Open in urlscan Pro
18.66.112.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.nzrplus.com/login/0.3544396471261775
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 71 HTTP transactions. The main IP is 18.66.112.18, located in United States and belongs to AMAZON-02, US. The main domain is app.nzrplus.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 26th 2024. Valid for: a year.
This is the only time app.nzrplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    18.66.112.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-18.fra56.r.cloudfront.net
app.nzrplus.com
7    2a05:d028:30:2005:e252:8692:afb:481 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dce-frontoffice.imggaming.com
5    3.160.150.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-113.fra60.r.cloudfront.net
static.diceplatform.com
6    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)
l.getsitecontrol.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    13.32.110.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-121.vie50.r.cloudfront.net
content-images.onvesper.com
1    23.210.92.123 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-210-92-123.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Apex Domain
Subdomains		 Transfer
28 nzrplus.com
app.nzrplus.com
1 MB
7 imggaming.com
dce-frontoffice.imggaming.com — Cisco Umbrella Rank: 135322
31 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
529 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
139 KB
5 diceplatform.com
static.diceplatform.com — Cisco Umbrella Rank: 215408
59 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
79 KB
2 onvesper.com
content-images.onvesper.com
94 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 19637
2 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
724 B
1 t.co
t.co — Cisco Umbrella Rank: 859
628 B
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
554 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 8268
996 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
16 KB
71 18
Domain Requested by
28 app.nzrplus.com app.nzrplus.com
7 dce-frontoffice.imggaming.com 3 redirects app.nzrplus.com
6 www.googletagmanager.com dce-frontoffice.imggaming.com
www.googletagmanager.com
app.nzrplus.com
5 analytics.tiktok.com app.nzrplus.com
analytics.tiktok.com
5 static.diceplatform.com app.nzrplus.com
4 www.facebook.com app.nzrplus.com
3 connect.facebook.net app.nzrplus.com
connect.facebook.net
2 content-images.onvesper.com app.nzrplus.com
2 l.getsitecontrol.com www.googletagmanager.com
app.nzrplus.com
2 www.redditstatic.com www.googletagmanager.com
app.nzrplus.com
1 analytics.twitter.com app.nzrplus.com
1 t.co app.nzrplus.com
1 www.google.de app.nzrplus.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com app.nzrplus.com
1 analytics.pangle-ads.com analytics.tiktok.com
1 alb.reddit.com app.nzrplus.com
1 pixel-config.reddit.com app.nzrplus.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
71 20

This site contains no links.

Subject Issuer Validity Valid
app.nzrplus.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
*.imggaming.com
GeoTrust TLS RSA CA G1		 2024-10-23 -
2025-11-12		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2024-03-05 -
2025-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-12 -
2024-11-10		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
content-images.onvesper.com
Amazon RSA 2048 M03		 2024-07-11 -
2025-08-09		 a year crt.sh
*.diceplatform.com
Amazon RSA 2048 M02		 2024-08-14 -
2025-09-11		 a year crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1		 2024-08-13 -
2025-09-13		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-30 -
2025-09-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://app.nzrplus.com/login/0.3544396471261775
Frame ID: 4AD5CEAB72AAC2F1200D4A2F098AF4E1
Requests: 68 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapp.nzrplus.com
Frame ID: FB0AC410FDB0A016D9CA3529B5740ADC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - New Zealand Rugby

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

71
Requests

96 %
HTTPS

50 %
IPv6

18
Domains

20
Subdomains

20
IPs

4
Countries

2099 kB
Transfer

7014 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Request Chain 23
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Request Chain 69
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.3544396471261775
app.nzrplus.com/login/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5a72d4d710727c6283714bae4cf0f389dd5dd6bce3af88cc854ee2f6c6fc11c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=5
content-encoding
gzip
content-type
text/html
date
Sun, 03 Nov 2024 08:28:21 GMT
etag
W/"d204ef35795944284494be230db4a0f3"
last-modified
Fri, 01 Nov 2024 11:25:50 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-id
l7B2YJoEHxMPqG_bau-iBK4rM0MZ1k6BB6KKa7rRpD8ZaPpdgpIVdw==
x-amz-cf-pop
FRA56-P5
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
JlJLIC4z8FdqSQKLkjgzYEYRxsIBipuL
x-cache
Error from cloudfront
Roboto-Bold.ttf
app.nzrplus.com/assets/fonts/ 		159 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/assets/fonts/Roboto-Bold.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
KJVgGreHGFVlmla2m2m4.YBZY.SJE9hf
etag
W/"d329cc8b34667f114a95422aaad1b063"
age
14768179
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
8ZbvKupwB_ILIcy2RRtOn5kll3aNHgTyizAW1U-8NgR75BDlG1ctdg==
date
Thu, 16 May 2024 10:12:02 GMT
content-type
font/ttf
vary
Accept-Encoding
last-modified
Wed, 15 May 2024 16:56:06 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
Roboto-Medium.ttf
app.nzrplus.com/assets/fonts/ 		159 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/assets/fonts/Roboto-Medium.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8559132c89ad51d8a2ba5b171887a44a7ba93776e205f553573de228e64b45f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
cNMXPiOHIUe8.6FO8Ghv_qzB04aLOvvy
etag
W/"fe13e4170719c2fc586501e777bde143"
age
14768462
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
i-aBN45MjqaKPNhMGdbq9L2D_IQfinMj_-N2dbRVu0JtHvHFoqeoRQ==
date
Thu, 16 May 2024 10:07:19 GMT
content-type
font/ttf
vary
Accept-Encoding
last-modified
Wed, 15 May 2024 16:56:06 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
moment.694aaa4f3dff339f166f.js
app.nzrplus.com/code/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/moment.694aaa4f3dff339f166f.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
417d55e3680632e3818c920c59446b5c5e3713d4ec1373a738a14a7e68dc9c94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
etag
W/"0ee58e5d76916d1763dd6b89c4c00f5d"
age
233196
x-amz-version-id
p5H4BKC3Zc.Bih0FtMgcZ0E6AzOE3ONn
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
xlZZWxD4NQQUm0cW0qLEq-5WRF-Qh51Uxkd7Cc4WSlhdjgR2Bya_jQ==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 15:41:12 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
182.8e3e23f6df52e95f42c0.js
app.nzrplus.com/code/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/182.8e3e23f6df52e95f42c0.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ebbdfe8e6167ab14ebca683e0192eac13a7ba9555f02a0996e19bcf996ce81f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
etag
W/"4e6eb31e8e75ef1c19abcf5c89f407a8"
age
233196
x-amz-version-id
7utq91CVuEleftFx4mHIfEIwQEHRHfM5
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Rkj7O8_zJaeVZMX8brr42kAx0GS1_09cTjycpwXPNeeNxk4txta9Eg==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7110.88bb7721ab9a7da29455.js
app.nzrplus.com/code/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/7110.88bb7721ab9a7da29455.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d75f373f9caa34a375f400c1f3ba8ddd12d67874daeae172212056e900ce9f40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
30PmW959.v911_iPA1Xy9o1hc5LPV3Dx
age
233196
etag
W/"adf12ce11fdb762fee7f7f5a2d79ba3f"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
CR0_Sd26WFU7ybIY9JYB7-R3V9rGrzw43Xmzt_6PhJ2iyxNsuu6Uvg==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
8287.23bdb2f55f825b0b1480.js
app.nzrplus.com/code/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/8287.23bdb2f55f825b0b1480.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d8017815d48aa1821eeccb3b7325ce09a82ce61e716ba286c2adb5a7221b3c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
HnVJcbL9GAZMWRhfa2o78k5Z2RdzYmCh
age
233196
etag
W/"dad314517a8c97697a2282c69c268229"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
JvTK0F4yFLCen8kaAcQaWKuWzejKwBG5HIokyMsQfNbbKgezSReSew==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:57 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
2572.8b0b80ed4fe2ce9f5819.js
app.nzrplus.com/code/js/ 		296 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/2572.8b0b80ed4fe2ce9f5819.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cd60cc0fee6754f01f2a089a37f1b4377c6d37522b0a47cb869a3fec06090a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
EwuyANFVzVja1oGlg0Ck8LqSd4Tl_qcw
age
162940
etag
W/"28f10d56a075ca04920b76f7a6c06c73"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
kHGJK8uw3PFX6Er6frIm7r_L5tPw0VlPJk_8C21KYXnEJpqVLpAp0w==
date
Fri, 01 Nov 2024 11:12:41 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 01 Nov 2024 11:11:59 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7779.a937f924fc8bc767e244.js
app.nzrplus.com/code/js/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/7779.a937f924fc8bc767e244.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec6a3b9d94374e98c7490486c89e9709ebe3cf0765ac4b8ce214cf6f06ff5de0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
iPSOcLzmGqHolosXGGOGBT7PvXd2gWjQ
age
233196
etag
W/"38ee18e22ec78df18f0eb31093c9b925"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
mgggT444v7L_bop0Cg5AST7NhfOiEXsG2wisVHQcvlWGPeTUmjXkrA==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:57 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1070.09882f40929a6129364a.js
app.nzrplus.com/code/js/ 		1 MB
348 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/1070.09882f40929a6129364a.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c729fad09aa63019148650c0911be544710d8cf3c524ada317db20052d04642

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
y6YAzgpCopKmGuJXhkJ3l16Oglu_NIcY
age
233196
etag
W/"6694aee982b893ce3c3fdffa033dd882"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
79hlrECaCnMkuKunyVQGLbz5GrDqZIUnRvXQyPZJmPargsm9TQvgrA==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
568.f0f658136fe383007816.js
app.nzrplus.com/code/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/568.f0f658136fe383007816.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be063c457404fc1e1b30b0dd90b45cb8b4a35ec7e2181812ebe185a146928ccc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
MXc4yRbKxlLFjCzPzExWavFp2QlJvowI
age
233196
etag
W/"e552d25bd38d2ababa6383e797f825cb"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
UD2_76CbIAgCnK-VKXsFRsvgcAwbOonwOontRt5GFpInrdlAUOUH7Q==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
4755.071c954bb55d3f46142a.js
app.nzrplus.com/code/js/ 		107 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/4755.071c954bb55d3f46142a.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a64549a0da2a6ccdcb72b4baad16c5338254a2e8f37c5ebeccc31b998ca7f1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
H2a_RDerhb_o49P7OOddsPz2FJgKdakL
age
162138
etag
W/"7d9f6121e131cc0275b47c01425d6c46"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ZjeRDf_MQ_E5MiXTj9dVWjSaTwvsIZqXnLmlwx7xubEml_KW__tvZg==
date
Fri, 01 Nov 2024 11:26:03 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 01 Nov 2024 11:25:40 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
8817.94545c5e996202039e9e.js
app.nzrplus.com/code/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/8817.94545c5e996202039e9e.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89834d08418c88b54a7a2091c3b583b1033155fbe7442237e76cd6b05c34e513

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
TyxOhVXKqsBIyQ2dKX8qaKAi9abi662s
age
233196
etag
W/"8edcf186187aebf5aecd60620ca1f67c"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
vFpT-lkKLQLhP7WytFsAfkcAeat98dMhr5wXjAfVKCWyv4Pj9nFQ9g==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:57 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
4727.5f08680e64ce18299df5.js
app.nzrplus.com/code/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/4727.5f08680e64ce18299df5.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cb0a5f6e18b8e142732eea392d477cb0223aaee4c31c3c5d243bcd530ddb864

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
ZJD_IvsW2wW6gsYhtqQ1FC7FmylssD9a
age
233196
etag
W/"162eafc586d3d2cab11c94f3b43d2018"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
W14X1j1Y2DLTtHtVJwyxlfG9gWCbwoXaJgQt0a0Ztq9A-6eYmAxMsw==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
6465.024a29a4f682ef9c2480.js
app.nzrplus.com/code/js/ 		340 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/6465.024a29a4f682ef9c2480.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1533213db37cb55aea8591f1c6d6725937d2aeb67276842801633eeb6ec89c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
etag
W/"218d8018b309a455187980991d79d641"
age
162138
x-amz-version-id
dC1MqDBMEj1JUSBIYnM0d0NVgN4kPOqb
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
309YQ368htPtj8WQKunVhgbNb0979Zrg7-DpYuxKI74LSKJKIMOd3A==
date
Fri, 01 Nov 2024 11:26:03 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 11:25:40 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
app.b6542aa55afff02d7433.js
app.nzrplus.com/code/js/ 		332 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9763c6626b220a17942e771fd003d9152e5f9fa71e80ba3ffd7baddcf6518c99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
etag
W/"b27c44a977b7f962e28492431199580f"
age
162138
x-amz-version-id
1DfuhsBChvtc0MS.JqGCGGePYFed5gZI
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
JQOlvTA6bu6BMo7qRp2Kz0roMzvXJRwgDMrN2PJjIf2rMzUHmatrWg==
date
Fri, 01 Nov 2024 11:26:03 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 11:25:40 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
2572.40d63609ab7cf80f43ff.css
app.nzrplus.com/style/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/2572.40d63609ab7cf80f43ff.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
300f99a314ff53328ec07cc93a826e671ba360511562fe8d322f3742192c6c24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
EpoA57.qW8up.ZEo1q4D3gVZ8EVw_G03
etag
W/"184e7e4bb513a00b5d6aeed98d27e047"
age
162940
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
lMnVchQz2g30WqVTWjs1FGh5-qAn1yFbQawfJ3nPKvnHYlBDU6Zv9Q==
date
Fri, 01 Nov 2024 11:12:41 GMT
content-type
text/css
vary
accept-encoding
last-modified
Fri, 01 Nov 2024 11:12:08 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1070.81d1abf99e6509fb1712.css
app.nzrplus.com/style/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/1070.81d1abf99e6509fb1712.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c64f63e7f679542e1fc164573f0d77392471ddf42b0f21a34acaadbafeee2236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
DGxoYUVUm8C62fiZvIhE8_xCE7kKJ55k
etag
W/"ab8eeb0a8a25fa65488ac91faedddf75"
age
233196
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
VXOz_HTtsNY_kXonX1rhMtr5NZIDLFyX-jVoA-W90MwCVjWS8CgrGA==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/css
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:41:13 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
4755.eb8e513068b88cfee2f3.css
app.nzrplus.com/style/css/ 		511 B
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/4755.eb8e513068b88cfee2f3.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

etag
"f48980685b25397bcd242dffdc9446e7"
x-amz-version-id
34a4evjM4gVsObiy5TCbz0h8tPOG0PTC
age
233196
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ma4boGXcqD2LuaULrYIoFIgsdBCL5-SMYA5BdJjvemenCTbRDh-gmg==
date
Thu, 31 Oct 2024 15:41:45 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 15:41:13 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
511
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
6465.a83815e3167fa11093d1.css
app.nzrplus.com/style/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/6465.a83815e3167fa11093d1.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaa61a57eb9011135aa9eff941b8f2b918c997846a7c34f4635bf8ec3e0987cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
s01zw2s4q0j5JDY1JIfg9iaqAfa8LeEF
etag
W/"5aa19c3d24a7e86e80b25f337dce5adf"
age
162138
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
8dP1JYMeA4Kg2vUoFLKNLnXjI_K7Hs2EEstIcSl19G3r--OB9EiQoA==
date
Fri, 01 Nov 2024 11:26:03 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 11:25:48 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7121.829b1c6eb29edd9cd974.css
app.nzrplus.com/style/css/ 		363 B
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/7121.829b1c6eb29edd9cd974.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

etag
"8a9c8ed7c197723e2929b511b17a1870"
x-amz-version-id
CAnA61uHSs7_CXfJX6mN8dnDgx6iijnI
age
1104212
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
B0Vvq3Y7E1mbzhtq98XH--5twDsHqVO5NGI8eqnzPQdNoVgvLSyGZA==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 13:44:35 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
363
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
app.cec65d912263e5dc8337.css
app.nzrplus.com/style/css/ 		680 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/app.cec65d912263e5dc8337.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc2d7942ebaaad93fcce9d9a91c8af21c6984f65869530d9a39580207ea90e5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
KY3kIsIjRE6jAbUYIGYbynrkUbMhHgRo
etag
W/"de0353f04cead351192e3924945237e4"
age
244654
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
AYE6um2e9TTdZBGgc3V3tJB71uC4StHygpCHtkIIfHWWRuFSDJd0KQ==
date
Thu, 31 Oct 2024 12:30:47 GMT
content-type
text/css
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 12:30:19 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
nzrHead.lppvE.js
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
363 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000
etag
"9b571aee0d300ee8b4a1ba9e3c4d4f72"
age
22931
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
363
x-amz-cf-id
Z2FF32_XtwHsla8Q2GfXtS-Ch3he3VP0wjQrwPn7rvFvwmzTOrdrRQ==
date
Sun, 03 Nov 2024 02:06:39 GMT
content-type
text/javascript
last-modified
Wed, 26 Jul 2023 10:14:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding, Origin

Redirect headers

cache-control
no-transform, max-age=10
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
processing-time
1
request-id
f271deca532097d7
loc
eu-west-1
content-length
0
date
Sun, 03 Nov 2024 08:28:21 GMT
vary
Realm, Authorization, Origin
/
dce-frontoffice.imggaming.com/api/v1/init/ 		93 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true&countEvents=LIVE&menuTargetPlatform=WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d028:30:2005:e252:8692:afb:481 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3c495ec61c378feee924c7c2bc52699a091d4a8860eee30855415d4f41fc0160

Request headers

Referer
https://app.nzrplus.com/
Accept-Language
de-DE
x-app-var
6.57.10.e7d78e2
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
app
dice
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
cache-control
private, no-transform, max-age=10
content-encoding
gzip
access-control-allow-credentials
true
processing-time
75
request-id
540d4c2ef3f370e7
loc
eu-west-1
access-control-allow-origin
https://app.nzrplus.com
date
Sun, 03 Nov 2024 08:28:41 GMT
content-language
en-GB
content-type
application/json
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
48x48px_NZR_2B.Y3EFe.png
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24c497ecc263349550bde56fcab6d2e7970c399ea2e37bb7cce56d172c7f9078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000
etag
"575bd4acd570cc681cef6c637a739942"
age
23277
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
6413
x-amz-cf-id
r47j6Rvb7_61md_2Qngx3C9edtcN7H76ufWcJ11-2XQ3KsjB0EN8eg==
date
Sun, 03 Nov 2024 02:06:17 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 20:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding, Origin

Redirect headers

cache-control
no-transform, max-age=10
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
processing-time
1
request-id
45634a706e853a13
loc
eu-west-1
content-length
0
date
Sun, 03 Nov 2024 08:28:41 GMT
vary
Realm, Authorization, Origin
/
dce-frontoffice.imggaming.com/api/v1/init/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true&countEvents=LIVE&menuTargetPlatform=WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d028:30:2005:e252:8692:afb:481 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,content-type,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sun, 03 Nov 2024 08:28:41 GMT
loc
eu-west-1
processing-time
1
request-id
fe857af2f6e93251
vary
Origin
gtm.js
www.googletagmanager.com/ 		306 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: dce-frontoffice.imggaming.com
URL: https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6babab8d1edb3869d158c428da8d9f93ed3afa82cee7e81d394e506598718f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 03 Nov 2024 08:28:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105024
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&scrsrc=www.googletagmanager.com&frm=0&rnd=537769740.1730622522&auid=1391717378.1730622522&npa=1&gtm=45He4au0v9135919949za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730622521698&tfd=21357&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers
js
www.googletagmanager.com/gtag/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61bf9f87140aaf24ef5407a63e7d3220c4e9f4f34b8cb9760ef4330ffb2984c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 03 Nov 2024 08:28:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99121
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		277 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58ac3b23dd82048943c6d530868393ac93be5e1e3d11c8cede72ab72323b4bcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 03 Nov 2024 08:28:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98002
x-xss-protection
0
server
Google Tag Manager
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Sun, 03 Nov 2024 08:28:41 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Sun, 03 Nov 2024 08:28:42 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 00:10:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000084-IAD, cache-muc13920-MUC
x-amz-server-side-encryption
AES256
5wvkdl27.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/5wvkdl27.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
6f6b9157a7df0138d93753381b3d4ae8243001f23d5edbff25155482fbe9dd7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"cfbd0dea192640b82fafb77279090faa"
date
Sun, 03 Nov 2024 08:28:41 GMT
last-modified
Tue, 27 Aug 2024 20:44:04 GMT
cdn-cachedat
10/11/2024 11:26:32
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-amz-id-2
hYYL8MnUIPATMDap8kiGgeKkg2HEjyZDLGCK+c6ZSzEkWkCFaHCKRtJOEkiFIYqSu7CG8BRTjl8=
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid
41cf7086538357b98d44d41b3679e7b3
cross-origin-resource-policy
cross-origin
cdn-pullzone
89704
cdn-proxyver
1.04
x-amz-request-id
F22SXGR7GR7SCKNB
access-control-allow-origin
*
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-RwqRIR8T' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 08:28:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-RwqRIR8T' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
IDjh6bUtQ8DpifTrQuF2JgTxPfsQQgxpVb0qNPDEYw4ZlCqJ72zMOSsjasAlDrNJckMcYx4zhgWr2oBdkZMb7w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQAT78RC77U89M86LU00&lib=ttq
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a571f3d29bede1596b180e0115a1cac7b222623b9e81dbc1741cb881f22d7ca4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-100-58.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires
Sun, 03 Nov 2024 08:28:42 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=6, inner; dur=2
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
f0ff73ab.917f4b07
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca2581a649f4872c196f5dbde8be799c343f52c5ede649848c36e54c55c86ae20d426959fa99638f8b7623b160413557d9ad8ad95bf1fe6a51ef2c275d6130c6b10571e28ad4b2413efbc84d9a83d0f98563fd59281c1158fb2e208d4315c8c6b2b83
x-origin-response-time
7,23.48.100.58
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24110308284145603B38AEC57ABB3B88-3EFFAC097E522922-00
x-parent-response-time
95,2.20.179.79
x-tt-logid
2024110308284145603B38AEC57ABB3B88
server
nginx
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame FB0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapp.nzrplus.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
320420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 15:28:22 GMT
expires
Thu, 30 Oct 2025 15:28:22 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5wvkdl27.json
l.getsitecontrol.com/ 		2 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/5wvkdl27.json
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cdn-status
200
access-control-max-age
3000
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"5431bd08fbdc586ce4a626e511d9c579"
access-control-allow-methods
GET, HEAD
date
Sun, 03 Nov 2024 08:28:42 GMT
last-modified
Tue, 27 Aug 2024 20:44:04 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
2NWW0bRcuCFzRbty4NTibcL+tdT95PimrtiEvWob0tbzcWNhcz8ZY9PG6CdtoCkGdC9TE1GfsN3S2vP4D0ryUwHcl74sxW+5wyqkto47mqE=
cdn-cachedat
10/02/2024 19:10:22
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestpullcode
200
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid
fa79b86458e1c5785c833fca23111ba5
cross-origin-resource-policy
cross-origin
cdn-pullzone
89704
cdn-proxyver
1.04
x-amz-request-id
KKHDZXKZGG8VD9Q6
access-control-allow-origin
*
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
696296242296371
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.176&r=stable&domain=app.nzrplus.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c64d8f4a8834f0e579d9cd637e2cd505dda5ac0aa432ef8229080076fd1da700
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Z9kIvq2R' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 08:28:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Z9kIvq2R' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=24, c=55, mss=1232, tbw=99150, tp=88, tpl=24, uplat=1, ullat=-1
pragma
public
x-fb-debug
xlrpDmUOvhWZ1r2YNMwTGTph1Kw8FK+AYJEK1nrLQZJ/1yIr3zUMof+fepiIXe9SYfJr55ZzlpOSTp4DPucHsQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13397
x-xss-protection
0
origin-agent-cluster
?1
config
pixel-config.reddit.com/pixels/t2_gfeyuwzzi/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_gfeyuwzzi/config
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/json
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1730622521935&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e8c9348f-8daf-4374-bad9-bab69aad5e96&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
image/gif
server
Varnish
481997073503704
connect.facebook.net/signals/config/ 		34 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.176&r=stable&domain=app.nzrplus.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07dfd8c9cee86bda7672a384b1039a45e31d29ed9e0556f6f5947d51785a1d0e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WU3y6AbH' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 08:28:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WU3y6AbH' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=24, c=55, mss=1232, tbw=113662, tp=103, tpl=24, uplat=1, ullat=-1
pragma
public
x-fb-debug
SKAU40KsUhLdCCDFExDYRuC/pWYjOLaebZKuzxbewcEwq9lkhzitO9wZZ/hYW44uMzCct6lw1ObEjgO0uJTbvA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
5205
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&rl=&if=false&ts=1730622521944&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730622521943.14669075334515264&ler=empty&cdl=API_unavailable&it=1730622521899&coo=false&rqm=GET
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1328, tbw=2928, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&rl=&if=false&ts=1730622521944&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730622521943.14669075334515264&ler=empty&cdl=API_unavailable&it=1730622521899&coo=false&rqm=FGET
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432967134770156595"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5341738332322eb0","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["24242884968643471"]},"debug_reporting":true,"debug_key":"3485458063510190247"}
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
P3QlItTqjW0XJSwmn7kXm8c0sWBa7xBjGhdUB3+EIV2ZKHkgVDMfuIAvwjYLdUeOEzSXIMyBTtjTTDaeDKXTuA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432967134770156595", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1328, tbw=3278, tp=-1, tpl=-1, uplat=198, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&rl=&if=false&ts=1730622521985&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730622521943.14669075334515264&ler=empty&cdl=API_unavailable&cs_est=true&it=1730622521899&coo=false&rqm=GET
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1328, tbw=2928, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&rl=&if=false&ts=1730622521985&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730622521943.14669075334515264&ler=empty&cdl=API_unavailable&cs_est=true&it=1730622521899&coo=false&rqm=FGET
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432967135081472766"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
F2e8T7yQZAjP2uB++TmxzHRfKIF2dVy07KgFQea82KsAnFuJ61NllEOxWmc0YVF9ZyVsV674YIC6D2YZznlbRQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432967135081472766", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=1, c=10, mss=1328, tbw=6345, tp=-1, tpl=-1, uplat=250, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
main.MTJhNGMzN2YwMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		342 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQAT78RC77U89M86LU00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

x-cache
TCP_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
x-tt-trace-id
00-24102412350324BE6FB237655795831B-386077514D51FE6C-00
content-length
97029
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024102412350324BE6FB237655795831B
server
nginx
x-akamai-request-id
917f4e10
x-tt-trace-host
01065a2385fa2aba8a15366ad8d7e7dcf7f1094eb67277ef5aa3f4cd223f082b9aa63f359125699cc5e077f1b135e20d17d4d219a3cf05b372aeeb99632b6eac8769851d570b9e990939ccb23c8b3e5b2761f47085af1b9bd3496e5c5faf8b63a7
moment.locale.29.8dc7bc20fcacbce49443.js
app.nzrplus.com/code/js/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/moment.locale.29.8dc7bc20fcacbce49443.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec348742734cd47b39b29fe2787496edce370f31a6f5c3cc5c3333f94a429557

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
v2ykJ58fRnWHuTIqDZWyB_GbXnmcPlFE
age
233217
etag
W/"8326d3052837c8162643126a30d0a8ae"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aBujcLCn3EjkX0vAefg_iIes3Id9LTBVura4ciNwgRli83GTh9IdNw==
date
Thu, 31 Oct 2024 15:41:46 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:41:07 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		306 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-ML4CN7G8
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afd308743639a9d42801565bdb2f6bafbc8caf2c4cfc31208a57354a2f4d169d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 03 Nov 2024 08:28:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105257
x-xss-protection
0
server
Google Tag Manager
356.a2f94f5d68f2ca03c25f.js
app.nzrplus.com/code/js/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/356.a2f94f5d68f2ca03c25f.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f72d461b7d8c592052fdd8a46e6f077ad67d79a0f563c8e43cd6756606d4d7fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
6CHaTyhnlop10x2FUwpYDgLbOipOfaB7
age
233217
etag
W/"26c023035067feb7cf41a87e8a143314"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Dms2Zrjtj9QjzcFV2yZ87dVReH8THDAbEr7mkBQaP6U_j-Ju0GCsRQ==
date
Thu, 31 Oct 2024 15:41:46 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:59 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1577.74df5c2531504188098b.js
app.nzrplus.com/code/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/1577.74df5c2531504188098b.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf561a98ed9f9d1e0d393b8614389d687d23806ff86be4a6de652e6ca488618d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
etag
W/"9e316b0069667429196f5aa2867736ed"
age
233217
x-amz-version-id
N6U1RlAweaI7LmuLz2Udf_6bU42kMVOV
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
sO1unSsWiW9uet_Ta6HEyGE15H8thx1rGIDNj-cK_AtGnsCEvB-Vyw==
date
Thu, 31 Oct 2024 15:41:46 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 15:40:57 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1126.0e2a8b141ff057b0164c.js
app.nzrplus.com/code/js/ 		467 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/1126.0e2a8b141ff057b0164c.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c1b8832e30adabb06efc55a1cc00668d4fa1ee1dde6cc366007b43389f835e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
etag
W/"e9459c1029399513d62d9e6e0fe7d5e1"
age
233217
x-amz-version-id
poLCZhwE5mMakhGweDBvebA69eplSikz
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WMTNLFHbOW5kHeiiR5FeGKzwHTuLjZE578hgH1mihavJM4qqnQIILg==
date
Thu, 31 Oct 2024 15:41:46 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
2323.f36dcc99ace8a2c4b141.js
app.nzrplus.com/code/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/2323.f36dcc99ace8a2c4b141.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99f4277b7b4970c8c4da6caf0f51773c5783be94517a8b757d74b9aeed04a227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
uO88aUyCnuqazglCzTJsY3DgdqCKp7ry
age
233217
etag
W/"b1e94b2942d8ddb72917761c5b7945ed"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
rwi9A1m-f-ry_0ap9k2opP09ivuo-jvJq-mbaqby65pxMA1JyiL2ow==
date
Thu, 31 Oct 2024 15:41:46 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:40:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
language-toggle.35bf96c05be4d2e7ef30.js
app.nzrplus.com/code/js/chunks/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/language-toggle.35bf96c05be4d2e7ef30.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d997642dbbc49a0e3f509c47d715e6f27e7ab414183a980df333b7cc636dbf6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.3544396471261775

Response headers

content-encoding
gzip
x-amz-version-id
9mOm0oE82TK5T7TghwjBOfJnA2hVzmcU
age
233217
etag
W/"818087c525891c43f4e535c0086a4105"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
syqL1pJLSLHABwKnRiySFl6qsarfDVfsaam4ijKDvPRqLdDbPh1bhQ==
date
Thu, 31 Oct 2024 15:41:46 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 31 Oct 2024 15:41:03 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		404 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87868150a60697d5362a684be5aafdc82dfc61c749172ac718e7364825caa196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 03 Nov 2024 08:28:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132841
x-xss-protection
0
server
Google Tag Manager
NZ-RUGBY-.qqUAg.ZJ26g.sw1B3.png
content-images.onvesper.com/prod/AUTOx1080-webp/dce.nzrugby/settings/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content-images.onvesper.com/prod/AUTOx1080-webp/dce.nzrugby/settings/NZ-RUGBY-.qqUAg.ZJ26g.sw1B3.png?ts=1689838856
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-121.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b9643f42f6bf496563a0d5010b8db208f7e182712d77f7b2a32580e2efd9d58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000, public
etag
"0f6523f45fb6b303d6ebbdd9a8d6c3d5"
age
2672481
via
1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
91112
x-amz-cf-id
BFfOdmoqye8xCEXAv922SVv4D14XU_zY_W5jxez73nSrXj0oosWYlw==
date
Thu, 03 Oct 2024 10:07:22 GMT
content-type
image/webp
last-modified
Thu, 03 Oct 2024 10:07:14 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
NZR-LOGO.kRlmE.png
static.diceplatform.com/prod/AUTOx110/dce.nzrugby/settings/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.diceplatform.com/prod/AUTOx110/dce.nzrugby/settings/NZR-LOGO.kRlmE.png?ts=1689765879
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2626db49490c808b2d66a9123b776f96e1600d2b9d4d8f34aca68ae6f38f4e4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000, public
etag
"0abc3cb7d379447bc4ae37a731c1ce3a"
age
4663612
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
6563
x-amz-cf-id
9_HPdQfxofYc4F41dd-GtPJAx-RKiNnuw9TI7DfDkC0mJ-AgEfsuIQ==
date
Tue, 10 Sep 2024 09:01:51 GMT
content-type
image/png
last-modified
Wed, 19 Jul 2023 12:08:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
Origin
NZR-LOGO.kRlmE.png
content-images.onvesper.com/prod/AUTOx110-webp/dce.nzrugby/settings/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content-images.onvesper.com/prod/AUTOx110-webp/dce.nzrugby/settings/NZR-LOGO.kRlmE.png?ts=1689765879
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-121.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c120a3af5b37e3fa04d1b4a7ae7ef0e684de79d58bc785eca12e3618188c41d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000, public
etag
"e705c394eba54483ad856191f09c6a9d"
age
2672491
via
1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
4686
x-amz-cf-id
nyJvtrT7Tq54M-PP6aqjBMOcx3mQhD9FSlOQ8pxI_lwXoSBu1lguxA==
date
Thu, 03 Oct 2024 10:07:12 GMT
content-type
image/webp
last-modified
Thu, 03 Oct 2024 10:07:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d028:30:2005:e252:8692:afb:481 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba97dffd8f3fb8050b345a743f09ce61fcc0ab80b24e251b945304fe76c2a72a

Request headers

Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MzA2MjI1MjEsImRldiI6IkJST1dTRVIiLCJlbnQiOnsiYXNpIjpbNDE0M10sImlhaSI6WzMwNzVdfSwiZW52IjoicHJvZCIsImV4cCI6MTczMDYyMzEyMSwiZ3VlIjp0cnVlLCJpYXQiOjE3MzA2MjI1MjEsImlwIjoiMjAwMToxYjYwOjEwMTA6MzoxMDExOmU0ZTM6YmFjNTpiNDNjIiwiaXNzIjoiZGNlLWlkIiwibG8yIjoiREUsLCxaWkMsLDEsMSwwIiwicGFyIjowLCJwcm8iOnsiaWQiOiJvc21QM3p8YTFjNjZkNTMtZTE0My00ZTVkLTk0ZWEtYjhiNTIxOWEwNTM4IiwidHAiOiJhIn0sInJvbCI6IkNVU1RPTUVSIiwic3ViIjoib3NtUDN6fGExYzY2ZDUzLWUxNDMtNGU1ZC05NGVhLWI4YjUyMTlhMDUzOCIsInV0cCI6IkhVTUFOIn0.CqyuwqV1ucVL-KaY15XetRaH0GkDhJKhzldfk-FJ1py2dNfJscce8OwGWer1r48Qd1D_IyJ-vHoyjIr8HuqrNw06uwD9lMXoeDpt9gYoNVhIeA5og6HY_yomVSQ94dDOtk53yW9suJ43GnPHkgAxrmDsfvdPIS3d1PPhsKmfjDI
Referer
https://app.nzrplus.com/
Accept-Language
en-GB
x-app-var
6.57.10.e7d78e2
Realm
dce.nzrugby
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
app
dice
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
outside-region
VPN
content-encoding
gzip
access-control-allow-credentials
true
processing-time
4
request-id
975f7cfcb17867a3
loc
eu-west-1
access-control-allow-origin
https://app.nzrplus.com
content-length
732
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/json
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d028:30:2005:e252:8692:afb:481 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sun, 03 Nov 2024 08:28:42 GMT
loc
eu-west-1
processing-time
1
request-id
7930063b22f73449
vary
Origin
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
x-tt-trace-id
00-2408300225259566A772C0142480CD10-602315FD6571BF12-00
content-length
39455
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202408300225259566A772C0142480CD10
server
nginx
x-akamai-request-id
917f515a
x-tt-trace-host
013c7db2a56d644dc8fd7f6e7ecd689b12a07851d62b1d7cbea7620bdccb515c6097130239d0d03cd7097d4e2c6d6c93d708d19d604bda57f5f1af32042e6c53070f89e179ae570644e5bbf2061d1e6fc869a20a793784dee2941056a3936597ab
pangle_pixel
analytics.pangle-ads.com/api/v2/ 		0
996 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.92.123 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-210-92-123.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://app.nzrplus.com/

Response headers

access-control-max-age
86400
x-cache-remote
TCP_MISS from a23-36-67-232.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-02978ab5588da6405be9084889a03f78) (-)
x-bytefaas-request-id
20241103082842400373696F1428B775F4
access-control-allow-methods
*
expires
Sun, 03 Nov 2024 08:28:42 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=10, inner; dur=5
x-cache
TCP_MISS from a23-46-181-155.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-02978ab5588da6405be9084889a03f78) (-)
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
text/plain; charset=utf-8
x-akamai-request-id
b3d778a.e43054a
x-bytefaas-execution-duration
4.04
access-control-allow-headers
*
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca258e11dcda3ea059f8fcd43340a1faae842acdb9fbf599b39caca74d172332cfe274b4ee6d42c22b71e43dfb98e5b4e115e0c0ef55fb4fba3961452c30b8e78a88cccec1d5eb9a7a9c58e4b3526a30f833c62022ceb0cc22a553e9a9794afc3478a
x-origin-response-time
10,23.36.67.232
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-credentials
true
access-control-allow-origin
*
x-tt-trace-id
00-241103082842400373696F1428B775F4-11D14A6F47983000-00
content-length
0
x-parent-response-time
17,23.46.181.155
x-tt-logid
20241103082842400373696F1428B775F4
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
875 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://app.nzrplus.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-58.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sun, 03 Nov 2024 08:28:42 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=32, inner; dur=28
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Sun, 03 Nov 2024 08:28:42 GMT
x-akamai-request-id
f0ff7d23.917f518f
access-control-allow-headers
Authorization,*
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca2581a649f4872c196f5dbde8be799c343f52c5ede649848c36e54c55c86ae20d4262c2e28f8be6356589b735280b029d64187dfcc79a9ba9adf2fc818e55f3e846b14ad3e8574f5f9cecb3ccbc5744b71031b7fc32f33da8925ea2788b5f8a1c8ca
x-origin-response-time
32,23.48.100.58
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241103082842798CBEA8E11FAABD0536-6573A68845BBFC74-00
content-length
0
x-parent-response-time
118,2.20.179.79
x-tt-logid
20241103082842798CBEA8E11FAABD0536
server
nginx
National2Condensed-Medium.ttf
static.diceplatform.com/prod/original/dce.nzrugby/fonts/ 		107 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/fonts/National2Condensed-Medium.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae194a3960a19a104a204ecf869413e95b230ba6a1a748177d323e6ebfe9160e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.nzrplus.com
Referer
https://app.nzrplus.com/

Response headers

access-control-expose-headers
*
content-encoding
gzip
etag
W/"a49afdc1e2e5bdf230fca04e4ed78ec1"
age
28027
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
kBfXqP7PJDtWnJ0fyOVq4p9GKpAEkQlRE39NKCS_KZU1L330uXz2OA==
date
Sun, 03 Nov 2024 00:42:00 GMT
content-type
font/ttf
last-modified
Thu, 03 Aug 2023 13:19:39 GMT
vary
Accept-Encoding
cache-control
max-age=86400
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P7
server
AmazonS3
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4au0v9137464323z89135919949za200zb9135919949&_p=1730622521491&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=462295759.1730622522&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730622522&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&dt=Login%20-%20New%20Zealand%20Rugby&en=dice_navigation.general&_fv=1&_nsi=1&_ss=2&tfd=21895
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.b6542aa55afff02d7433.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.nzrplus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7MSG54SCKT&cid=462295759.1730622522&gtm=45je4au0v9137464323z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.nzrplus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7MSG54SCKT&cid=462295759.1730622522&gtm=45je4au0v9137464323z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=613564662
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 03 Nov 2024 08:28:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
adsct
t.co/1/i/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2624%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=fea32ca4-3552-42af-be5d-5ff184b8d2f5&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=3d04f1e7-7ed7-4224-89ec-85aa586df7c6&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.31
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
02c69be2a5f5236b
cache-control
no-cache, no-store, max-age=0
x-connection-hash
5a83b3dbaab37d3128eaccc5e5ef0f9659ee4063cea7f8fd030d8a4b18cabe28
cf-cache-status
DYNAMIC
cf-ray
8dcafe0c8e2937ca-FRA
x-response-time
102
content-length
43
date
Sun, 03 Nov 2024 08:28:42 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2624%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=fea32ca4-3552-42af-be5d-5ff184b8d2f5&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=3d04f1e7-7ed7-4224-89ec-85aa586df7c6&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.3544396471261775&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.31
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.3544396471261775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
ec3e10a911312d71
cache-control
no-cache, no-store, max-age=0
x-connection-hash
86a0802579c1d7abcbd263cb89bb4aff665b13d63dd7fb7bc7ed07ff70968e04
x-response-time
169
content-length
43
date
Sun, 03 Nov 2024 08:28:41 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
act
analytics.tiktok.com/api/v2/pixel/ 		0
717 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://app.nzrplus.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sun, 03 Nov 2024 08:28:42 GMT
server-timing
inner; dur=23, cdn-cache; desc=MISS, edge; dur=6, origin; dur=113
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Sun, 03 Nov 2024 08:28:42 GMT
x-akamai-request-id
917f58a0
access-control-allow-headers
Authorization,*
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca2582aedf56d3461d17f2f60c8287e76afdac492d51747bbd1f6f3d56bd97176e03273887255fc2ba6a3fab7e46b854e7e0e665c30b8cb43e31aff91e69b5e8d93ac8799e1ff287a6717bd52e719b3101426
x-origin-response-time
113,2.20.179.79
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411030828424A0F4471C726B9BF2146-2A4820184752A15F-00
content-length
0
x-tt-logid
202411030828424A0F4471C726B9BF2146
server
nginx
48x48px_NZR_2B.Y3EFe.png
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Protocol
H2
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24c497ecc263349550bde56fcab6d2e7970c399ea2e37bb7cce56d172c7f9078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000
etag
"575bd4acd570cc681cef6c637a739942"
age
23277
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
6413
x-amz-cf-id
r47j6Rvb7_61md_2Qngx3C9edtcN7H76ufWcJ11-2XQ3KsjB0EN8eg==
date
Sun, 03 Nov 2024 02:06:17 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 20:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding, Origin

Redirect headers

cache-control
no-transform, max-age=10
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
processing-time
1
request-id
45634a706e853a13
loc
eu-west-1
content-length
0
date
Sun, 03 Nov 2024 08:28:41 GMT
vary
Realm, Authorization, Origin

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _sentryDebugIds string| _sentryDebugIdIdentifier object| webpackChunkdice_web object| regeneratorRuntime object| __SENTRY__ object| ENV_CONF string| APP_READY object| AUTH_PROVIDERS object| APP_CONF string| VERSION string| OUTPUT_FOLDER boolean| USE_OPTIMIZED_IMAGES object| __algolia object| dataLayer object| google_tag_manager object| google_tag_data function| rdt function| twq function| gsc function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| redditNormalizeEmail string| REALM object| DOMAINS object| PAYMENT_PROVIDERS object| APPS object| MARKETING_PROVIDERS object| RAW_REALM_SETTINGS object| digitalData function| gtag object| DEFAULT_LICENCES object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| __sentry_instrumentation_handlers__ object| _jelly_sdks function| onYouTubeIframeAPIReady object| gaGlobal object| twttr

14 Cookies

Domain/Path Name / Value
.nzrplus.com/ Name: _gcl_au
Value: 1.1.1391717378.1730622522
.nzrplus.com/ Name: _rdt_uuid
Value: 1730622521934.e8c9348f-8daf-4374-bad9-bab69aad5e96
.nzrplus.com/ Name: _fbp
Value: fb.1.1730622521943.14669075334515264
.tiktok.com/ Name: _ttp
Value: 2oKe6pKHZF0riOR4MOk2nTmY2xV
.nzrplus.com/ Name: _tt_enable_cookie
Value: 1
.nzrplus.com/ Name: _ttp
Value: BUR5X8uqS6Yhvi1_ZhQkvAC1veJ
.nzrplus.com/ Name: _ga_7MSG54SCKT
Value: GS1.1.1730622522.1.0.1730622522.60.0.0
.nzrplus.com/ Name: _ga
Value: GA1.1.462295759.1730622522
.t.co/ Name: muc_ads
Value: c07bd796-857a-472d-a3a7-4b416e17e7a3
.t.co/ Name: __cf_bm
Value: OU7G1Cd6o4xv05RrJeIeiZzzUk3Zrwhzar3ixTFvgkc-1730622522-1.0.1.1-0uV.nOAEY8oHP5KRQKD48pF.8oN9ug5vu_KOSLJTmFXoMLaPZq_kKX_0eXAwjhRZyPECchc7utjYwQZtSmmkYQ
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173062252243470244
.twitter.com/ Name: guest_id_ads
Value: v1%3A173062252243470244
.twitter.com/ Name: personalization_id
Value: "v1_5zFK2jcqEy33meCnzYTmbA=="
.twitter.com/ Name: guest_id
Value: v1%3A173062252243470244

4 Console Messages

Source Level URL
Text
other warning URL: https://app.nzrplus.com/login/0.3544396471261775
Message:
A preload for 'https://app.nzrplus.com/assets/fonts/Roboto-Bold.ttf' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://app.nzrplus.com/login/0.3544396471261775
Message:
A preload for 'https://app.nzrplus.com/assets/fonts/Roboto-Medium.ttf' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://app.nzrplus.com/login/0.3544396471261775
Message:
The resource https://app.nzrplus.com/assets/fonts/Roboto-Bold.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://app.nzrplus.com/login/0.3544396471261775
Message:
The resource https://app.nzrplus.com/assets/fonts/Roboto-Medium.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
app.nzrplus.com
connect.facebook.net
content-images.onvesper.com
dce-frontoffice.imggaming.com
l.getsitecontrol.com
pixel-config.reddit.com
region1.analytics.google.com
static.ads-twitter.com
static.diceplatform.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
104.244.42.195
13.32.110.121
151.101.129.140
151.101.193.140
172.66.0.227
18.66.112.18
199.232.188.157
2.18.64.26
2001:4860:4802:34::36
23.210.92.123
2400:52e0:1e00::1080:1
2a00:1450:4001:802::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::396
2a05:d028:30:2005:e252:8692:afb:481
3.160.150.113
07dfd8c9cee86bda7672a384b1039a45e31d29ed9e0556f6f5947d51785a1d0e
0c729fad09aa63019148650c0911be544710d8cf3c524ada317db20052d04642
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5
1ebbdfe8e6167ab14ebca683e0192eac13a7ba9555f02a0996e19bcf996ce81f
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
24c497ecc263349550bde56fcab6d2e7970c399ea2e37bb7cce56d172c7f9078
2626db49490c808b2d66a9123b776f96e1600d2b9d4d8f34aca68ae6f38f4e4f
2a64549a0da2a6ccdcb72b4baad16c5338254a2e8f37c5ebeccc31b998ca7f1f
2cd60cc0fee6754f01f2a089a37f1b4377c6d37522b0a47cb869a3fec06090a6
300f99a314ff53328ec07cc93a826e671ba360511562fe8d322f3742192c6c24
3c495ec61c378feee924c7c2bc52699a091d4a8860eee30855415d4f41fc0160
417d55e3680632e3818c920c59446b5c5e3713d4ec1373a738a14a7e68dc9c94
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
58ac3b23dd82048943c6d530868393ac93be5e1e3d11c8cede72ab72323b4bcc
5c1b8832e30adabb06efc55a1cc00668d4fa1ee1dde6cc366007b43389f835e3
61bf9f87140aaf24ef5407a63e7d3220c4e9f4f34b8cb9760ef4330ffb2984c9
6babab8d1edb3869d158c428da8d9f93ed3afa82cee7e81d394e506598718f79
6f6b9157a7df0138d93753381b3d4ae8243001f23d5edbff25155482fbe9dd7f
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7b9643f42f6bf496563a0d5010b8db208f7e182712d77f7b2a32580e2efd9d58
7d8017815d48aa1821eeccb3b7325ce09a82ce61e716ba286c2adb5a7221b3c6
8559132c89ad51d8a2ba5b171887a44a7ba93776e205f553573de228e64b45f8
87868150a60697d5362a684be5aafdc82dfc61c749172ac718e7364825caa196
89834d08418c88b54a7a2091c3b583b1033155fbe7442237e76cd6b05c34e513
8cb0a5f6e18b8e142732eea392d477cb0223aaee4c31c3c5d243bcd530ddb864
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9763c6626b220a17942e771fd003d9152e5f9fa71e80ba3ffd7baddcf6518c99
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
99f4277b7b4970c8c4da6caf0f51773c5783be94517a8b757d74b9aeed04a227
a1533213db37cb55aea8591f1c6d6725937d2aeb67276842801633eeb6ec89c2
a571f3d29bede1596b180e0115a1cac7b222623b9e81dbc1741cb881f22d7ca4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaa61a57eb9011135aa9eff941b8f2b918c997846a7c34f4635bf8ec3e0987cc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae194a3960a19a104a204ecf869413e95b230ba6a1a748177d323e6ebfe9160e
afd308743639a9d42801565bdb2f6bafbc8caf2c4cfc31208a57354a2f4d169d
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393
b5a72d4d710727c6283714bae4cf0f389dd5dd6bce3af88cc854ee2f6c6fc11c
ba97dffd8f3fb8050b345a743f09ce61fcc0ab80b24e251b945304fe76c2a72a
be063c457404fc1e1b30b0dd90b45cb8b4a35ec7e2181812ebe185a146928ccc
c120a3af5b37e3fa04d1b4a7ae7ef0e684de79d58bc785eca12e3618188c41d0
c64d8f4a8834f0e579d9cd637e2cd505dda5ac0aa432ef8229080076fd1da700
c64f63e7f679542e1fc164573f0d77392471ddf42b0f21a34acaadbafeee2236
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf561a98ed9f9d1e0d393b8614389d687d23806ff86be4a6de652e6ca488618d
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d75f373f9caa34a375f400c1f3ba8ddd12d67874daeae172212056e900ce9f40
d997642dbbc49a0e3f509c47d715e6f27e7ab414183a980df333b7cc636dbf6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec348742734cd47b39b29fe2787496edce370f31a6f5c3cc5c3333f94a429557
ec6a3b9d94374e98c7490486c89e9709ebe3cf0765ac4b8ce214cf6f06ff5de0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f72d461b7d8c592052fdd8a46e6f077ad67d79a0f563c8e43cd6756606d4d7fc
fc2d7942ebaaad93fcce9d9a91c8af21c6984f65869530d9a39580207ea90e5b
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236