urlscan.io logo urlscan.io
SecurityTrails logo

app.nzrplus.com Open in urlscan Pro
18.66.112.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.nzrplus.com/login/0.7888667795448743
Submission: On October 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 68 HTTP transactions. The main IP is 18.66.112.18, located in United States and belongs to AMAZON-02, US. The main domain is app.nzrplus.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 26th 2024. Valid for: a year.
This is the only time app.nzrplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    18.66.112.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-18.fra56.r.cloudfront.net
app.nzrplus.com
7    2a05:d024:60:2003:d87d:a1b5:38f6:8a45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
dce-frontoffice.imggaming.com
5    18.173.205.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-12.fra56.r.cloudfront.net
static.diceplatform.com
5    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    108.138.26.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-116.fra56.r.cloudfront.net
content-images.onvesper.com
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 _, GB)
l.getsitecontrol.com
3    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
5    23.36.162.198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-198.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net
www.google.de
3    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
27 nzrplus.com
app.nzrplus.com
1 MB
7 imggaming.com
dce-frontoffice.imggaming.com — Cisco Umbrella Rank: 135322
31 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
500 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
139 KB
5 diceplatform.com
static.diceplatform.com — Cisco Umbrella Rank: 215408
59 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 19637
2 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 onvesper.com
content-images.onvesper.com
94 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
554 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
545 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
724 B
1 t.co
t.co — Cisco Umbrella Rank: 859
625 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
15 KB
68 17
Domain Requested by
27 app.nzrplus.com app.nzrplus.com
7 dce-frontoffice.imggaming.com 3 redirects app.nzrplus.com
6 www.googletagmanager.com app.nzrplus.com
dce-frontoffice.imggaming.com
www.googletagmanager.com
5 www.facebook.com 1 redirects
5 analytics.tiktok.com app.nzrplus.com
analytics.tiktok.com
5 static.diceplatform.com app.nzrplus.com
3 connect.facebook.net app.nzrplus.com
connect.facebook.net
2 l.getsitecontrol.com www.googletagmanager.com
app.nzrplus.com
2 www.redditstatic.com www.googletagmanager.com
app.nzrplus.com
2 content-images.onvesper.com app.nzrplus.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com app.nzrplus.com
1 analytics.twitter.com
1 t.co
1 alb.reddit.com
1 pixel-config.reddit.com app.nzrplus.com
1 static.ads-twitter.com www.googletagmanager.com
68 18

This site contains no links.

Subject Issuer Validity Valid
app.nzrplus.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
*.imggaming.com
GeoTrust TLS RSA CA G1		 2024-08-01 -
2024-11-11		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
content-images.onvesper.com
Amazon RSA 2048 M03		 2024-07-11 -
2025-08-09		 a year crt.sh
*.diceplatform.com
Amazon RSA 2048 M02		 2024-08-14 -
2025-09-11		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2024-03-05 -
2025-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-30 -
2025-09-29		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.de
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.nzrplus.com/login/0.7888667795448743
Frame ID: 4B6472F14EDFFC71F89C232E31A214C7
Requests: 65 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapp.nzrplus.com
Frame ID: FEEC6E5C1E4DCA40F44DE2B1E8AFEEAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - New Zealand Rugby

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

68
Requests

94 %
HTTPS

35 %
IPv6

17
Domains

18
Subdomains

20
IPs

3
Countries

2322 kB
Transfer

8135 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Request Chain 22
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Request Chain 46
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Request Chain 62
  • https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&rl=&if=false&ts=1729598504971&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598504967.458119318626474268&ler=empty&cdl=API_unavailable&it=1729598504624&coo=false&exp=h3&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?redirect=0&rqm=GET&exp=h3&coo=false&it=1729598504624&cdl=API_unavailable&ler=empty&fbp=fb.1.1729598504967.458119318626474268&o=12318&ec=0&r=stable&v=2.9.172&sh=1200&sw=1600&ts=1729598504971&if=false&rl=&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&ev=PageView&id=696296242296371

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.7888667795448743
app.nzrplus.com/login/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7734f90b3f309724cf474c181b8a6bec0c7f7648d7c8a7f157da958e8f1871c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=5
content-encoding
gzip
content-type
text/html
date
Tue, 22 Oct 2024 12:01:41 GMT
etag
W/"11182c1a5e25c68d96739bdd4e170f8b"
last-modified
Tue, 22 Oct 2024 10:38:33 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-id
hVtSq07abzL8abFzuC5LjnlR80s9NS_WjVpzu9UcH4PHwC-WYfkSgw==
x-amz-cf-pop
FRA56-P5
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
fjhylGXRycmWqP3FYPAzwkEnQ9GaAfyS
x-cache
Error from cloudfront
moment.127b09d22f25a9f8db02.js
app.nzrplus.com/code/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/moment.127b09d22f25a9f8db02.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7699bb5f21891a53f2c25669c149b297176624569b1cae636f0d37fed2a46cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
WbPi9d4ININyJpUrCQIdpLvbT_ZZybnK
etag
W/"bbca3f6be7eec8c59d68afc37944afc8"
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ZKZLIhDL94BOM_meHYnYvVqI_G6-ipf3AoYSazhNarHk7xyYssG2Fg==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:35 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
182.ef0d7c4261e6357749ed.js
app.nzrplus.com/code/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/182.ef0d7c4261e6357749ed.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a0503b00742793d03ec95d16a37e44b797a4dca38b820b6117dba714cb72229

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
JJ3KJyD4fB7aYG1uHHfCKYNS36t0Y3gk
etag
W/"c65c12e724d1da50a6403dc60484dd9b"
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
lM-putoLSHwvPMLouyRr_qICdQrDlry8sjoulC8gtKGPka33aaMFiQ==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7110.ffe76331b9c12345bb06.js
app.nzrplus.com/code/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/7110.ffe76331b9c12345bb06.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0b8e2c32676f7ae493d4d65028df30cf81930174f337fd1ac6e79b9869e1f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"dae0600b86e3d7fb0995ee2b8c083551"
age
80213
x-amz-version-id
Rb3n3lWdgTat9p6tRncom5Qi.0sFbTyq
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
o4PJE00L2A6OB75FFwy3E54GJByvqnoXO6cxnklfqxDcyIdTghBZ9Q==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:25 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1476.6573cb4eed103fc006e6.js
app.nzrplus.com/code/js/ 		2 MB
435 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/1476.6573cb4eed103fc006e6.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d830042494072ae0c12a159f2756d08592c92771dc0c65677ee96d5cc6cda24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"4c8658c0fe50b98bb8a6ef647ea750e3"
age
80213
x-amz-version-id
un4Pvi8nHEbVwc99HMpevBxKYFZH9Rub
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
fl18m2zKa2If9cLi94UNDnYwWHlbxFt0HOEch2PWvP6JVgvfPQYiQg==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
8287.bd0dc573ba5571d38109.js
app.nzrplus.com/code/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/8287.bd0dc573ba5571d38109.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6184e96a3901a1bd32446b9a39fc5b94ebb53514db2005509346a88dfd38c1e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"b37c5acff8f9a562ce4cbca88ea06cbd"
age
80213
x-amz-version-id
r__raw9Td8hyPELh7_6ecTe4QvEFCBiJ
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
5UNI1eMpY7N0YurgcoU9zMAkIP0mqPZdiuF77ar_xU9ubH_8AbvOEg==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:25 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
5555.46e6c4c4228b102ce34d.js
app.nzrplus.com/code/js/ 		295 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/5555.46e6c4c4228b102ce34d.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f650e416d6beea3f398054c42e32e757731a373bd94130862148e7d06538a7cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"99f412bed2019ee62e76abb737c2d5b3"
age
80213
x-amz-version-id
FBBl7oVc5exejjSFtxll6Y5iCYFlW3Sx
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NZD66Zt83G3QC-9FR3gupTDEEw-qojg8ZZLA5_bq-4lDdN-kAFwt_g==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7779.a30c57b7272da46f729f.js
app.nzrplus.com/code/js/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/7779.a30c57b7272da46f729f.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74fcc02cc39430c4dee37821f9494ed2cc84e46f6b97bfe7e70269a177b021b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"55cf163472a5e4cfe8a794a7915c23a5"
age
80213
x-amz-version-id
B3nPvQnKRvvsyajkKnIxDD7LFwAXzbDy
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
PQW6c9vd2oxJ3cUUVy2usbw5UTLpMXXGdTJGLUbgcEVIgsyFF5sQYQ==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:25 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
6441.b9a457bb2cc886f2ea6f.js
app.nzrplus.com/code/js/ 		1 MB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/6441.b9a457bb2cc886f2ea6f.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef5db8e13594619af2b130b4d792183562b5770df81347b3a7fbe0644ef984d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"15c7d40e15954a7833b1a47fac835036"
age
80213
x-amz-version-id
xkOk.f97knLcWlzS.XaFDyB_2ly8wYrA
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
t7WTXaIhtgzpyyC0sQG1HjIE0avDW3_1zCj2lij760_rL_zgoaCXnw==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
3336.ba6d3391f875eb62e1b3.js
app.nzrplus.com/code/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/3336.ba6d3391f875eb62e1b3.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c092ee91aa6a4d4f4ccf146907d8a85c55f3732bbb0cf5b5c6ec09dd15469950

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"543b4314032fc75cb49191aec135f3a9"
age
80213
x-amz-version-id
Vp_GvoIkF50miFVyrjhdjcOCsr4JLffj
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yBIpCTUZPxRN_I-rxefGTSCIQGhbGfR5JCy9Ap9yyw8MpvMCLxEcHg==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1765.36ad9870e21e6a1ea9a1.js
app.nzrplus.com/code/js/ 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/1765.36ad9870e21e6a1ea9a1.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95791e147bcde41b485f38066343984c0f612ec43a25eda8cac083ab75b809a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"90c840e11c5ff64187d43d248d5b7119"
age
73249
x-amz-version-id
PxLBww59RyrBjBly51hUx.qhtS8vduZz
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
a97TXLk0zbC_0lHVLdMVSEFfhb7k4CErUaRDxgohHKVIVZoGSEexQA==
date
Mon, 21 Oct 2024 15:40:53 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 15:37:32 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
8817.4b416c725349bab9be54.js
app.nzrplus.com/code/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/8817.4b416c725349bab9be54.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca41fa3d3ef3cd2cc990289e338ec858ba3900ca4b4d9a6854250485b1ea9ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"c10a7c84a79d8543546bef652691f158"
age
80213
x-amz-version-id
oTmr7JLTHz4SG9rDQQ1RKm6CeJW4oK5z
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
VH9s8zq4mfG602-HyExHCd7Fg6uoFGNW2ybpO9ptlNu1i0t0IInChw==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:25 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
4727.ed31fe9e2bda764735ba.js
app.nzrplus.com/code/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/4727.ed31fe9e2bda764735ba.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
191726803b80a65a16436a521a632432ab762fa74b0f27f00dc743a0d634c705

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"a0fc2ed8ea94e5e7412e3a7c54eb19b9"
age
80213
x-amz-version-id
.Ayc7pB6U1CkkiXJqFl45Zo_x7nHsT0D
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
K4qU0u1vsunRP5SaMuamx4DIpCtQ9d0ffotk2lrn6AIXYMoiak8kSg==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7258.f0310bb3d639ef7e26df.js
app.nzrplus.com/code/js/ 		336 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/7258.f0310bb3d639ef7e26df.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24d5efcb4add024d267cfc340613d9f55735695703bdd2a852acb66d3b731866

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"723f34d03c80a227daedfe1712aab71d"
age
4966
x-amz-version-id
zBeumdlYLrupo_qlF3RW6ocULnpLiyn2
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
fJyNRk0PX5lqmPNDkDOLUdBQ8pHADhW5prh_PZS0rfTpDJ6wXhE6tw==
date
Tue, 22 Oct 2024 10:38:56 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 10:38:22 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
app.e92ec4e87ea4ea75396c.js
app.nzrplus.com/code/js/ 		326 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eccf96ccc54ad8c0dfd394f2688eeb9b79ea99e8fecde741a9a38235e1a9e5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"d7f251bab113febce26fa422446a2133"
age
4966
x-amz-version-id
IvY37Do3oG7ZmTkqixs7xPo78JkSj7wV
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
khBl1TMvAvC1HjOgB1XZAms9H49yCyepfNIt_0ztMdbzPRe8WvGDTQ==
date
Tue, 22 Oct 2024 10:38:56 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 10:38:22 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
5555.a6b5f208ca8d6d78e3fa.css
app.nzrplus.com/style/css/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/5555.a6b5f208ca8d6d78e3fa.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a7def728cedbf82e228c7fad8367ffd5a27c1cef8e5723cea30d28bf5c52caa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
BlytV3jhtbac6SU2VuutLxa11NGXIoun
etag
W/"d4e490674404f618f80d00a6f03e91b5"
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
lkB4vDE9-G6-DgSwJAJU8Y7cUidvII89IzcXvyrmh3Cg2CEAo9lbFw==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:35 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
6441.81d1abf99e6509fb1712.css
app.nzrplus.com/style/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/6441.81d1abf99e6509fb1712.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c64f63e7f679542e1fc164573f0d77392471ddf42b0f21a34acaadbafeee2236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
XsF9MMnNqRaVlCmVRSzjm59ctweGxFmR
etag
W/"ab8eeb0a8a25fa65488ac91faedddf75"
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aOogd2i3BMQ602gajJaDuFFIhP11qy4GUerjo1YJh0Kau64eYL_K-w==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:35 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1765.ca16f5fdd4770d338b22.css
app.nzrplus.com/style/css/ 		1 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/1765.ca16f5fdd4770d338b22.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c295fe7461670262798dbe4baf9c9b90c60993a15e6671b254f883a2eda872e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
9zC3BkNAgHlageGNjCI2xjLR_w.y7YPd
etag
W/"f282a646bb9fef6abe447f4e8cb53122"
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
2UOW5X_lSUEIUqjVovVt_LWzO3dcMjoxZdny2NCeIeJJHGW0F1LFCA==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:35 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7258.0ebb5dd9d60108e57212.css
app.nzrplus.com/style/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/7258.0ebb5dd9d60108e57212.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3c837e58f0d151a4a8a1e996f36c0b4345406b2b23d0351f1253d6d92953ff6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
4x2ATbRKXX6bx1gl1fnjIX2vV9X3FsVr
etag
W/"ce49d04ab20d620c979b79431c832e69"
age
4967
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pkeZRZE9tR5uiGoUoLv9A8GifHMKZRYMezqhgOF2mJhcxMf5ZnVTpg==
date
Tue, 22 Oct 2024 10:38:55 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 10:38:31 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
7121.829b1c6eb29edd9cd974.css
app.nzrplus.com/style/css/ 		363 B
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/7121.829b1c6eb29edd9cd974.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

etag
"8a9c8ed7c197723e2929b511b17a1870"
x-amz-version-id
CAnA61uHSs7_CXfJX6mN8dnDgx6iijnI
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
RxkmkS_Kxl8n8gtv3LcngKTGMvo9JMXmLkC0dTs_HdPdv06hgOcdBw==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 13:44:35 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
363
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
app.2f0884c8c59a996472c4.css
app.nzrplus.com/style/css/ 		678 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/css/app.2f0884c8c59a996472c4.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdefa1bdea8829e19e113fd7aaaa5cd1fa821940a64b33f7b66d4662c2b8c3a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
x-amz-version-id
yV2UaSS0tzyAG5S7vV2BmPR583nsiIKR
etag
W/"0fa31cd421f1abbf6b5aff45ffd706cd"
age
80213
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
B3tosCMZRBcHZ_CAlZ7gYSuwODhwr5K8paLp-d4r4aUTXL734Zi_lw==
date
Mon, 21 Oct 2024 13:44:49 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:36 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
nzrHead.lppvE.js
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
363 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Server
18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

etag
"9b571aee0d300ee8b4a1ba9e3c4d4f72"
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
content-length
363
x-amz-cf-id
j09ksU6ObzpgjzrJITTm4_nDjBPyvW9HmE99XSiEx2Qp-wEzhBwrOA==
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
text/javascript
last-modified
Wed, 26 Jul 2023 10:14:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding, Origin

Redirect headers

cache-control
no-transform, max-age=10
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
processing-time
1
request-id
ee6c9503e77b8c79
loc
eu-central-1
content-length
0
date
Tue, 22 Oct 2024 12:01:41 GMT
vary
Realm, Authorization, Origin
/
dce-frontoffice.imggaming.com/api/v1/init/ 		93 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true&countEvents=LIVE&menuTargetPlatform=WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d024:60:2003:d87d:a1b5:38f6:8a45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
11797b850c2923f6a9dfc0724277dc74b2db608e74493d3ae584ac5e8b449072

Request headers

Referer
https://app.nzrplus.com/
Accept-Language
de-DE
x-app-var
6.57.10.7b15447
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
app
dice
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
cache-control
private, no-transform, max-age=10
content-encoding
gzip
access-control-allow-credentials
true
processing-time
86
request-id
9a0ed6071fce33b2
loc
eu-central-1
access-control-allow-origin
https://app.nzrplus.com
date
Tue, 22 Oct 2024 12:01:42 GMT
content-language
en-GB
content-type
application/json
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
48x48px_NZR_2B.Y3EFe.png
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Server
18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24c497ecc263349550bde56fcab6d2e7970c399ea2e37bb7cce56d172c7f9078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

etag
"575bd4acd570cc681cef6c637a739942"
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
content-length
6413
x-amz-cf-id
rQ2J4Yc6PbNlXyRFhnKYCA_IzU4ptzWhezopwkwszyc4UBDpb0B6sQ==
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 20:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding, Origin

Redirect headers

cache-control
no-transform, max-age=10
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
processing-time
1
request-id
7df71b141338e4a8
loc
eu-central-1
content-length
0
date
Tue, 22 Oct 2024 12:01:42 GMT
vary
Realm, Authorization, Origin
/
dce-frontoffice.imggaming.com/api/v1/init/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true&countEvents=LIVE&menuTargetPlatform=WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d024:60:2003:d87d:a1b5:38f6:8a45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,content-type,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Tue, 22 Oct 2024 12:01:42 GMT
loc
eu-central-1
processing-time
1
request-id
a92249baa0efc1cc
vary
Origin
moment.locale.29.24b6f5babc45e2195942.js
app.nzrplus.com/code/js/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/moment.locale.29.24b6f5babc45e2195942.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c31a46a462f3b7907e26eae39affe6a8d128ce1e47c8b92b5717270f7a92a7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"18a7eefbd9638308292cefb713a97ff0"
age
80214
x-amz-version-id
DSegEK3kS0TSj.7atLSgfeN5hZhLauMz
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
b7yYQUp92DNqNOfqmV89Rac0WEhskYTPWBYTTr6m4U_HO-RRzln2Ng==
date
Mon, 21 Oct 2024 13:44:50 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:31 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		301 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-ML4CN7G8
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68ee9d70697051da8c164c935d915e83053fd36d075ca67fb72ad03c6a5aed35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 12:01:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103241
x-xss-protection
0
server
Google Tag Manager
356.36946af960692f90d8c3.js
app.nzrplus.com/code/js/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/356.36946af960692f90d8c3.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a09136893f8761577b7c99544041b53cdc983a5a28d02aeaef97c85c36973de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"54c59a7daf8e7d5ba858ad0093d4b805"
age
80214
x-amz-version-id
HtKBHtXspgwYF3IlpnXG6AWxQ2zDhDuD
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NqB35vrEFBWwBPqIStcQ5PsSdWWMMy87PVPCot8vYWkwVmA7JJqSUA==
date
Mon, 21 Oct 2024 13:44:50 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:26 GMT
x-amz-replication-status
PENDING
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1577.73b12628e3dad74a11c0.js
app.nzrplus.com/code/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/1577.73b12628e3dad74a11c0.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f35112d5591821d3f83168ee1e0f9c9b8742da2edbdfeafeabf49795a03834b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"3b8bde0fd9a7f3772ada6ed4e31610e4"
age
80214
x-amz-version-id
jCoN_f22LxMbUAvGYIbluv2HUbPOt3r3
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FPQbG0WqtP2DzacgJAHYnqOFMtC_O0ONgFq_WS5d3gvZ70x-HffZ7A==
date
Mon, 21 Oct 2024 13:44:50 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:25 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
8575.b05c360588be9481ca94.js
app.nzrplus.com/code/js/ 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/8575.b05c360588be9481ca94.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52bc69481ba4516220630d8de50eee2c76c9435caa519a0c80affd1b0be5a607

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"d58950ef612a44f6bb5df3f43d110861"
age
80213
x-amz-version-id
b_Cg2ls7DSBjz5RwTVfaS9KGq.5TjVNn
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
jCswZYMex5Z27H3OFApwjXza29BllDLFunwC8aZ2eAURG8h46mM_Bg==
date
Mon, 21 Oct 2024 13:44:51 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:25 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
1126.54ae871c104fbcd4fa55.js
app.nzrplus.com/code/js/ 		467 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/1126.54ae871c104fbcd4fa55.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59e71432b8884c71194d78df37a35710b9b373f4016823fe833a19c7e3af6a0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"673359f99b7f7222c8b4ad15880bc5cd"
age
80213
x-amz-version-id
ENe7aP_HYzRJO06Y8SDZknUMGo21BqDD
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
cbzkyHXP339qoigASf_ChQSlK75iPIQ1kjusufEH8svZiHM9kPjTYQ==
date
Mon, 21 Oct 2024 13:44:51 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:24 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
language-toggle.c41a85dea971003ca49b.js
app.nzrplus.com/code/js/chunks/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/js/chunks/language-toggle.c41a85dea971003ca49b.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ae1aa509f726bc80f2a0e9f1824411265823234b2b3a21c7bbb211bd78c57d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/login/0.7888667795448743

Response headers

content-encoding
gzip
etag
W/"e7af4eb40bf7a8eafb8a0ee0e46a3d1c"
age
80213
x-amz-version-id
5EM6IR.mVHz_Pc0dF5B64F68pS.6KAKz
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
TCSK74-PixaG6YvusBlFlD0ER2wfknvZMrpF6RO7oWLBFqIfu376Xg==
date
Mon, 21 Oct 2024 13:44:51 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 13:44:29 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
NZ-RUGBY-.qqUAg.ZJ26g.sw1B3.png
content-images.onvesper.com/prod/AUTOx1080-webp/dce.nzrugby/settings/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content-images.onvesper.com/prod/AUTOx1080-webp/dce.nzrugby/settings/NZ-RUGBY-.qqUAg.ZJ26g.sw1B3.png?ts=1689838856
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b9643f42f6bf496563a0d5010b8db208f7e182712d77f7b2a32580e2efd9d58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000, public
etag
"0f6523f45fb6b303d6ebbdd9a8d6c3d5"
age
1648462
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
91112
x-amz-cf-id
g2_ip0RBZ3sZck3lvqTN8GwWVB0DATAg3yRZxe7-WpJK8QL47Qk2Ig==
date
Thu, 03 Oct 2024 10:07:22 GMT
content-type
image/webp
last-modified
Thu, 03 Oct 2024 10:07:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
NZR-LOGO.kRlmE.png
static.diceplatform.com/prod/AUTOx110/dce.nzrugby/settings/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.diceplatform.com/prod/AUTOx110/dce.nzrugby/settings/NZR-LOGO.kRlmE.png?ts=1689765879
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2626db49490c808b2d66a9123b776f96e1600d2b9d4d8f34aca68ae6f38f4e4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000, public
etag
"0abc3cb7d379447bc4ae37a731c1ce3a"
age
27614909
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
6563
x-amz-cf-id
MmiMMaNP7yZTp8ITiRq1IODkG4a7wgdYpXzghk3ucy_BpqOnnS54xg==
date
Thu, 07 Dec 2023 21:13:15 GMT
content-type
image/png
last-modified
Wed, 19 Jul 2023 12:08:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Origin
NZR-LOGO.kRlmE.png
content-images.onvesper.com/prod/AUTOx110-webp/dce.nzrugby/settings/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content-images.onvesper.com/prod/AUTOx110-webp/dce.nzrugby/settings/NZR-LOGO.kRlmE.png?ts=1689765879
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c120a3af5b37e3fa04d1b4a7ae7ef0e684de79d58bc785eca12e3618188c41d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=31536000, public
etag
"e705c394eba54483ad856191f09c6a9d"
age
1648472
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
4686
x-amz-cf-id
27RJOrAhwNcI5JufNhPPnH9wHUsy8b2OUMNEcMknkJFdegaSkTfjWg==
date
Thu, 03 Oct 2024 10:07:12 GMT
content-type
image/webp
last-modified
Thu, 03 Oct 2024 10:07:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
gtm.js
www.googletagmanager.com/ 		300 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: dce-frontoffice.imggaming.com
URL: https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdf6ec5012b14ee1e0ffd5952438d12f2996b0e6859bbecf5e9c6d83aa033b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 22 Oct 2024 12:01:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103165
x-xss-protection
0
server
Google Tag Manager
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d024:60:2003:d87d:a1b5:38f6:8a45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba97dffd8f3fb8050b345a743f09ce61fcc0ab80b24e251b945304fe76c2a72a

Request headers

Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3Mjk1OTg1MDIsImRldiI6IkJST1dTRVIiLCJlbnQiOnsiYXNpIjpbNDE0M10sImlhaSI6WzMwNzVdfSwiZW52IjoicHJvZCIsImV4cCI6MTcyOTU5OTEwMiwiZ3VlIjp0cnVlLCJpYXQiOjE3Mjk1OTg1MDIsImlwIjoiMjAwMToxYjYwOjI6MjQwOjMyNDc6MDowOjciLCJpc3MiOiJkY2UtaWQiLCJsbzIiOiJERSwsLFpaQywsMSwxLDAiLCJwYXIiOjAsInBybyI6eyJpZCI6IkpNOWRMSHw3NWJkMjg4Yi05MmVmLTQ5ZGMtYTQxMC03MDgzNzY2MThkOTQiLCJ0cCI6ImEifSwicm9sIjoiQ1VTVE9NRVIiLCJzdWIiOiJKTTlkTEh8NzViZDI4OGItOTJlZi00OWRjLWE0MTAtNzA4Mzc2NjE4ZDk0IiwidXRwIjoiSFVNQU4ifQ.vXhC3wzCp0ZPJkIV37TQx8knaDhjOIflanUdQ8GUMLnyS6armPYrbDtbtF9VdPXXZcJ90sJpqNQBtVt-RNkoNjYZjdoSszc0qUmGawzjBbVBBZHm-N59VUgwi_WXk9Kntb5mrPaUMgYLnkHgBj_KSVbOvE4ETBr3uywOPQJo7_4
Referer
https://app.nzrplus.com/
Accept-Language
en-GB
x-app-var
6.57.10.7b15447
Realm
dce.nzrugby
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
app
dice
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
outside-region
VPN
content-encoding
gzip
access-control-allow-credentials
true
processing-time
1
request-id
cc21bdeb7c9de640
loc
eu-central-1
access-control-allow-origin
https://app.nzrplus.com
content-length
732
date
Tue, 22 Oct 2024 12:01:43 GMT
content-type
application/json
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d024:60:2003:d87d:a1b5:38f6:8a45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN,ReplacementAuthorisation
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Tue, 22 Oct 2024 12:01:43 GMT
loc
eu-central-1
processing-time
0
request-id
e5f68b065c34bf40
vary
Origin
National2Condensed-Medium.ttf
static.diceplatform.com/prod/original/dce.nzrugby/fonts/ 		107 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/fonts/National2Condensed-Medium.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae194a3960a19a104a204ecf869413e95b230ba6a1a748177d323e6ebfe9160e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.nzrplus.com
Referer
https://app.nzrplus.com/

Response headers

x-amz-cf-id
vn0Qpdzh680SyUYRPCp7MnQGJ8_FdUXH_h8BtLeZ4YC3nd9NrZo5SQ==
access-control-expose-headers
*
content-encoding
gzip
etag
W/"a49afdc1e2e5bdf230fca04e4ed78ec1"
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
font/ttf
last-modified
Thu, 03 Aug 2023 13:19:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3ca32b8ceb12cbe63f66a98cf97cccae8e49da40432e131b32191a4f53bbd7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 12:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96943
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		271 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e99b65f128e519d48e1e352bfe49dc554bb39708344c543014b07746b9a80608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 22 Oct 2024 12:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95980
x-xss-protection
0
server
Google Tag Manager
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Tue, 22 Oct 2024 12:01:44 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Tue, 22 Oct 2024 12:01:44 GMT
x-tw-cdn
FT
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000168-IAD, cache-muc13951-MUC
x-amz-server-side-encryption
AES256
5wvkdl27.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/5wvkdl27.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
6f6b9157a7df0138d93753381b3d4ae8243001f23d5edbff25155482fbe9dd7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"cfbd0dea192640b82fafb77279090faa"
date
Tue, 22 Oct 2024 12:01:44 GMT
last-modified
Tue, 27 Aug 2024 20:44:04 GMT
cdn-cachedat
10/11/2024 11:26:32
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-amz-id-2
hYYL8MnUIPATMDap8kiGgeKkg2HEjyZDLGCK+c6ZSzEkWkCFaHCKRtJOEkiFIYqSu7CG8BRTjl8=
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid
039e87bb77ab0086ca8c869f877010b1
cross-origin-resource-policy
cross-origin
cdn-pullzone
89704
cdn-proxyver
1.04
x-amz-request-id
F22SXGR7GR7SCKNB
access-control-allow-origin
*
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		227 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4560, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
3OymK/q5J6RWHykj+TgWVle6l/rPhC9whYnHAFvmcWCZM6PBo12/1hWZ8J9avphbyc13G+5x1YoWQT9wUnBevQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59352
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQAT78RC77U89M86LU00&lib=ttq
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/login/0.7888667795448743
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-198.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e8961a878dc800c9dc2d1622c9b143efeb8caf2d30bf868109a369b4dc2b202

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
expires
Tue, 22 Oct 2024 12:01:44 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=12, origin; dur=114
x-cache
TCP_MISS from a23-206-213-198.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
f046da5
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d76f3ebf85d2f42be587f02ee07330c123809124b72765cc52ea920c5d6fa220e435262b41bdc29af0ec93f85b98a6ca858b816771c1cb9205e9f07e2d5c45e90de648a20a89bf58ae6f3d2dc3517148ac
x-origin-response-time
115,23.206.213.198
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24102212014465C5EEE582095F922B16-0CDCEC979E426737-00
content-length
2074
x-tt-logid
2024102212014465C5EEE582095F922B16
server
nginx
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame FEEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapp.nzrplus.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
51469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 21:43:55 GMT
expires
Tue, 21 Oct 2025 21:43:55 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
48x48px_NZR_2B.Y3EFe.png
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/FAVICON_WEB/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
Protocol
H2
Server
18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24c497ecc263349550bde56fcab6d2e7970c399ea2e37bb7cce56d172c7f9078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

etag
"575bd4acd570cc681cef6c637a739942"
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
content-length
6413
x-amz-cf-id
rQ2J4Yc6PbNlXyRFhnKYCA_IzU4ptzWhezopwkwszyc4UBDpb0B6sQ==
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 20:42:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding, Origin

Redirect headers

cache-control
no-transform, max-age=10
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/48x48px_NZR_2B.Y3EFe.png?ts=1728506540
processing-time
1
request-id
7df71b141338e4a8
loc
eu-central-1
content-length
0
date
Tue, 22 Oct 2024 12:01:42 GMT
vary
Realm, Authorization, Origin
config
pixel-config.reddit.com/pixels/t2_gfeyuwzzi/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_gfeyuwzzi/config
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/json
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1729598504537&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=7ee57234-fdc5-4536-9065-112c9fff7422&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
image/gif
server
Varnish
5wvkdl27.json
l.getsitecontrol.com/ 		2 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/5wvkdl27.json
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cdn-status
200
access-control-max-age
3000
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"5431bd08fbdc586ce4a626e511d9c579"
access-control-allow-methods
GET, HEAD
date
Tue, 22 Oct 2024 12:01:44 GMT
last-modified
Tue, 27 Aug 2024 20:44:04 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
2NWW0bRcuCFzRbty4NTibcL+tdT95PimrtiEvWob0tbzcWNhcz8ZY9PG6CdtoCkGdC9TE1GfsN3S2vP4D0ryUwHcl74sxW+5wyqkto47mqE=
cdn-cachedat
10/02/2024 19:10:22
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-requestpullcode
200
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid
31cf1b7cfb4fd609f4fa37863e4cca37
cross-origin-resource-policy
cross-origin
cdn-pullzone
89704
cdn-proxyver
1.04
x-amz-request-id
KKHDZXKZGG8VD9Q6
access-control-allow-origin
*
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		328 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
59e8ece696d544b046afa36acf1e8dec7c3384bce54b9edf71fce1d7af3a4661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 22 Oct 2024 12:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110812
x-xss-protection
0
server
Google Tag Manager
696296242296371
connect.facebook.net/signals/config/ 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.172&r=stable&domain=app.nzrplus.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0aa915058cb072fdb48904a7698546899cb8d2c53d2ea98b06ee3f01879cfd42
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=68, mss=1232, tbw=67600, tp=65, tpl=0, uplat=140, ullat=0
pragma
public
x-fb-debug
9tTndSjz5clQoS+lCdBw23+d1NSHzCUNvYQbT1/G5N8GtHWsOKJJUV1VX4SeNTlgxT3sbaivo+qywaulL5flTQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
adsct
t.co/1/i/ 		43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4b5b28b1-de70-4f3b-9c98-8e8bc4331ce9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4012a372-6dfa-451a-9ce2-a1066a791861&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
528bbdda97469127
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c985d1c32920d61133cd37d057e6d52c7efaa0a53d9e9e1920a601f728e907dd
cf-cache-status
DYNAMIC
cf-ray
8d6955a03de9dc6c-FRA
x-response-time
172
content-length
43
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4b5b28b1-de70-4f3b-9c98-8e8bc4331ce9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4012a372-6dfa-451a-9ce2-a1066a791861&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
c4be07a31574930a
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7512ca00b02c1bce058c61a3e2e8a7b2fa3f17e43cec611f475ebee5c030bb0c
x-response-time
167
content-length
43
date
Tue, 22 Oct 2024 12:01:44 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
main.MWMyZjYwMzkyMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		342 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQAT78RC77U89M86LU00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-198.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

x-cache
TCP_MEM_HIT from a23-206-213-198.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2410171143292F1DDC4CD17AA034361A-2B31819F303B91A2-00
content-length
97021
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202410171143292F1DDC4CD17AA034361A
server
nginx
x-akamai-request-id
f0470df
x-tt-trace-host
01dc5c62a5e55e163c3f56bba1faa7513ca526a301dc14757382fb7511b3d7be654124a5dc79b6b34381ac029ad99c18fadf771e511fabfc93cd3f6382ee7e97d14924a119aad523e8d915c53b7701f76f5aef05508bca72ee341287f19dea92c8
collect
region1.analytics.google.com/g/ 		0
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4ah0v9137464323z89135919949za200zb896579455&_p=1729598503186&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848~101836706&cid=277896036.1729598505&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729598504&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&dt=Login%20-%20New%20Zealand%20Rugby&en=dice_navigation.general&_fv=1&_nsi=1&_ss=2&tfd=4305
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/js/app.e92ec4e87ea4ea75396c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.nzrplus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7MSG54SCKT&cid=277896036.1729598505&gtm=45je4ah0v9137464323z89135919949za200zb896579455&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848~101836706
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.nzrplus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7MSG54SCKT&cid=277896036.1729598505&gtm=45je4ah0v9137464323z89135919949za200zb896579455&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848~101836706&tag_exp=101686685~101823848~101836706&z=249923901
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 12:01:45 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-198.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

x-cache
TCP_MEM_HIT from a23-206-213-198.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-240830022530C1C0C89A31163C845E4C-25F48E1399FF78E6-00
content-length
39366
date
Tue, 22 Oct 2024 12:01:44 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240830022530C1C0C89A31163C845E4C
server
nginx
x-akamai-request-id
f04733f
x-tt-trace-host
017c32674b05ee762ed0c2ba09c0b477898765fa45ccb6d54e2788d64957a600ddb47fbe846788861098933064282fb603a17ff296a261562875eb883d578e781b99436cd7610bd27b627e826f9665ec30bbf525ad3fe91c9e6789b045d4e5b837
pixel
analytics.tiktok.com/api/v2/ 		0
874 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-198.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://app.nzrplus.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-56.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 22 Oct 2024 12:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=148, origin; dur=36, inner; dur=32
x-cache
TCP_MISS from a23-206-213-198.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Tue, 22 Oct 2024 12:01:45 GMT
x-akamai-request-id
38cd89a5.f04740a
access-control-allow-headers
Authorization,*
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d76f3ebf85d2f42be587f02ee07330c12391ba8b71a198c30c5d8375784e7c22ab0e396d8464401307ba3cb6e0be88b8ab60fd2783d8dde4de03fbcaa644a4edf12d3043865b59b6936d42bdbd1f0ae788c0c9cc76fe31303b245a328bdb44c3bb
x-origin-response-time
36,23.48.100.56
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24102212014591DA1BD0F9A08C1212AC-7F97CECCA294C3B0-00
content-length
0
x-parent-response-time
174,23.206.213.198
x-tt-logid
2024102212014591DA1BD0F9A08C1212AC
server
nginx
481997073503704
connect.facebook.net/signals/config/ 		33 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.172&r=stable&domain=app.nzrplus.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
a27348b8ebf59257a3432180bc22989af80fe3dba6523cdfe698ad238419d640
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=70, mss=1232, tbw=81392, tp=79, tpl=0, uplat=183, ullat=0
pragma
public
x-fb-debug
MofqMwON5BlwOYMqUNoYDKrDLXq4j+h25yHZ+TKkhOG/sK3geU3UazhKalrAnXPp7zuwg3M+WkpjAqinTuZDcA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&rl=&if=false&ts=1729598504971&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=123...
  • https://www.facebook.com/tr/?redirect=0&rqm=GET&exp=h3&coo=false&it=1729598504624&cdl=API_unavailable&ler=empty&fbp=fb.1.1729598504967.458119318626474268&o=12318&ec=0&r=stable&v=2.9.172&sh=1200&sw=...
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?redirect=0&rqm=GET&exp=h3&coo=false&it=1729598504624&cdl=API_unavailable&ler=empty&fbp=fb.1.1729598504967.458119318626474268&o=12318&ec=0&r=stable&v=2.9.172&sh=1200&sw=1600&ts=1729598504971&if=false&rl=&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&ev=PageView&id=696296242296371
Protocol
H2
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=3518, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
text/plain
server
proxygen-bolt

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
location
/tr/?redirect=0&rqm=GET&exp=h3&coo=false&it=1729598504624&cdl=API_unavailable&ler=empty&fbp=fb.1.1729598504967.458119318626474268&o=12318&ec=0&r=stable&v=2.9.172&sh=1200&sw=1600&ts=1729598504971&if=false&rl=&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&ev=PageView&id=696296242296371
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2922, tp=-1, tpl=-1, uplat=0, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&rl=&if=false&ts=1729598504971&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598504967.458119318626474268&ler=empty&cdl=API_unavailable&it=1729598504624&coo=false&exp=h3&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569015102699778"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5341738332322eb0","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["24242884968643471"]},"debug_reporting":true,"debug_key":"2005384619969995859"}
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
WcajJsAceSlBgz+alUDa/+zjYblf+sYqelPNjHvnLtdZJOKVfz7cRmlsYBNOPRQ0jYGmR8nrnYoWYsg6ClIpGw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569015102699778", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=3692, tp=-1, tpl=-1, uplat=154, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
act
analytics.tiktok.com/api/v2/pixel/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-198.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://app.nzrplus.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 22 Oct 2024 12:01:45 GMT
server-timing
inner; dur=43, cdn-cache; desc=MISS, edge; dur=14, origin; dur=174
x-cache
TCP_MISS from a23-206-213-198.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Tue, 22 Oct 2024 12:01:45 GMT
x-akamai-request-id
f04765e
access-control-allow-headers
Authorization,*
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d76f3ebf85d2f42be587f02ee07330c1231d103eba675e30dc7f461f7a7dc6298d1cf18deb458b94e19aff3d0a459fbaf2991ea1018bc68b478786df9b0d764e00d42776401eb2396f1f530570a55db272
x-origin-response-time
174,23.206.213.198
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24102212014526A8F897975B9C13E848-762F934D498C16E0-00
content-length
0
x-tt-logid
2024102212014526A8F897975B9C13E848
server
nginx
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&rl=&if=false&ts=1729598505191&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598504967.458119318626474268&ler=empty&cdl=API_unavailable&cs_est=true&it=1729598504624&coo=false&exp=h3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4514, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Flogin%2F0.7888667795448743&rl=&if=false&ts=1729598505191&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598504967.458119318626474268&ler=empty&cdl=API_unavailable&cs_est=true&it=1729598504624&coo=false&exp=h3&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.nzrplus.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569014500883985"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 12:01:45 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Mq7UENSmZ92BGfK78gWTyUjEA/VX1ibJpqhIM9Tu4PHhLXHMtnPuU/TzRFJ5CvNsfHoRg3ISYUta8IaZSmyOIg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569014500883985", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4882, tp=13, tpl=0, uplat=168, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _sentryDebugIds string| _sentryDebugIdIdentifier object| webpackChunkdice_web object| regeneratorRuntime object| __SENTRY__ object| ENV_CONF string| APP_READY object| AUTH_PROVIDERS object| APP_CONF string| VERSION object| DORIS string| OUTPUT_FOLDER boolean| USE_OPTIMIZED_IMAGES object| __algolia function| WebVTTParser function| WebVTTCueTimingsAndSettingsParser function| WebVTTCueTextParser function| WebVTTSerializer function| setImmediate function| clearImmediate object| dashjs string| REALM object| DOMAINS object| PAYMENT_PROVIDERS object| APPS object| MARKETING_PROVIDERS object| RAW_REALM_SETTINGS object| digitalData object| dataLayer function| gtag object| DEFAULT_LICENCES object| google_tag_manager object| google_tag_data function| rdt function| twq function| gsc function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| redditNormalizeEmail object| twttr function| onYouTubeIframeAPIReady object| gaGlobal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| __sentry_instrumentation_handlers__ object| _jelly_sdks

14 Cookies

Domain/Path Name / Value
.nzrplus.com/ Name: _gcl_au
Value: 1.1.163562424.1729598504
.nzrplus.com/ Name: _rdt_uuid
Value: 1729598504520.7ee57234-fdc5-4536-9065-112c9fff7422
.tiktok.com/ Name: _ttp
Value: 2nnAXM25RMvHrsn9eetogtuWzqt
.nzrplus.com/ Name: _ga_7MSG54SCKT
Value: GS1.1.1729598504.1.0.1729598504.60.0.0
.nzrplus.com/ Name: _ga
Value: GA1.1.277896036.1729598505
.nzrplus.com/ Name: _tt_enable_cookie
Value: 1
.nzrplus.com/ Name: _ttp
Value: amFZ9PSunKFUSFiUhuuT5uFg3d3
.nzrplus.com/ Name: _fbp
Value: fb.1.1729598504967.458119318626474268
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172959850504197287
.twitter.com/ Name: guest_id_ads
Value: v1%3A172959850504197287
.twitter.com/ Name: personalization_id
Value: "v1_y3O++tIEo0dJG8QA/VH0Hw=="
.twitter.com/ Name: guest_id
Value: v1%3A172959850504197287
.t.co/ Name: muc_ads
Value: 20d82ea6-b378-4b4c-919c-33d8d0a5e02e
.t.co/ Name: __cf_bm
Value: hJyXfZ9aSWze7d8kQ7PDF99EEkqT1.WtkULn1Y8a.5U-1729598505-1.0.1.1-eyB7hkgBPXPaoD.btA7zH.NxVG9_1ai6X4XEkrCsdiy9zfVlJmuxfD9W5Ki0l3skgQuG_O2JAmBAyv101TNZ1A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
app.nzrplus.com
connect.facebook.net
content-images.onvesper.com
dce-frontoffice.imggaming.com
l.getsitecontrol.com
pixel-config.reddit.com
region1.analytics.google.com
static.ads-twitter.com
static.diceplatform.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
104.244.42.131
108.138.26.116
142.250.186.72
151.101.1.140
151.101.129.140
157.240.0.6
157.240.253.35
172.217.18.99
172.66.0.227
18.173.205.12
18.66.112.18
199.232.188.157
2001:4860:4802:34::36
23.36.162.198
2400:52e0:1e00::1082:1
2a00:1450:4001:828::2008
2a00:1450:400c:c00::9d
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::396
2a05:d024:60:2003:d87d:a1b5:38f6:8a45
0a0503b00742793d03ec95d16a37e44b797a4dca38b820b6117dba714cb72229
0aa915058cb072fdb48904a7698546899cb8d2c53d2ea98b06ee3f01879cfd42
0ae1aa509f726bc80f2a0e9f1824411265823234b2b3a21c7bbb211bd78c57d1
11797b850c2923f6a9dfc0724277dc74b2db608e74493d3ae584ac5e8b449072
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63
191726803b80a65a16436a521a632432ab762fa74b0f27f00dc743a0d634c705
1d830042494072ae0c12a159f2756d08592c92771dc0c65677ee96d5cc6cda24
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
24c497ecc263349550bde56fcab6d2e7970c399ea2e37bb7cce56d172c7f9078
24d5efcb4add024d267cfc340613d9f55735695703bdd2a852acb66d3b731866
2626db49490c808b2d66a9123b776f96e1600d2b9d4d8f34aca68ae6f38f4e4f
2eccf96ccc54ad8c0dfd394f2688eeb9b79ea99e8fecde741a9a38235e1a9e5f
3ca41fa3d3ef3cd2cc990289e338ec858ba3900ca4b4d9a6854250485b1ea9ac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
52bc69481ba4516220630d8de50eee2c76c9435caa519a0c80affd1b0be5a607
59e71432b8884c71194d78df37a35710b9b373f4016823fe833a19c7e3af6a0e
59e8ece696d544b046afa36acf1e8dec7c3384bce54b9edf71fce1d7af3a4661
5c31a46a462f3b7907e26eae39affe6a8d128ce1e47c8b92b5717270f7a92a7d
5e8961a878dc800c9dc2d1622c9b143efeb8caf2d30bf868109a369b4dc2b202
6184e96a3901a1bd32446b9a39fc5b94ebb53514db2005509346a88dfd38c1e4
68ee9d70697051da8c164c935d915e83053fd36d075ca67fb72ad03c6a5aed35
6a0b8e2c32676f7ae493d4d65028df30cf81930174f337fd1ac6e79b9869e1f6
6f6b9157a7df0138d93753381b3d4ae8243001f23d5edbff25155482fbe9dd7f
74fcc02cc39430c4dee37821f9494ed2cc84e46f6b97bfe7e70269a177b021b2
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7a09136893f8761577b7c99544041b53cdc983a5a28d02aeaef97c85c36973de
7b9643f42f6bf496563a0d5010b8db208f7e182712d77f7b2a32580e2efd9d58
8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1
8a7def728cedbf82e228c7fad8367ffd5a27c1cef8e5723cea30d28bf5c52caa
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9f35112d5591821d3f83168ee1e0f9c9b8742da2edbdfeafeabf49795a03834b
a27348b8ebf59257a3432180bc22989af80fe3dba6523cdfe698ad238419d640
a3ca32b8ceb12cbe63f66a98cf97cccae8e49da40432e131b32191a4f53bbd7b
a7699bb5f21891a53f2c25669c149b297176624569b1cae636f0d37fed2a46cb
a95791e147bcde41b485f38066343984c0f612ec43a25eda8cac083ab75b809a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae194a3960a19a104a204ecf869413e95b230ba6a1a748177d323e6ebfe9160e
b3c837e58f0d151a4a8a1e996f36c0b4345406b2b23d0351f1253d6d92953ff6
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393
b7734f90b3f309724cf474c181b8a6bec0c7f7648d7c8a7f157da958e8f1871c
ba97dffd8f3fb8050b345a743f09ce61fcc0ab80b24e251b945304fe76c2a72a
bdefa1bdea8829e19e113fd7aaaa5cd1fa821940a64b33f7b66d4662c2b8c3a8
bdf6ec5012b14ee1e0ffd5952438d12f2996b0e6859bbecf5e9c6d83aa033b11
c092ee91aa6a4d4f4ccf146907d8a85c55f3732bbb0cf5b5c6ec09dd15469950
c120a3af5b37e3fa04d1b4a7ae7ef0e684de79d58bc785eca12e3618188c41d0
c295fe7461670262798dbe4baf9c9b90c60993a15e6671b254f883a2eda872e4
c64f63e7f679542e1fc164573f0d77392471ddf42b0f21a34acaadbafeee2236
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99b65f128e519d48e1e352bfe49dc554bb39708344c543014b07746b9a80608
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5db8e13594619af2b130b4d792183562b5770df81347b3a7fbe0644ef984d3
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
f650e416d6beea3f398054c42e32e757731a373bd94130862148e7d06538a7cd