urlscan.io logo urlscan.io
SecurityTrails logo

get.nzrplus.com Open in urlscan Pro
52.17.119.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nzrplus.com/0.25881232062301507
Effective URL: https://get.nzrplus.com/
Submission: On July 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 130 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is get.nzrplus.com.
TLS certificate: Issued by R10 on June 23rd 2024. Valid for: 3 months.
This is the only time get.nzrplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.130.237 13335 (CLOUDFLAR...)
28 18.66.112.18 16509 (AMAZON-02)
1 7 54.171.28.66 16509 (AMAZON-02)
2 108.156.60.60 16509 (AMAZON-02)
1 143.204.176.34 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:400... 54113 (FASTLY)
2 146.75.120.157 54113 (FASTLY)
3 2a03:2880:f08... 32934 (FACEBOOK)
9 2.18.64.15 20940 (AKAMAI-ASN1)
1 34.120.195.249 396982 (GOOGLE-CL...)
3 142.250.184.200 15169 (GOOGLE)
2 151.101.129.140 54113 (FASTLY)
2 151.101.193.140 54113 (FASTLY)
2 93.184.221.165 15133 (EDGECAST)
2 104.244.42.131 13414 (TWITTER)
3 157.240.0.6 32934 (FACEBOOK)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 52.17.119.105 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
20 172.64.153.29 13335 (CLOUDFLAR...)
1 52.222.232.99 16509 (AMAZON-02)
9 34.96.102.137 396982 (GOOGLE-CL...)
3 18.66.112.13 16509 (AMAZON-02)
4 157.240.251.35 32934 (FACEBOOK)
1 216.239.34.36 15169 (GOOGLE)
130 28
1    172.67.130.237 (United States)

ASN13335 (CLOUDFLARENET, US)
nzrplus.com
28    18.66.112.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-18.fra56.r.cloudfront.net
app.nzrplus.com
7    54.171.28.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
dce-frontoffice.imggaming.com
2    108.156.60.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-60.ams1.r.cloudfront.net
static.diceplatform.com
1    143.204.176.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-176-34.lhr50.r.cloudfront.net
js.stripe.com
6    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o129937.ingest.sentry.io
3    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
get.nzrplus.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.google.de
20    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
9    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
3    18.66.112.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-13.fra56.r.cloudfront.net
uploads-ssl.webflow.com
4    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
30 nzrplus.com
nzrplus.com
app.nzrplus.com
get.nzrplus.com Failed
1 MB
20 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 9580
2 MB
9 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4493
133 KB
9 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 760
143 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
572 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
4 KB
7 imggaming.com
dce-frontoffice.imggaming.com — Cisco Umbrella Rank: 94799
30 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
94 KB
4 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2560
alb.reddit.com — Cisco Umbrella Rank: 1570
859 B
4 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1363
13 KB
3 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 18141
103 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7165
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 158
317 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2408
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1182
815 B
2 t.co
t.co — Cisco Umbrella Rank: 803
539 B
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1025
15 KB
2 diceplatform.com
static.diceplatform.com — Cisco Umbrella Rank: 171481
46 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 sentry.io
o129937.ingest.sentry.io — Cisco Umbrella Rank: 187711
299 B
1 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2147
171 KB
130 21
Domain Requested by
28 app.nzrplus.com app.nzrplus.com
20 cdn.prod.website-files.com get.nzrplus.com
cdn.prod.website-files.com
9 dev.visualwebsiteoptimizer.com get.nzrplus.com
dev.visualwebsiteoptimizer.com
analytics.tiktok.com
9 analytics.tiktok.com app.nzrplus.com
analytics.tiktok.com
9 www.googletagmanager.com dce-frontoffice.imggaming.com
www.googletagmanager.com
app.nzrplus.com
get.nzrplus.com
7 www.facebook.com get.nzrplus.com
7 dce-frontoffice.imggaming.com 1 redirects app.nzrplus.com
6 connect.facebook.net app.nzrplus.com
connect.facebook.net
4 www.redditstatic.com www.googletagmanager.com
app.nzrplus.com
www.redditstatic.com
3 uploads-ssl.webflow.com cdn.prod.website-files.com
2 www.google.de get.nzrplus.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com app.nzrplus.com
www.googletagmanager.com
2 analytics.twitter.com get.nzrplus.com
2 t.co get.nzrplus.com
2 alb.reddit.com app.nzrplus.com
get.nzrplus.com
2 pixel-config.reddit.com app.nzrplus.com
www.redditstatic.com
2 static.ads-twitter.com www.googletagmanager.com
2 static.diceplatform.com app.nzrplus.com
1 d3e54v103j8qbb.cloudfront.net get.nzrplus.com
1 get.nzrplus.com app.nzrplus.com
1 o129937.ingest.sentry.io app.nzrplus.com
1 js.stripe.com app.nzrplus.com
1 nzrplus.com 1 redirects
130 24

This site contains links to these domains. Also see Links.

Domain
app.nzrplus.com
www.instagram.com
twitter.com
www.facebook.com
www.allblacks.com
Subject Issuer Validity Valid
app.nzrplus.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.imggaming.com
GeoTrust TLS RSA CA G1		 2023-10-12 -
2024-11-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.diceplatform.com
Amazon RSA 2048 M02		 2023-09-15 -
2024-10-12		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
get.nzrplus.com
R10		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
prod.website-files.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2024-06-28 -
2025-07-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://get.nzrplus.com/
Frame ID: 95AE328C321DB3C00BADEF83160BB072
Requests: 127 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NZR+ | It's Rugby, Plus Some

Page URL History Show full URLs

  1. http://nzrplus.com/0.25881232062301507 HTTP 307
    https://nzrplus.com/0.25881232062301507 HTTP 301
    https://app.nzrplus.com/ Page URL
  2. https://get.nzrplus.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

94 %
HTTPS

21 %
IPv6

21
Domains

24
Subdomains

28
IPs

5
Countries

4877 kB
Transfer

14501 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nzrplus.com/0.25881232062301507 HTTP 307
    https://nzrplus.com/0.25881232062301507 HTTP 301
    https://app.nzrplus.com/ Page URL
  2. https://get.nzrplus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nzrplus.com/0.25881232062301507 HTTP 307
  • https://nzrplus.com/0.25881232062301507 HTTP 301
  • https://app.nzrplus.com/
Request Chain 10
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457

130 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.nzrplus.com/
Redirect Chain
  • http://nzrplus.com/0.25881232062301507
  • https://nzrplus.com/0.25881232062301507
  • https://app.nzrplus.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eb85c99a8995f941d73df50a4a818eb473a0c44b7786bec6d309dbe6a38758e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=5
content-encoding
gzip
content-type
text/html
date
Sat, 06 Jul 2024 23:30:31 GMT
etag
W/"c04fba151e1198e9169411a3bf4071a7"
last-modified
Fri, 05 Jul 2024 11:32:14 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-id
bho7EIZh6xOvIcZzvaj07BESO1Db4Rv57R3RU07ttuW1to-Jx4tx8Q==
x-amz-cf-pop
FRA56-P5
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
cNgg4g3CZeoRxsCQ2TAgx7RkQWS.L7jz
x-cache
Error from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
89f36209394e9960-FRA
content-length
167
content-type
text/html
date
Sat, 06 Jul 2024 23:30:29 GMT
expires
Sun, 07 Jul 2024 00:30:29 GMT
location
https://app.nzrplus.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ra4Nc0ch%2Bzatx4RT86HGKIOE4J2Bgcq0bCOePJ2b4WhcdTTMMWvE76gvbN0P5aMMq9hVWHdIiiQBLYi2JY63G9oS%2F8Cz%2F6hjeyH4iboH%2BzW3YUifeTL8IpmKul0UNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
3698.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/3698.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
288dbd3777266289de7411ec9a2423d565797920483adc8d179012aa419e7a12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
S9_kph7nt4p.FO5fo7qD2euDOM5tDaK2
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"f75dbd3aebeed70b73f45186ed04fb77"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
MbC5q5ydVMTItRHmELMcuU8eCYXgNV6bJYf1qgqQQAZ-dXUgjOFKiQ==
5940.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		3 MB
853 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0128a25c69ba58ac78d471fecc71253e06bf0b103cd74879aec33e5603cbd776

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
Y5jMnLwcrSNojQjdUoFN6boCqJcIgZ16
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"0b794f3e846a0bb71f0a3d49032da8e5"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
O_jZwVXLm374KPgcmpJytLE_kvy1zhSzgHHrbdQRjaFolC3vakgPpw==
2344.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		160 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/2344.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0baa8e74d5aa8b56d99583b77293ff0ce36df8a63b9f3d70befb90c42f3bfbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
AjdbP2VKAym4AhRk6u22Rm1Y._YZReTx
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"0d6090f94a18e508f74dd8525a39f0a7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
c_AYqwCH543-Ref_h-N9H3SYGn_wwEYVhPeY4LP9kWRKNFNAl6MIyA==
868.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/868.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f12955fb208eae089baf161eabfdb23c7d8cf246812e87fbc8426c15973a68e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
GBaB7W7qF.kYHfy1.Z_OwhytidAhYhIG
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"cb1ec2d302e52fe0e8054241c318d962"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
HRQr8IfGovzoLltFJ-5EMzPHNeeu-aPeEK67jnp_fq8TwtyiNd6X1Q==
4876.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		689 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/4876.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5be578ed36e2a930bdaf0c729ae76802842e594b01180920747f7cb2a66d3f6a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
0gDFf5eYUY9EywzXCxcNs8Kghk8aRJhP
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"602005d40842d7edeca8bcbe549e3b45"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
rewD50bTiw-g6jS9b-m5xjeCKuk5W5jnfos2RoqthMGQ1Wu_HAzucQ==
app.js
app.nzrplus.com/code/6.7.1.260042b/js/ 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcc6f84183fa61975b32c1973b21369926419d015c9db5d39119957a791b8a3c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
7_tnUMf3nUOV3qDzu1BX5WqRLfuBt3c_
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"e99927db56be552d41f415a045df5f13"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
g0TJel8nHZV5TRME9-DIHn0H9t-v3mdsMhuvTZzMhg5Hs6c_QAt6Iw==
5940.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/5940.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6902b034ee5ff9e155f5b83b13ce7802b6c67a76d5ff6891c5b9512c04ce49c6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
Psv7aSJlj_EDGGYJq_oHJlLk4Tj3IXUa
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"e407005d8252af94a9078906f9ea4a9b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
eaqL3ENvvI0UaNR34Typ45gDw5MpD_W7AJr0HFjoitkjolO30lHjjg==
868.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/868.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a666cd65233454d3e259fafd15dd94a48429d6b7205d656f1144dbb1501a366

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
Ik20C2q8CZ.5Gq_3g1zTnDobAMQGlt55
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:13 GMT
server
AmazonS3
etag
W/"016fcbf7a3e3ec369cc209d8a182c5c1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
CWSV8aBUcZcd_ic3dnQDoZEANixxsbvchkMBY_ghj8Obdp6vwYB08Q==
4876.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		360 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/4876.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd0192f032758b071199b7f4b2eba18b864998f1df9785b069c4078309f454e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:17 GMT
x-amz-version-id
1DDLRIJC1uhd3T9pvpe5rp1VUkVqmbKW
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
129494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"460e5a538c724026147cc695ebabccf5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
1XfZm6Mo3cz6wttLvIA_AvWGSyYnSchFegACGR0RGiH3TZAOt-wLyg==
nzrHead.lppvE.js
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
363 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Server
108.156.60.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-60.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
via
1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jul 2023 10:14:18 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
etag
"9b571aee0d300ee8b4a1ba9e3c4d4f72"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
content-length
363
x-amz-cf-id
Qpa_EbsHYJNQ_Akso83ciZT9l_a5hiA6MNlg6OXF_USKa7Q30hGOlA==

Redirect headers

date
Sat, 06 Jul 2024 23:30:30 GMT
vary
Realm, Authorization, Origin
loc
eu-west-1
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
processing-time
2
cache-control
no-transform, max-age=10
request-id
0554a1312af30b43
content-length
0
v3
js.stripe.com/ 		619 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-34.lhr50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:29:57 GMT
content-encoding
gzip
via
1.1 c4813da7dbee67e890e9271e5ca72738.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
43
x-amz-cf-pop
LHR50-C1
x-cache
Hit from cloudfront
last-modified
Fri, 05 Jul 2024 17:15:05 GMT
server
Cloudfront
etag
W/"16095b208fce1f9394656811fb5b307e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
WZ0An-_oVlO9vvM7mOa5aA4In_wkGKQen2T2XXlXcgMzt2X5wmg5uA==
/
dce-frontoffice.imggaming.com/api/v1/init/ 		85 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/4876.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
22d6f3cc335a9e714e6d5799a6266af1c76ea0edee0871a3f85d99d30152f039

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-app-var
6.7.1.260042b
Accept-Language
de-DE
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
content-language
en-GB
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
cache-control
private, no-transform, max-age=10
access-control-allow-credentials
true
content-type
application/json
processing-time
61
request-id
439169393666a5d2
/
dce-frontoffice.imggaming.com/api/v1/init/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,content-type,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 06 Jul 2024 23:30:30 GMT
loc
eu-west-1
processing-time
0
request-id
71f8f65dd31a24b2
vary
Origin
gtm.js
www.googletagmanager.com/ 		285 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: dce-frontoffice.imggaming.com
URL: https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dafb6817e69d755949c73e81056aa3871d54ebdd35ce4933088e4b651dd3c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98902
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:30:30 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
946396ed0ab0e02ec99e49299d6500cbb7e9c021840646eafb96ec1edaa13f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93625
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:30:30 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0faabbd9bc18dc4b74f9141857fc654855fe8133ca599d78d0c9b50e0c999e3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92585
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:30:30 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220116-FRA
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:30:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
TcFmVLEbR9CwtbF1kRxvfddtH5azJP4msnfYubhYEpCZijxEjy4NipvfFcZzGYgyQbqIwuAp3hwnj+GMvaNf1w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d13c56c7ebd5f7a909b3ae7c568ac2e7920dabf536f915f932ec8fd75cb50a8d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
f62523d.d57f4da9
date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407062330303D6990DCCB65B30CD74C-5E0BB3D87263E589-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
98,2.20.179.79
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=9, inner; dur=5
content-length
1495
pragma
no-cache
server
nginx
x-tt-logid
202407062330303D6990DCCB65B30CD74C
x-cache-remote
TCP_MISS from a184-28-17-78.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,184.28.17.78
x-tt-trace-host
0124359e713df8ca709285b8f2220f1699b971e1448ddba9c3f4e566a79b0b93cde9e6b6b1045165396322883d00b2130b90fdb2e8348676d4a33f74891f6a9fd5d6395a9789fc8f65ca453abdcdaf94905afada0f53c09d873c55e83330a75c2b2c12a4c4fd7ac6a58e415e14e586e3ff
expires
Sat, 06 Jul 2024 23:30:31 GMT
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 06 Jul 2024 23:30:30 GMT
loc
eu-west-1
processing-time
1
request-id
61069af229913503
vary
Origin
/
o129937.ingest.sentry.io/api/1321936/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o129937.ingest.sentry.io/api/1321936/envelope/?sentry_key=d25c8126c77f4064b4b0b921d37b2d0b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/2344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
js
www.googletagmanager.com/gtag/ 		286 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-ML4CN7G8
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dbebc07d94be286a2919d924bd7a5e8b1ad15783ac6b5a2002b62932261c55de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99295
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:30:30 GMT
564.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/564.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf0dc7114447c90db37c1eee4523ee0416de61a1bc4206e0e1b9f0e1020d83f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
6DAHzxwP9jbBtkfLJU9KdUKHr_YHeY9Q
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"695fad73313b798015f05f98148303bd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
WmVdW3DxsHJqz4Er68H6p8tKa4O4venOgdLyQ95LYakBWJ7RAy_Dtg==
564.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		112 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/564.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22f4787d1e6e2650b7a22ebb56b22858955083d04d0fddcc8eed082220923cca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
T65.OzEJ2X999X0TeIr61k8.3s4woVPt
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"e36af000755594c115e09c81e2443df2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
yCEhFwz4v8rE1s_9ckwiQd58Q7N7LbxaOwFVjWau1DpdrlcbzGJiSw==
4496.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/4496.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1437dfba423ca6116da2dd257ecc686fef1a3f75aabbbd7ef0da6420d9ff505d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
eCel0347pHEl1OWayThBjkkZiFVRGV7d
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"21fa820872ac5cc154107f6ed0fcd342"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
-jSPbXTeKgWq_xcuuwJVzFkEoH0BvvCqYYKQIo8HWsdr3OgO6NoeFA==
4496.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/4496.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bf94181c178099580291edf88f52923fe9ae68f43da70ff3f1cf6c7482de0c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Izy.dn4TxIHnKyLkOML3JC8pW3uvLt68
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"ed121e0fa61d7677b9e52600d43eebda"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
rNDDPv46e_8UKNf2dEuJrUbp9r9dW6tr6MIAZIOMIb-_XHWy4RTWSg==
7788.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/7788.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b12291db0198f3593464f9164137bb2e4ea7970d66f372ad09a6f3ae9af4c6d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
K4q6iAfdVmoTDGnximEiQUtVZ7TJNiGI
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:11 GMT
server
AmazonS3
etag
W/"75d1802a95efd0b419330908ebba8568"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
A4zTNK1raGFM7WegoICrywXRbt_cShQnTK15gUUgs6PA5bqkHFqLkQ==
532.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/532.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b52f1b002936093bb6bb29b3a7eb5e6dde482ff7639d0d0f8fd86a3d51cb5e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Zu6kQ9ceblg7U23Q2_H2icLBfS1.Unji
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"0454e1a85cea9c9eb5e55aafebb2ef92"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
LlNLuRA89ifnXPtaCaKxHKqOKa2OcSHTZRM8z7dSLJwhlbSlb3YFjA==
4116.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/4116.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ee4f7e159200bdc4a49c06e98bb1e214cd6a98dd53fbefa569f6680c2588931

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
zyZYXWKA49OM4OI3VH8kbQbVKs4Fbtjo
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"934d2aff47ea30b6d763adb5076673fa"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
JJymDaedCCNXan8Be6LG4c0GNqJsIn3du5ZK4n_nQI7R42ovrPRUkg==
4956.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		511 B
896 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/4956.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
D5gFB5mqmT2D9ajYqfEogI_OyzG6U2xH
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
511
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
"f48980685b25397bcd242dffdc9446e7"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pG6BWRHjrIsZlRysI4hkamWrN0QiUbCdKCzZ3qAP5VajYzi06ECJsw==
4956.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/4956.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
509bb48a722c487f10208b85f9a54d62295fdf99d7ec2fd5effb2d21b46c564a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Gka1R04h5v95qllXok3iWYW_ivuhR9wT
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"4405cda5f7e6d610a767936a39695f92"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
quzV6kEzXNID5gjz9I2fSUt6lCrOiqO0iQGalmnJ-LeU2wABsFvJ0g==
2240.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/2240.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7f8f2f3c6407efa29cdd0d7ddb623447faeb971eb949bade4ac6d0043e81d31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
cLZ28p2S_UIOnrf62F9OxN0cdWvshtFE
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:09 GMT
server
AmazonS3
etag
W/"8d687b3fc3cef520472301fc737fbfb8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
sRy4BbOGnU7i5ga5EhPaGXJaTBTCArwYCcp5aPJxkw4e5XnF68CGZA==
6356.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/6356.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5b4abd4f24ec02bbf3b0cc7dd5656d0ced5cf0cec4b1ce07cf8d3395fec7c20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
RbogGi5ztxl5v383qPrZUP5m.8.bUrYr
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"995d24d104c96f4a21cad9d37d81ebeb"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
aiZOlfF03lTGvky6PobSCBJNhuAxar5lqI2J2EdViJQWXjUcRj3nVA==
6352.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/6352.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a78a22df4975842a5e8da9f282bc76e149e196c9ee5d6ffaeebb52a10098ba70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
LyNsybIHLu2G_33LDpLaC3PnM_XeT4_Z
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"59afa5e68d4ec84155aada1730e7e924"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
rNet9jCvYjZAwWEnuV8_zlomGDO-442_PDB7Y_BjnW71o6rqiW6xYQ==
6352.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/6352.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b2d7485e9974fa00b79252e2e8a70b60de1dcfb391b7b87af39ce648e8ec363

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
Sgqlb7TrjaGMRDEYVj.n17tbs_xiB8Rx
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"49455bff724491fd9996e655f6f39f52"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
U7-rOApNS2camDVu5_3Gp5lm8WRRj70cvDsiAL625W0iTzd-A90oqw==
2308.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/2308.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c02d310a1029df54557874225f32799d494638dfa08fc087126bdbf3cd26ba1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
aj524hlGCIzyVHBOjs02CKQVbvlTaK9X
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:10 GMT
server
AmazonS3
etag
W/"d38cd1095f2e7a86d387a469d6eaba6a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
1hMX9mBrCuyndZqHQltrVMJe5h-MKV93-jReDd2zmxkx8BtIBnJ9WQ==
1893.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		363 B
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/1893.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
X3FPB6sGU1dsMO7YGjNBdz0Dx.ly_OAF
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
363
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
"8a9c8ed7c197723e2929b511b17a1870"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QTvEprJMCzStzlOjklTTVDUJvKGp761Tu57IDeUomYIu2Is_goWtBA==
dice.css
app.nzrplus.com/style/6.7.1.260042b/css/ 		673 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.7.1.260042b/css/dice.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e7378809419c6c64601922f3276b40a3086a80e706f570d1418226405426a64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
2eDT.ZhjL4zfi465QOAzP8ZaAF1Yqj7V
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:13 GMT
server
AmazonS3
etag
W/"8868c76698780ef08b63107b453a6eb6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
6b5fwnyp8EvyUYQQ0Q9SRj1E5_sfEaGkQE8ZqIeVG2la0bOXQuyGvg==
dice.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/dice.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2170cc4c670e69d7b4c9081e8d2322482c935a84d89acf302eee8e663cfc0dac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:32:20 GMT
x-amz-version-id
HoiF3cpMOlyCwBXpuMc259R85Cfa_r.G
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129491
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:11 GMT
server
AmazonS3
etag
W/"fe02ac25ae6b3bdbeed00dceeef1e9db"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
x9phCqYFzAUW4JVfjxJlX0Nicn4hLJrnqlsEkxm8kgnfV0IyCMkQZQ==
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2d37f730ea6adf1ed6b0f544c1562da85c7e00d7596ee3c57a53ed2ff1f8aa4e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Realm
dce.nzrugby
x-app-var
6.7.1.260042b
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MjAzMDg2MzAsImRldiI6IkJST1dTRVIiLCJlbnQiOnsiYWFpIjpbNDE0NSw0MTQ0XSwiYXNpIjpbNDE0M10sImlhaSI6WzMwNzVdfSwiZW52IjoicHJvZCIsImV4cCI6MTcyMDMwOTIzMCwiZ3VlIjp0cnVlLCJpYXQiOjE3MjAzMDg2MzAsImlwIjoiODAuMjU1LjEwLjIwNSIsImlzcyI6ImRjZS1pZCIsImxvMiI6IkRFLE5vcnRoIFJoaW5lLVdlc3RwaGFsaWEsTm9ydGggUmhpbmUtV2VzdHBoYWxpYSxCb3R0cm9wLDQ2MjQwLDAsMCwwIiwicGFyIjowLCJwcm8iOnsiaWQiOiJLVWJiUE58OTgwMzQwOGQtNTFhYi00YzIxLTkyNDUtYTNjYmQ3NDlkMjUwIiwidHAiOiJhIn0sInJvbCI6IkNVU1RPTUVSIiwic3ViIjoiS1ViYlBOfDk4MDM0MDhkLTUxYWItNGMyMS05MjQ1LWEzY2JkNzQ5ZDI1MCIsInV0cCI6IkhVTUFOIn0.cigvBYYqhuu4_2F5VUkoFurvnOP4xXl6Q6mLsF81Y984c7Tq6-SRCZ0ug5nLAozQM8FbdSlLqyliEl1bHD6XcS_bC6wSi-AxQePlYLIa1ECo9PUWn_MYb1wkPKbbWDhDpmli6Dgx67rp0f16Gc_JF8aoIHGmodh8XkxYBBCCiU8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
processing-time
9
access-control-allow-credentials
true
content-type
application/json
request-id
00abc8067d24f734
content-length
736
config
pixel-config.reddit.com/pixels/t2_gfeyuwzzi/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_gfeyuwzzi/config
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720308630923&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=5c0ba2db-484e-4bed-be80-06e110618a44&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
696296242296371
connect.facebook.net/signals/config/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.160&r=stable&domain=app.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e84f3157db316528ab4273af5568a14774de13a0098b00b0ca306f20a1a3124f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=66, mss=1297, tbw=63825, tp=-1, tpl=-1, uplat=50, ullat=0
pragma
public
x-fb-debug
tmxWEf/bC2gC1fCZq6Vp1bPPVTBjbLOCmlEP3Rx0UZC7mLKmar0QOWUsGl3WE9LBA5NH09/bYmscbRnKw7iKzQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
splash.js
app.nzrplus.com/code/6.7.1.260042b/js/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/splash.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
979878a7b228cc3017175efaf651fa465653723926a69e91325f6774b9034b41

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:35:09 GMT
x-amz-version-id
0mrWAV.lFfIV57lKBqKOutB3GyGCosLx
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
129322
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 11:32:12 GMT
server
AmazonS3
etag
W/"445d77999bc634c7720b5072327ddefa"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
MQGlU5B9W2ZLhwtPUITr3jGYLbPkBlwD6H9_PkCcEwtAaMw0Mt3UTQ==
National2Condensed-Medium.ttf
static.diceplatform.com/prod/original/dce.nzrugby/fonts/ 		107 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/fonts/National2Condensed-Medium.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.156.60.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-60.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Origin
https://app.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:32 GMT
content-encoding
gzip
via
1.1 01abec7ece24959c09067a58477de9ee.cloudfront.net (CloudFront)
last-modified
Thu, 03 Aug 2023 13:19:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
etag
W/"a49afdc1e2e5bdf230fca04e4ed78ec1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KbqC4362gg51dGCgshenS9ROtP5BeOYqWdy5p-p3-iRMAsG2imH14A==
/
get.nzrplus.com/ 		0
0
/
get.nzrplus.com/ 		0
0
authentication-providers
dce-frontoffice.imggaming.com/api/v2/realm/ 		315 B
876 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/realm/authentication-providers
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e373b17638a65d0711224d06d6d18711e140c91b04935adfb0c42f1d3a01a981

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Realm
dce.nzrugby
x-app-var
6.7.1.260042b
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MjAzMDg2MzAsImRldiI6IkJST1dTRVIiLCJlbnQiOnsiYWFpIjpbNDE0NSw0MTQ0XSwiYXNpIjpbNDE0M10sImlhaSI6WzMwNzVdfSwiZW52IjoicHJvZCIsImV4cCI6MTcyMDMwOTIzMCwiZ3VlIjp0cnVlLCJpYXQiOjE3MjAzMDg2MzAsImlwIjoiODAuMjU1LjEwLjIwNSIsImlzcyI6ImRjZS1pZCIsImxvMiI6IkRFLE5vcnRoIFJoaW5lLVdlc3RwaGFsaWEsTm9ydGggUmhpbmUtV2VzdHBoYWxpYSxCb3R0cm9wLDQ2MjQwLDAsMCwwIiwicGFyIjowLCJwcm8iOnsiaWQiOiJLVWJiUE58OTgwMzQwOGQtNTFhYi00YzIxLTkyNDUtYTNjYmQ3NDlkMjUwIiwidHAiOiJhIn0sInJvbCI6IkNVU1RPTUVSIiwic3ViIjoiS1ViYlBOfDk4MDM0MDhkLTUxYWItNGMyMS05MjQ1LWEzY2JkNzQ5ZDI1MCIsInV0cCI6IkhVTUFOIn0.cigvBYYqhuu4_2F5VUkoFurvnOP4xXl6Q6mLsF81Y984c7Tq6-SRCZ0ug5nLAozQM8FbdSlLqyliEl1bHD6XcS_bC6wSi-AxQePlYLIa1ECo9PUWn_MYb1wkPKbbWDhDpmli6Dgx67rp0f16Gc_JF8aoIHGmodh8XkxYBBCCiU8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
processing-time
10
access-control-allow-credentials
true
content-type
application/json
request-id
ab291d957f11d4dd
content-length
254
authentication-providers
dce-frontoffice.imggaming.com/api/v2/realm/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/realm/authentication-providers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.28.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-28-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP,CM-DVC-GIVN
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 06 Jul 2024 23:30:31 GMT
loc
eu-west-1
processing-time
0
request-id
c9df84cd6bb8bb49
vary
Origin
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=f1d06813-ae57-4d22-b1f8-1277711be27a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a9995069-c775-44f3-80ec-97a889439230&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
181
date
Sat, 06 Jul 2024 23:30:30 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
fedc20eadfcc7122
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
9f3a37b27c27b403d7ea3744f24305ea032a9f9cead0969d5fdf41d66745f202
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=f1d06813-ae57-4d22-b1f8-1277711be27a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a9995069-c775-44f3-80ec-97a889439230&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
110
date
Sat, 06 Jul 2024 23:30:30 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
19b468be46748388
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
1ed807c2fdcafdd2666e17ee6c215e6a75a1c0ab22950989794f92e7a1cc86b3
content-length
43
destination
www.googletagmanager.com/gtag/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106945
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:30:31 GMT
/
get.nzrplus.com/ 		0
0
/
get.nzrplus.com/ 		0
0
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57f4f47
date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024070211442486CEE947AAC79573EC15
x-tt-trace-id
00-24070211442486CEE947AAC79573EC15-04B0816D8C28569D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01f5ce518d066816ccd30a36e11159c02467e20211ada973577e2ecb3a9081f16d3c5e4f0425a5d39eda990e98a78d3c7d6a9d861e21775716178de026fd0f26160dbdbc2f09f36b723ea1fec93846afd75d8de387ec54da955b6689003bc18b32
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
98499
481997073503704
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.160&r=stable&domain=app.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C187%2C186%2C188%2C193%2C194%2C195%2C191%2C183%2C123%2C152%2C182%2C184%2C114%2C146%2C136%2C140%2C177%2C120%2C219%2C107%2C119%2C220%2C154%2C111%2C127%2C115%2C143
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=23, mss=1232, tbw=4613, tp=11, tpl=0, uplat=65, ullat=0
pragma
public
x-fb-debug
WHSLIenYLPKxKAlaIwabC6gwWQbm1jBX2o8v7mu9m/h24xXEMlbqQnpZwEq+hKm11XzP4xyoQtR0uJ7PejI/0g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308631119&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=empty&cdl=API_unavailable&it=1720308630965&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57f4fe1
date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400005A6482EC8658954395AB
x-tt-trace-id
00-2405211400005A6482EC8658954395AB-7D65582794A05721-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bb7da6081e9cf70fa40d500e66dc7f748628c80e0f1c23442ca51ee8a2f8b68964c4f446120724fd2ca9707a41b0908b9313ba92036a2906c239a7d63f0bac733445c05cc1dc4ee260ea56789bff41382955417bb369ac05d71aab0981d5b1c3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
40007
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
41e800b7.d57f4fe4
date
Sat, 06 Jul 2024 23:30:31 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706233031314D33D5B1E5F781652C-55E1C856620C22ED-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
109,2.20.179.79
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=22, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240706233031314D33D5B1E5F781652C
x-cache-remote
TCP_MISS from a184-28-17-152.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
23,184.28.17.152
x-tt-trace-host
0124359e713df8ca709285b8f2220f1699b971e1448ddba9c3f4e566a79b0b93cd9748cec10cc6a7097a3e6c992df390735998c656fb2af48109724cc25a7fb118d29d4ff3d643f0b17a59f1be7fd8043f8e63851cbb02f48547ba0b7f68e82b5e2b83d8dba9f313668fb7f9b83fe3b75a
access-control-allow-headers
Authorization,*
expires
Sat, 06 Jul 2024 23:30:31 GMT
Primary Request /
get.nzrplus.com/ 		51 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.nzrplus.com/
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/chunks/dice.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f7dad26a2365a1c0dac83d3dc33052452da1ddf2b86ff0d428f29d29943ea107

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
60812
content-encoding
gzip
content-length
17228
content-type
text/html
date
Sat, 06 Jul 2024 23:30:31 GMT
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
HIT
x-cache-hits
0
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
2e0d824a-de1d-47d5-b5ce-7aa2ca7b30dc
x-served-by
cache-dub4352-DUB
x-timer
S1720308631.256865,VS0,VE1
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4730v9137464323z89135919949za200zb896579455&_p=1720308630735&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1963968126.1720308631&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720308631&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2F&dt=&en=dice_navigation.general&_fv=1&_nsi=1&_ss=2&tfd=1283&_z=fetch
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.7.1.260042b/js/5940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7MSG54SCKT&cid=1963968126.1720308631&gtm=45je4730v9137464323z89135919949za200zb896579455&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7MSG54SCKT&cid=1963968126.1720308631&gtm=45je4730v9137464323z89135919949za200zb896579455&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=815725522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308631218&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=empty&cdl=API_unavailable&cs_est=true&it=1720308630965&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1297, tbw=3173, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308631218&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=empty&cdl=API_unavailable&cs_est=true&it=1720308630965&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc6498ba2880a5342","source_keys":["1","2"]},{"key_piece":"0xebf1d19cf4719c37","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 23:30:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388669310296087651", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1297, tbw=3320, tp=-1, tpl=-1, uplat=45, ullat=0
pragma
no-cache
x-fb-debug
bQw4hmO8fOMvuEMJe/XpUBv28H1RxRbpNlp9RookDXRJ1qNsek+XEOMzB7oWtn9SKGQLujefHVUqdO6mb8t25g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388669310296087651"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0
nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/ 		79 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f26e4eeb94dfec7384cecd9e17371e2e03cc8580c4cd2877f758b64fa036b7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-amz-version-id
MTlMEZkiRmDfKNDNYG9k0IAI8CuRrpTM
cf-cache-status
HIT
x-amz-request-id
V4QDY4FFBJ4JJH44
age
146627
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
14733
x-amz-id-2
v3x5K305DGvGxLUbWESUuEcLhbos0/OncB8RkSgZdyGqHee2qeXUx66XWDQmbO2DfbTruyEOss4=
last-modified
Fri, 05 Jul 2024 06:43:27 GMT
server
cloudflare
etag
"96aec50b16c077a7bb3e5fc19a5e1aec"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
89f36211c99e994e-FRA
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=650811499cdfe4fd96c4f05b
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 06:44:39 GMT
content-encoding
br
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
age
61561
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
n79V3fsc0uQvPYspXPmMvIKcqZ0Qh9xdTssETKj52PBzrAWI7gKdtg==
webflow.e0936a4e0.js
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/js/ 		556 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/js/webflow.e0936a4e0.js
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af86ef561b6c436e372a348f945110f1326b9d22bf1814545b21c29d5053aa4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-amz-version-id
WV0t6DgHyNtxEyXut73JWBYVUEYIw1BB
cf-cache-status
HIT
x-amz-request-id
V4Q9DG5RHERE7Y1K
age
145849
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
106246
x-amz-id-2
hIdYj9tkVodTLnu7CRkliw9OztsqFzXR/4FMZkjm3frCmp3mueKYLFiZeiaqbyTpXcGs1SWJtII=
last-modified
Fri, 05 Jul 2024 06:43:27 GMT
server
cloudflare
etag
"c2449ae734c9d0e3fca9fdb0bba563c6"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
89f36211c99c994e-FRA
gtm.js
www.googletagmanager.com/ 		285 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dafb6817e69d755949c73e81056aa3871d54ebdd35ce4933088e4b651dd3c66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98902
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:30:30 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=772009&u=https%3A%2F%2Fget.nzrplus.com%2F&vn=2
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
eb96077c8b9572daa3d08870457ea8ffaeb81240cd110a445a94638bc2514e9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
etag
W/"1720173566_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
650811499cdfe4fd96c4f0b2_haka-amended-2.webp
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0b2_haka-amended-2.webp
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab8f798e70d2f88edd037c1aad4a0a7921431b17b2a8c00c33aa3c1daded59e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
iFPCEqLPQeOvGUN.1sr1nXht854.swI8
cf-cache-status
HIT
x-amz-request-id
V62MW1P5M1JMXHBB
age
268578
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
119104
x-amz-id-2
kI7/kfInPs8CrzCmGGKZowJl3HfEQWCJ3l02rIHi6QqTxsRe2we220jC9sV1zYhM9pk3Qto0WQ8=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"26042cdfee33d016d6fad4498fee615b"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3621229cf994e-FRA
64dcdcc9eab56c0d25a38aba_hero-title-shape-web.svg
cdn.prod.website-files.com/64db5c03233e72553c17930f/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64db5c03233e72553c17930f/64dcdcc9eab56c0d25a38aba_hero-title-shape-web.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8272b2ac7cf5a838eb55a7a2e850933459348014ad9693967572b6fadf4701dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
Q8IyTb9XFfmg9HIRFiawRiVcm0FkZOBx
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BSAQ8MKFN8A56XCS
age
2892377
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l0/RHOuKA3F+67XrIgxp70fhPwocGdAXtVaSUfomwVClIeSGt5Q2Mq2O71R+eaEsocE+o6zXnkY=
last-modified
Wed, 16 Aug 2023 14:27:23 GMT
server
cloudflare
etag
W/"edb77afa22705137e42c98fd1b3d02f6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3621229d0994e-FRA
64dc9f021bb0399ff85f6821_rugby-circle.svg
cdn.prod.website-files.com/64db5c03233e72553c17930f/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64db5c03233e72553c17930f/64dc9f021bb0399ff85f6821_rugby-circle.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6d4d453bc4fedb3ecf105d2a9fcccdacd54c3b1620ea7dcee4f6a118b8a7c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
6GR6_AQxFm2iqTp_hrzfi91h2QzPgNDX
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62GXQ71G0WVJ2D2
age
274586
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
exy5G1Syo9ObWJiPQ/6/NsWSUdJAEcCXf/swIJ2DahhFVtliz2if/sKeCjG4imnp72zr+SZiPkM=
last-modified
Wed, 16 Aug 2023 10:03:48 GMT
server
cloudflare
etag
W/"6a401487b014b2d7fee493cc5b3b9c10"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3621229d1994e-FRA
64dca2ea5d6c06f4721c0b38_across-icon.svg
cdn.prod.website-files.com/64db5c03233e72553c17930f/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64db5c03233e72553c17930f/64dca2ea5d6c06f4721c0b38_across-icon.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180ae72b8cfada6ae9bf8d07d5aea3121e0c7aa5451b487edb2ae887e88ce697

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
vBrThrzo5IguRjuh_NoFjvB4MnU8N_S_
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62ZPC0EQKV6N9NV
age
2881460
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jQxMhC1vXzeJgQq8b1W0IdwIaHI3MhWXYbH7+bR6nRilDZkNcOZNU1Yi9jt27U9PfjOoE1ZLLkU=
last-modified
Wed, 16 Aug 2023 10:20:28 GMT
server
cloudflare
etag
W/"6063a4fc234023d35b542fa0cf69e235"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3621229d3994e-FRA
650811499cdfe4fd96c4f098_national-2-condensed-medium.woff2
uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f098_national-2-condensed-medium.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28fe7e77f1c1fda5f41b90bac46764818f897d8694cfe72dc206a2289de03362

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 28 Oct 2023 08:51:21 GMT
x-amz-version-id
7cnSyZi8b6Vz5mNrJRID0_cJ1cFKCJ53
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
age
21825551
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36811
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
AmazonS3
etag
"be44cf5b0c67c870c0b39080cc524b3e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
1IPdX07ORlOPeq5z56ZiPISQW2v3rA_lcsDYqLuOiWh0Q-mj9SOQtQ==
650811499cdfe4fd96c4f09a_manuka-bold.woff2
uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f09a_manuka-bold.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b0d20d0a82889c0e2d9648eedb2e59bbeff24a1ab33b128524464c9cfb190f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 01 Dec 2023 09:27:07 GMT
x-amz-version-id
XHtlB5ABP.rePXBQrf_hYEizLifPil5o
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
age
18885805
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31932
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
AmazonS3
etag
"b086122c8c32ea5ac4b051ec491c3dd6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Pqm0IFCaStv8DXPMqDyr0kPIneQieD6HoBqbRJqK05KFHhNhmIh4-w==
650811499cdfe4fd96c4f099_national-2-condensed-regular.woff2
uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f099_national-2-condensed-regular.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/css/nzr-all-blacks-81cdd0912a860e16737cb7d4.webflow.dbb847a12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
724723fb4d2f21a8b1e2e480a205ba36825c2e7048ebdd9e5b9a9933e8f8ca3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 Nov 2023 07:15:36 GMT
x-amz-version-id
4o5KxOqLyZcnjdAw.UEy9NGtUhpBV.4U
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
age
19930496
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35251
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
AmazonS3
etag
"0f5b38a0792772e4ccf0ee23b68762b1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
xNj-27QLu05hohDfQXznGf-GcM7u_K86KkS39-vLOtDePXlaWa0Omg==
650811499cdfe4fd96c4f078_nzr-logo.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f078_nzr-logo.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3812e2730376cb0506c60082397b597d0cb5fcb11a9a81ebe22f3a4c06cbdf0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
34LQnZOkX0mNyc.glUyzEsASn_2MX1.L
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62SPVSC5P9YNRQJ
age
1989883
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8PatEFUKiT2EL1QxEAO9Y8morVrIWmjhsvEG3CIbLh27NJHSuVkCVyXPgoKb7nOqiLyA3nbLcUjmKx+QsTk4GL5IYNu1GIwg
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"5d3abc7ef807c4a12b462832500981da"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3621249e4994e-FRA
650811499cdfe4fd96c4f09c_radial%20blur.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		1 KB
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f09c_radial%20blur.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422240413f42d73a2f7a6fbaf31b3210da7b8ab41935e670f0bd4a9590109100

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
PLAE_oX4_iTiYYTQ0WJnVdPNWqToggvN
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
GKT7FVVVKV5RYY8B
age
2892375
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
w7T3r7hB40LHGyv0wETO+nuDpRampyqlkF8r6G03foKx2vwesy+aQiyTA2YI17P7YV3zpBsXrBc=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"44fe601a4f9c85e4f5010a26da20a272"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3621249e6994e-FRA
650811499cdfe4fd96c4f097_video-right-plus.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		2 KB
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f097_video-right-plus.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd08725d27006e4bd265e2b59a5f097db15e6d086d6ae17c8d46a782711d7db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
52Ngh2znftJkHhDr9Z4d9PPYyUIxNrft
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
GKT9BH97BCG1EH00
age
2104432
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GVu8crkzFMLapmDsCz0fYWbAFQowRxl+pA9zBuirzpifViRXrXf1urxOQ72qoA9+UrYpl7qEcvA=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"2e9ed257a02293a7e6053690297359e3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f3621249e8994e-FRA
650811499cdfe4fd96c4f0af_hero-left-shape.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0af_hero-left-shape.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be6da79ae21538c8f7b25982c82606274400559d01e651bf577a53e33b39bcb1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
2ODRgSabSa1Xfs_takLtoLUCIPCTB7by
cf-cache-status
HIT
x-amz-request-id
GKT17E1V3YE6WJ7Y
age
2884434
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
5991
x-amz-id-2
Q6x+B1tSociNkcfNvA6unWQsnZ4+8GYxRaS5CgWaM/1+LxCuLxbMPQO2Y1XoAb2Mt2TztiOOdmM=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"4d69462fe2f8a772abd5cdbeeebef4cc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3621249e9994e-FRA
650811499cdfe4fd96c4f087_left-shape.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f087_left-shape.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e48f725551d8da7d2fd92401a8900a4b1cc2f7147d48cc1436b3d98a2e05f96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
B5N2qEQhu.JcTFXk3O9R_eZaP7ySOhrE
cf-cache-status
HIT
x-amz-request-id
V62WXHFC8MHSDT3D
age
2884640
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
149071
x-amz-id-2
GbCQv6NDYUWr1TgbaleO6DmqUHPjbk796i9p6y6ZFBdDL9rHKPjYKZjcopa3XYTN/0g8P8T4CRw=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"963d81db731ab90a7c44b904ae4f152e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3621249ea994e-FRA
6687942c497a7025b62ad80e_TTW_HeroPlacement.jpg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		267 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/6687942c497a7025b62ad80e_TTW_HeroPlacement.jpg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533eba05e8c137ee679639ceacdcf2e1f0476a17be2d8d63d19fbaa8aee414bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
.ieSqk97C0_jfdx6YM23CX1JyL9e3Ygl
cf-cache-status
HIT
x-amz-request-id
M8TXTDESG0K9XMTR
age
146537
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
273398
x-amz-id-2
u1JD2ycwfpQ91Q6U5tP85RinjW3y7w6SHmhcCYYThLYyGcWz7/mQlZtD7BKQTDJIYr2DllK23tE=
cf-bgj
h2pri
last-modified
Fri, 05 Jul 2024 06:35:26 GMT
server
cloudflare
etag
"dbd2dd8ddfb3e65902c8cd5fb47b9dc6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3621249ec994e-FRA
6687957dde1c684f007e6064_SH_Internal_HeroPlacement.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		565 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/6687957dde1c684f007e6064_SH_Internal_HeroPlacement.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c885cdae62293d7b1285f2eac5291002067e34c05d7148b3b8159dddcf55e360

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
Tl0VQCEDboloRpc7KwFheFu1EG1nDUMv
cf-cache-status
HIT
x-amz-request-id
8S3VT8RRWP1C1X3R
age
145848
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
578693
x-amz-id-2
+W0aPhqCmb3ciLn1Al5NKv7+0nBT7o+hvOjiWX2+F9ELq2GcNTP67q3R2CQMX/qFZ0Hde9ig0Po=
last-modified
Fri, 05 Jul 2024 06:41:02 GMT
server
cloudflare
etag
"33fcadf04d5fa0d853dc84ee91edbf38"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f3621249ee994e-FRA
js
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47405XVK85&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
34f485c1d8dc85bc78b2fb10dbddde57159ceb9023d997c31d5ebb7cfd9434ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93116
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:30:31 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
946396ed0ab0e02ec99e49299d6500cbb7e9c021840646eafb96ec1edaa13f48
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93625
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:30:30 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0faabbd9bc18dc4b74f9141857fc654855fe8133ca599d78d0c9b50e0c999e3c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
br
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92585
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:30:30 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
uwt.js
static.ads-twitter.com/ 		56 KB
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-type
application/javascript; charset=utf-8
x-cache
HIT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-fra-etou8220116-FRA
fbevents.js
connect.facebook.net/en_US/ 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 23:30:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
TcFmVLEbR9CwtbF1kRxvfddtH5azJP4msnfYubhYEpCZijxEjy4NipvfFcZzGYgyQbqIwuAp3hwnj+GMvaNf1w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f9fc9ca25299c42c1db3cc2141c5212433b4a52580d811a584a513a9ff34275c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
353679dd.d57f525d
date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706233031273A98177794E20F56F4-64A78994447379E2-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
111,2.20.179.79
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=11, inner; dur=4
content-length
1533
pragma
no-cache
server
nginx
x-tt-logid
20240706233031273A98177794E20F56F4
x-cache-remote
TCP_MISS from a104-78-78-46.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,104.78.78.46
x-tt-trace-host
0124359e713df8ca709285b8f2220f1699fc3f1202ac55046255ffef9abec1a31bb0f384be6196e2bab1f444889d9956875410292da36568d0ee7ac12fecb001ccd4bde28cd59f8ce5a324b0dd00f4469e1c746ec8fd577516043304b80a6a873771c4469d622c4c4ed3f6433dbb03872b
expires
Sat, 06 Jul 2024 23:30:31 GMT
va_gq-96d89d1fc0241ee13744f1c58295bb01.js
dev.visualwebsiteoptimizer.com/edrv/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=772009&u=https%3A%2F%2Fget.nzrplus.com%2F&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
e2e985338d0e78ef3be2880fc48228d2bb5cc9da8f316058beb0fdcf2b88ab72

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:10 GMT
server
gfra2
etag
"6687c3ee-110dd"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69853
nc-9ec1391ac8a0b5ef739b9141483db624.js
dev.visualwebsiteoptimizer.com/edrv/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-9ec1391ac8a0b5ef739b9141483db624.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=772009&u=https%3A%2F%2Fget.nzrplus.com%2F&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
5ec2dc49fe6cd088cded962060a7159b209f66c2e9b23bb048ee24b4a48dfbd3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Origin
https://get.nzrplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:10 GMT
server
gfra2
etag
"6687c3ee-cc1"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3265
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=772009&d=get.nzrplus.com&u=D12F46C56853E9384C926CC80F46E3127&h=9498931ba34281578eb41d11c9ac5b44&t=false
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
68569c8e-5cb1-4dc2-a9a0-d57de2c574ce
https://get.nzrplus.com/ 		678 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://get.nzrplus.com/68569c8e-5cb1-4dc2-a9a0-d57de2c574ce
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c471d1bc38f9f32e340e7c9de7f246eb69b951597af92a1cf9cac72aabb6609

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
678
Content-Type
application/javascript
650811499cdfe4fd96c4f0ae_Vector.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0ae_Vector.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3486ece9ec0facaf0a69861cad4355f54b16db00bd30441e81928d52a97a3b30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
ZGOZgDjkUyE2VVbErz8vF8vM.iUO2Hug
cf-cache-status
HIT
x-amz-request-id
EANV8NT81JDE3XQW
age
285127
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2088
x-amz-id-2
NhhraLttpB7hodyDLJbyZ1LFwgf45o6eUIDsvDEf+kw++thbK7Jdri35AkOS74OklQxD87h1iy959/sctu4v+A==
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"d6f6cc7ef02558bf4e92f1994803772c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f36212ea43994e-FRA
650811499cdfe4fd96c4f0c5_Premium%20Originals.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0c5_Premium%20Originals.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14defd388b6f1bfff57729c0f9227304c6aab523db66d16ac717ccf353037307

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
c1vl3e6gZY3C.GEKlXKLgZZZNs4avqu8
cf-cache-status
HIT
x-amz-request-id
EANXT0ZDGRBMEP8A
age
2886869
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
216251
x-amz-id-2
XvSe4fYIR9VeI91b6wHVfkjvpvwVZ02xF2T2zlVwCdyR/R8CqIiu6IMbVgkWoi5bVW0W+AVIm/0=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"625817b43e0c673a271849caf051a3ae"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f36212ea46994e-FRA
650811499cdfe4fd96c4f0c6_Documentaries2.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0c6_Documentaries2.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8483b5ed7faa144e7d0e78018e84b1e8a2ec9810bc72bff1cc4e473160173ae9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
3FMV31JrsHGEiMiVtXBn2ZG1m7LuJpeL
cf-cache-status
HIT
x-amz-request-id
GKT3AXQS23G14YN0
age
2892375
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
265356
x-amz-id-2
joBfa7talumRvDMwA4sHp5teQDSqzj9cf1M2gJSHaAhz8rvUg6R2aobe4Fq+ak3Sqhcqw+Mn6pg=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"a5217341f0cd651500823ef7fa3241cf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f36212ea47994e-FRA
650811499cdfe4fd96c4f0c2_Short_Films%20(1).png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		266 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0c2_Short_Films%20(1).png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4900075cb7eee0fef37796d37db656e76f178e5d827d09628112b3cb9620d8ee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
vxKPD7wR.iYlwC67KizDc5kiaAVclR1N
cf-cache-status
HIT
x-amz-request-id
GKTF4A73H20YPBCR
age
2884639
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
272482
x-amz-id-2
XuTAS5X0F/JMtEdwA5E5NZQL7Pn8lPrmwuG0KB8lzXqTDkuMJ28e4rlJqbcro5R16kLTx3GqVRM=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"5bec297698239aeb7a2cd6383f16377c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f36212ea48994e-FRA
650811499cdfe4fd96c4f0a0_Right%20text%20cropped.png
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0a0_Right%20text%20cropped.png
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8ab5fc11c40c553e094e46fbae83bf6739b282ff073e3e573172d5b4974dfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
Y.Wmedpw4O7gT9T3VymyGGWi60rwaZtB
cf-cache-status
HIT
x-amz-request-id
V62YSG87P9GE78JQ
age
2056416
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56138
x-amz-id-2
sgYZVjXjLd73xG0McKSNsrusHdv1gYSFX6CKDGtlDf1J/ljosIs+c+GcbbloNy3Lpyd/Z/iUQZw=
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"2ddd5f8c7d8380ae474c8778aedd0e9e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f36212ea49994e-FRA
650811499cdfe4fd96c4f0a7_rugby-shape.svg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		9 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f0a7_rugby-shape.svg
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdfc3505d8e1d823268d38a4d9776110b3bd8eb6d11a135b30ec037ab6d5132

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
ISqNJCSnr8ezjvEEGUfEhHMuhpo3Tdks
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V62QSNM64RNT3WP6
age
2892377
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WeDzprrAOg4h/OrcUGlX/P3i8NZLHID7LSntwcDwDSjwQ1Ok+I4IkHRMSER7Un0+3maLAeaSTIsa3KXpEY7d2AE5qvQ40Cum
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
W/"b8c3ae72656d8f9cb9b430bce4c2216d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
89f36212ea4b994e-FRA
config
pixel-config.reddit.com/pixels/t2_gfeyuwzzi/ 		3 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_gfeyuwzzi/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:30 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720308631502&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=5c0ba2db-484e-4bed-be80-06e110618a44&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
696296242296371
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.160&r=stable&domain=get.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e84f3157db316528ab4273af5568a14774de13a0098b00b0ca306f20a1a3124f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12389
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=29, mss=1232, tbw=12213, tp=20, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
wnutrH2vjRExS+OEsNJfMAxUokyPSp48rhFQDyR1kYvE6SZwe4Xh8cqIVjRsaKc8423sLt7yYbaMLK4cEOvdAw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=86074899-9e9e-41f6-8138-0f255b5c6e63&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=cf2b94de-8819-4398-8e2e-2d92fe16f576&tw_document_href=https%3A%2F%2Fget.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
109
date
Sat, 06 Jul 2024 23:30:31 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
c9533f71acdc91ee
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
06b6b06c2eb4a2966c8bb982dc07db07c6ceec0c8d94c0a99750813ae6e367c5
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=86074899-9e9e-41f6-8138-0f255b5c6e63&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=cf2b94de-8819-4398-8e2e-2d92fe16f576&tw_document_href=https%3A%2F%2Fget.nzrplus.com%2F&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
110
date
Sat, 06 Jul 2024 23:30:30 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9cc3790fa5a64e52
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
1ed807c2fdcafdd2666e17ee6c215e6a75a1c0ab22950989794f92e7a1cc86b3
content-length
43
481997073503704
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.160&r=stable&domain=get.nzrplus.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C187%2C186%2C188%2C193%2C194%2C195%2C191%2C183%2C123%2C152%2C182%2C184%2C114%2C146%2C136%2C140%2C177%2C120%2C219%2C107%2C119%2C220%2C154%2C111%2C127%2C115%2C143
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3caf09a707676d83f97a152b21ab7f832678c59191098a1fb27eae8613e8b5dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4920
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=40, mss=1232, tbw=25205, tp=34, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
GWayf6rjrFkOVBFT11wp95A0Pt4sA2ZQcyD3clOmkHLiWcHfO/CgHwB5YI8UUHNhlzFy8ARXVDjr8a5ufO2D2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308631559&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=other&cdl=API_unavailable&it=1720308631504&coo=false&rqm=GET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4373, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308631559&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=other&cdl=API_unavailable&it=1720308631504&coo=false&rqm=FGET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x51d8f83e13bc223a","source_keys":["1","2"]},{"key_piece":"0xf96ccc63522be674","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 23:30:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388669310598137681", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=26, mss=1232, tbw=8309, tp=22, tpl=0, uplat=294, ullat=0
pragma
no-cache
x-fb-debug
2TBsahX6DW01im9zh43Z0UOTSbUepmWq2ZXlpx2DRWHmBROKFkQdfF5DG9DdlweooGtA5YONjJ1+2YR+/Yes2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388669310598137681"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-47405XVK85&gtm=45je4730v9166116559z89135919949za200zb9135919949&_p=1720308631365&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1963968126.1720308631&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720308631&sct=1&seg=0&dl=https%3A%2F%2Fget.nzrplus.com%2F&dr=https%3A%2F%2Fapp.nzrplus.com%2F&dt=NZR%2B%20%7C%20It%27s%20Rugby%2C%20Plus%20Some&en=page_view&_fv=1&_ss=2&tfd=422&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47405XVK85&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-47405XVK85&cid=1963968126.1720308631&gtm=45je4730v9166116559z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47405XVK85&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-47405XVK85&cid=1963968126.1720308631&gtm=45je4730v9166116559z89135919949za200zb9135919949&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=597493317
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s.gif
dev.visualwebsiteoptimizer.com/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=772009&u=D12F46C56853E9384C926CC80F46E3127&s=1720308631&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22https%253A%252F%252Fapp.nzrplus.com%252F%22%2C%22lt%22%3A1720308631585%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fget.nzrplus.com%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1720308631585&v=46df0bc2b&_ru=https%3A%2F%2Fapp.nzrplus.com%2F
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:30:30 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTO6MRC77U1G0V3K8F0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57f4f47
date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024070211442486CEE947AAC79573EC15
x-tt-trace-id
00-24070211442486CEE947AAC79573EC15-04B0816D8C28569D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01f5ce518d066816ccd30a36e11159c02467e20211ada973577e2ecb3a9081f16d3c5e4f0425a5d39eda990e98a78d3c7d6a9d861e21775716178de026fd0f26160dbdbc2f09f36b723ea1fec93846afd75d8de387ec54da955b6689003bc18b32
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
98499
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308631592&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=other&cdl=API_unavailable&cs_est=true&it=1720308631504&coo=false&rqm=GET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4837, tp=15, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:30:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fget.nzrplus.com%2F&rl=https%3A%2F%2Fapp.nzrplus.com%2F&if=false&ts=1720308631592&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=other&cdl=API_unavailable&cs_est=true&it=1720308631504&coo=false&rqm=FGET
Requested by
Host: get.nzrplus.com
URL: https://get.nzrplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc6498ba2880a5342","source_keys":["1","2"]},{"key_piece":"0xebf1d19cf4719c37","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 23:30:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388669310722740332", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=24, mss=1232, tbw=5077, tp=18, tpl=0, uplat=172, ullat=0
pragma
no-cache
x-fb-debug
gurDVV7i93reJvDQWqEdsiTM5HeaGYbihhsbAWAwTVKQPR1k8RZ9NdBAB6tOgjpjchfy6d9SNY+gnzaT9BDAxQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388669310722740332"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
track-08ccb11efa18f078a2a9dd8f40d0dd27.js
dev.visualwebsiteoptimizer.com/7.0/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-08ccb11efa18f078a2a9dd8f40d0dd27.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
2553f36a94622c3bbd62ed136f0607dc6bfac0d555d9ddce2c4cae2dae381d38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:17 GMT
server
gfra2
etag
"6687c3f5-1154"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4436
opa-2055dcb4db758a08c758ea27bcb6063a.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		140 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-2055dcb4db758a08c758ea27bcb6063a.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
c4a5a5160dd97ca10fde46947068fcf5cafc1682aa31ffe3c008412e2bf2dfcb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:12 GMT
server
gfra2
etag
"6687c3f0-8ccf"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36047
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d57f4fe1
date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400005A6482EC8658954395AB
x-tt-trace-id
00-2405211400005A6482EC8658954395AB-7D65582794A05721-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bb7da6081e9cf70fa40d500e66dc7f748628c80e0f1c23442ca51ee8a2f8b68964c4f446120724fd2ca9707a41b0908b9313ba92036a2906c239a7d63f0bac733445c05cc1dc4ee260ea56789bff41382955417bb369ac05d71aab0981d5b1c3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
40007
pixel
analytics.tiktok.com/api/v2/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d57f5403
date
Sat, 06 Jul 2024 23:30:31 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240706233031F7984F500D799B83D366-045B3A4A75133185-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=29, cdn-cache; desc=MISS, edge; dur=7, origin; dur=119
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240706233031F7984F500D799B83D366
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
119,2.20.179.79
x-tt-trace-host
0124359e713df8ca709285b8f2220f16999c6c636689b1798b2c705c956edbe4d76465ae35ec0cae17e51a39c3d148bad7f030931cf8f388722fb9e1ab057b5205b97e9dda7edab7a901412faf61c8ff2b0c2dc3b9f2080c606851300948f4e4bc
access-control-allow-headers
Authorization,*
expires
Sat, 06 Jul 2024 23:30:31 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=772009&settings_type=1&vn=&eventArch=1&uuid=&exc=1|2
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-96d89d1fc0241ee13744f1c58295bb01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
18f7deb5a28d73b276027703c65950c848990b4d9fc77f8ca57131bc47cef9b8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
etag
W/"1720173566_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
worker.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jul 2024 09:59:12 GMT
server
gfra2
etag
"6687c3f0-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13599
act
analytics.tiktok.com/api/v2/pixel/ 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f6120ca.d57f5602
date
Sat, 06 Jul 2024 23:30:31 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407062330319410ACAAEA09087A3D36-639A8241706BECEC-00
x-cache
TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
108,2.20.179.79
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=21, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407062330319410ACAAEA09087A3D36
x-cache-remote
TCP_MISS from a184-28-17-154.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,184.28.17.154
x-tt-trace-host
0124359e713df8ca709285b8f2220f1699b971e1448ddba9c3f4e566a79b0b93cd1217d5108f0efe9668843c79aac3af1d45e67ea64ad4ab1ef90041feb5aafc68df17d80bf4ec86cb95c538cb2e83e6bcb0bc30c7b59b1d54c46cbc28905029e3da10d7fab6ae943b0d960de59844c4bd
access-control-allow-headers
Authorization,*
expires
Sat, 06 Jul 2024 23:30:31 GMT
650811499cdfe4fd96c4f09f_Favicon%20(1).jpg
cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/650811499cdfe4fd96c4f05b/650811499cdfe4fd96c4f09f_Favicon%20(1).jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0a90125f9c35fa1a92ac6fd0872a3d8731403f257b5f87e68dcd75bf08ddee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://get.nzrplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:30:31 GMT
x-amz-version-id
0ob_NN2LyXU.LcFK.Gl2757OUqp9CCER
cf-cache-status
HIT
x-amz-request-id
JC6R6BJ2NG9BCKPE
age
2888773
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2006
x-amz-id-2
8c6M8t8OTz5KCOwU53raKUbtDFe5RYviCEWEplqWxd5Y7EhGZjRuZ5pgoamMvhTP0R9S+PShsIo=
cf-bgj
h2pri
last-modified
Mon, 18 Sep 2023 08:58:51 GMT
server
cloudflare
etag
"60f5534f11bf1f655720a1ac9271396f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
89f36215abdd994e-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
get.nzrplus.com
URL
https://get.nzrplus.com/
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2F&rl=&if=false&ts=1720308631119&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720308631116.476593297757817873&ler=empty&cdl=API_unavailable&it=1720308630965&coo=false&rqm=FGET
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4730v9137464323za200zb896579455&_p=1720308630735&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1963968126.1720308631&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1720308631&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=5&tfd=1374&_z=fetch

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer object| code object| _vwo_code number| _vwo_settings_timer function| $ function| jQuery function| tram object| Webflow object| google_tag_manager object| google_tag_data function| rdt function| twq function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq number| _vwo_j_e object| _VWO string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue undefined| _vwo_clicks object| VWOOmni object| mainThread number| _vwo_library_timer string| _vis_opt_lib string| _vwo_cdn function| redditNormalizeEmail object| regeneratorRuntime object| twttr function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s boolean| _vwo_spaR object| gaGlobal object| _vwo_exp string| _vwo_uuid function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| _vwo_pa object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks number| ___vwo object| __nls string| pushcrewHash boolean| vwo_libExecuted

20 Cookies

Domain/Path Name / Value
.nzrplus.com/ Name: _gcl_au
Value: 1.1.1611257841.1720308631
.tiktok.com/ Name: _ttp
Value: 2itSy3Vxg6O6EBdrq2xcFItWuq0
.nzrplus.com/ Name: _fbp
Value: fb.1.1720308631116.476593297757817873
.nzrplus.com/ Name: _tt_enable_cookie
Value: 1
.nzrplus.com/ Name: _ttp
Value: JAKXMj1V2vjnTTZ4spfVOgvoG9F
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172030863113862997
.twitter.com/ Name: guest_id_ads
Value: v1%3A172030863113862997
.twitter.com/ Name: personalization_id
Value: "v1_bAnqwovDMlq4QZRRrSvWMQ=="
.twitter.com/ Name: guest_id
Value: v1%3A172030863113862997
.nzrplus.com/ Name: _ga
Value: GA1.1.1963968126.1720308631
.nzrplus.com/ Name: _ga_7MSG54SCKT
Value: GS1.1.1720308631.1.0.1720308631.60.0.0
.t.co/ Name: muc_ads
Value: c9dc0e4d-b2a0-41fd-9658-075b2fffb8b9
.get.nzrplus.com/ Name: _vwo_uuid_v2
Value: D12F46C56853E9384C926CC80F46E3127|9498931ba34281578eb41d11c9ac5b44
.nzrplus.com/ Name: _rdt_uuid
Value: 1720308630919.5c0ba2db-484e-4bed-be80-06e110618a44
.nzrplus.com/ Name: _ga_47405XVK85
Value: GS1.1.1720308631.1.0.1720308631.60.0.0
.nzrplus.com/ Name: _vwo_uuid
Value: D12F46C56853E9384C926CC80F46E3127
.nzrplus.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.nzrplus.com/ Name: _vis_opt_s
Value: 1%7C
.nzrplus.com/ Name: _vis_opt_test_cookie
Value: 1
.nzrplus.com/ Name: _vwo_ds
Value: 3%3At_0%2Ca_0%3A0%241720308631%3A31.80175361%3A%3A%3A2_0%2C1_0%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
app.nzrplus.com
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
dce-frontoffice.imggaming.com
dev.visualwebsiteoptimizer.com
get.nzrplus.com
js.stripe.com
nzrplus.com
o129937.ingest.sentry.io
pixel-config.reddit.com
region1.analytics.google.com
static.ads-twitter.com
static.diceplatform.com
stats.g.doubleclick.net
t.co
uploads-ssl.webflow.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
get.nzrplus.com
region1.analytics.google.com
www.facebook.com
104.244.42.131
108.156.60.60
142.250.184.200
142.250.186.163
143.204.176.34
146.75.120.157
151.101.129.140
151.101.193.140
157.240.0.6
157.240.251.35
172.64.153.29
172.67.130.237
18.66.112.13
18.66.112.18
2.18.64.15
2001:4860:4802:34::36
216.239.34.36
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::396
34.120.195.249
34.96.102.137
52.17.119.105
52.222.232.99
54.171.28.66
93.184.221.165
0128a25c69ba58ac78d471fecc71253e06bf0b103cd74879aec33e5603cbd776
0b0d20d0a82889c0e2d9648eedb2e59bbeff24a1ab33b128524464c9cfb190f4
0b52f1b002936093bb6bb29b3a7eb5e6dde482ff7639d0d0f8fd86a3d51cb5e8
0c0a90125f9c35fa1a92ac6fd0872a3d8731403f257b5f87e68dcd75bf08ddee
0c471d1bc38f9f32e340e7c9de7f246eb69b951597af92a1cf9cac72aabb6609
0e7378809419c6c64601922f3276b40a3086a80e706f570d1418226405426a64
0faabbd9bc18dc4b74f9141857fc654855fe8133ca599d78d0c9b50e0c999e3c
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63
1437dfba423ca6116da2dd257ecc686fef1a3f75aabbbd7ef0da6420d9ff505d
14defd388b6f1bfff57729c0f9227304c6aab523db66d16ac717ccf353037307
180ae72b8cfada6ae9bf8d07d5aea3121e0c7aa5451b487edb2ae887e88ce697
18f7deb5a28d73b276027703c65950c848990b4d9fc77f8ca57131bc47cef9b8
1ab8f798e70d2f88edd037c1aad4a0a7921431b17b2a8c00c33aa3c1daded59e
2170cc4c670e69d7b4c9081e8d2322482c935a84d89acf302eee8e663cfc0dac
22d6f3cc335a9e714e6d5799a6266af1c76ea0edee0871a3f85d99d30152f039
22f4787d1e6e2650b7a22ebb56b22858955083d04d0fddcc8eed082220923cca
2553f36a94622c3bbd62ed136f0607dc6bfac0d555d9ddce2c4cae2dae381d38
288dbd3777266289de7411ec9a2423d565797920483adc8d179012aa419e7a12
28fe7e77f1c1fda5f41b90bac46764818f897d8694cfe72dc206a2289de03362
2b2d7485e9974fa00b79252e2e8a70b60de1dcfb391b7b87af39ce648e8ec363
2bf94181c178099580291edf88f52923fe9ae68f43da70ff3f1cf6c7482de0c9
2d37f730ea6adf1ed6b0f544c1562da85c7e00d7596ee3c57a53ed2ff1f8aa4e
2dd08725d27006e4bd265e2b59a5f097db15e6d086d6ae17c8d46a782711d7db
2f26e4eeb94dfec7384cecd9e17371e2e03cc8580c4cd2877f758b64fa036b7a
3486ece9ec0facaf0a69861cad4355f54b16db00bd30441e81928d52a97a3b30
34f485c1d8dc85bc78b2fb10dbddde57159ceb9023d997c31d5ebb7cfd9434ac
3a666cd65233454d3e259fafd15dd94a48429d6b7205d656f1144dbb1501a366
3b12291db0198f3593464f9164137bb2e4ea7970d66f372ad09a6f3ae9af4c6d
3caf09a707676d83f97a152b21ab7f832678c59191098a1fb27eae8613e8b5dd
422240413f42d73a2f7a6fbaf31b3210da7b8ab41935e670f0bd4a9590109100
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4900075cb7eee0fef37796d37db656e76f178e5d827d09628112b3cb9620d8ee
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
509bb48a722c487f10208b85f9a54d62295fdf99d7ec2fd5effb2d21b46c564a
533eba05e8c137ee679639ceacdcf2e1f0476a17be2d8d63d19fbaa8aee414bf
5be578ed36e2a930bdaf0c729ae76802842e594b01180920747f7cb2a66d3f6a
5eb85c99a8995f941d73df50a4a818eb473a0c44b7786bec6d309dbe6a38758e
5ec2dc49fe6cd088cded962060a7159b209f66c2e9b23bb048ee24b4a48dfbd3
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6902b034ee5ff9e155f5b83b13ce7802b6c67a76d5ff6891c5b9512c04ce49c6
6c02d310a1029df54557874225f32799d494638dfa08fc087126bdbf3cd26ba1
6e48f725551d8da7d2fd92401a8900a4b1cc2f7147d48cc1436b3d98a2e05f96
724723fb4d2f21a8b1e2e480a205ba36825c2e7048ebdd9e5b9a9933e8f8ca3b
7af86ef561b6c436e372a348f945110f1326b9d22bf1814545b21c29d5053aa4
7ee4f7e159200bdc4a49c06e98bb1e214cd6a98dd53fbefa569f6680c2588931
8272b2ac7cf5a838eb55a7a2e850933459348014ad9693967572b6fadf4701dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8483b5ed7faa144e7d0e78018e84b1e8a2ec9810bc72bff1cc4e473160173ae9
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88
8dafb6817e69d755949c73e81056aa3871d54ebdd35ce4933088e4b651dd3c66
946396ed0ab0e02ec99e49299d6500cbb7e9c021840646eafb96ec1edaa13f48
979878a7b228cc3017175efaf651fa465653723926a69e91325f6774b9034b41
9f6d4d453bc4fedb3ecf105d2a9fcccdacd54c3b1620ea7dcee4f6a118b8a7c7
a3812e2730376cb0506c60082397b597d0cb5fcb11a9a81ebe22f3a4c06cbdf0
a78a22df4975842a5e8da9f282bc76e149e196c9ee5d6ffaeebb52a10098ba70
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393
b5b4abd4f24ec02bbf3b0cc7dd5656d0ced5cf0cec4b1ce07cf8d3395fec7c20
b7f8f2f3c6407efa29cdd0d7ddb623447faeb971eb949bade4ac6d0043e81d31
ba8ab5fc11c40c553e094e46fbae83bf6739b282ff073e3e573172d5b4974dfe
bcc6f84183fa61975b32c1973b21369926419d015c9db5d39119957a791b8a3c
be6da79ae21538c8f7b25982c82606274400559d01e651bf577a53e33b39bcb1
c4a5a5160dd97ca10fde46947068fcf5cafc1682aa31ffe3c008412e2bf2dfcb
c885cdae62293d7b1285f2eac5291002067e34c05d7148b3b8159dddcf55e360
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
d0baa8e74d5aa8b56d99583b77293ff0ce36df8a63b9f3d70befb90c42f3bfbb
d13c56c7ebd5f7a909b3ae7c568ac2e7920dabf536f915f932ec8fd75cb50a8d
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dbebc07d94be286a2919d924bd7a5e8b1ad15783ac6b5a2002b62932261c55de
ddf0dc7114447c90db37c1eee4523ee0416de61a1bc4206e0e1b9f0e1020d83f
e2e985338d0e78ef3be2880fc48228d2bb5cc9da8f316058beb0fdcf2b88ab72
e373b17638a65d0711224d06d6d18711e140c91b04935adfb0c42f1d3a01a981
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84f3157db316528ab4273af5568a14774de13a0098b00b0ca306f20a1a3124f
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
eb96077c8b9572daa3d08870457ea8ffaeb81240cd110a445a94638bc2514e9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12955fb208eae089baf161eabfdb23c7d8cf246812e87fbc8426c15973a68e7
f7dad26a2365a1c0dac83d3dc33052452da1ddf2b86ff0d428f29d29943ea107
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9fc9ca25299c42c1db3cc2141c5212433b4a52580d811a584a513a9ff34275c
fbdfc3505d8e1d823268d38a4d9776110b3bd8eb6d11a135b30ec037ab6d5132
fd0192f032758b071199b7f4b2eba18b864998f1df9785b069c4078309f454e2
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236