urlscan.io logo urlscan.io
SecurityTrails logo

app.nzrplus.com Open in urlscan Pro
18.67.93.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.mail.nz.rugby/?qs=28fc384bd0f7c3c6cf2f90d253315ec0da9671b34cccd7e665b6f09e20d6cad05d6586def40949f1248a50cb8a51...
Effective URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Submission: On May 09 via manual from PH — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 75 HTTP transactions. The main IP is 18.67.93.38, located in United States and belongs to AMAZON-02, US. The main domain is app.nzrplus.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 26th 2023. Valid for: a year.
This is the only time app.nzrplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    128.245.209.99 (United States)

ASN14340 (SALESFORCE, US)
PTR: ajn99.mta.exacttarget.com
click.mail.nz.rugby
27    18.67.93.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-38.syd62.r.cloudfront.net
app.nzrplus.com
13    34.247.113.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
dce-frontoffice.imggaming.com
9    108.158.32.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-74.syd3.r.cloudfront.net
static.diceplatform.com
2    108.158.32.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-18.syd3.r.cloudfront.net
js.stripe.com
2    2404:6800:4006:810::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o129937.ingest.sentry.io
3    142.250.66.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net
www.googletagmanager.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f019:116:face:b00c:0:3 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
www.google.com
3    142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net
www.google.co.nz
1    2404:6800:4006:814::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2404:6800:4003:c1a::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
2    2a03:2880:f119:8083:face:b00c:0:25de (Sydney, Australia)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
27 nzrplus.com
app.nzrplus.com
1 MB
13 imggaming.com
dce-frontoffice.imggaming.com — Cisco Umbrella Rank: 116446
31 KB
9 diceplatform.com
static.diceplatform.com — Cisco Umbrella Rank: 230533
166 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
457 KB
3 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 38855
191 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
382 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
75 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
305 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1160
13 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
148 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 882
724 B
1 t.co
t.co — Cisco Umbrella Rank: 717
377 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1376
637 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801
15 KB
1 sentry.io
o129937.ingest.sentry.io — Cisco Umbrella Rank: 251578
308 B
1 nz.rugby
click.mail.nz.rugby
287 B
75 17
Domain Requested by
27 app.nzrplus.com app.nzrplus.com
13 dce-frontoffice.imggaming.com 2 redirects app.nzrplus.com
9 static.diceplatform.com app.nzrplus.com
5 www.googletagmanager.com dce-frontoffice.imggaming.com
app.nzrplus.com
www.googletagmanager.com
3 www.google.co.nz app.nzrplus.com
3 connect.facebook.net app.nzrplus.com
connect.facebook.net
2 www.facebook.com app.nzrplus.com
2 www.google.com app.nzrplus.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.redditstatic.com www.googletagmanager.com
app.nzrplus.com
2 js.stripe.com app.nzrplus.com
js.stripe.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 analytics.twitter.com app.nzrplus.com
1 t.co app.nzrplus.com
1 alb.reddit.com app.nzrplus.com
1 static.ads-twitter.com www.googletagmanager.com
1 o129937.ingest.sentry.io app.nzrplus.com
1 click.mail.nz.rugby 1 redirects
75 19

This site contains links to these domains. Also see Links.

Domain
www.allblacks.com
allblackshop.com
Subject Issuer Validity Valid
app.nzrplus.com
Amazon RSA 2048 M01		 2023-06-26 -
2024-07-24		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
*.imggaming.com
GeoTrust TLS RSA CA G1		 2023-10-12 -
2024-11-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.diceplatform.com
Amazon RSA 2048 M02		 2023-09-15 -
2024-10-12		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-19		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Frame ID: A42000D696E5520C7F3B337F660AF331
Requests: 69 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 94F2E9D6C1F3F732A3702E70CD3F7D65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - New Zealand Rugby

Page URL History Show full URLs

  1. https://click.mail.nz.rugby/?qs=28fc384bd0f7c3c6cf2f90d253315ec0da9671b34cccd7e665b6f09e20d6cad05d6586de... HTTP 302
    https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=pl... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

75
Requests

97 %
HTTPS

29 %
IPv6

17
Domains

19
Subdomains

20
IPs

4
Countries

2371 kB
Transfer

8607 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.mail.nz.rugby/?qs=28fc384bd0f7c3c6cf2f90d253315ec0da9671b34cccd7e665b6f09e20d6cad05d6586def40949f1248a50cb8a51ddad5643b2de719b3d876438821d79998daa HTTP 302
    https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Request Chain 73
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/APP_ICON/redirect?domain=app.nzrplus.com HTTP 302
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/NZR_2B_app_logo_1024x1024.wwsaP.jpg?ts=1685629399

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gaming
app.nzrplus.com/
Redirect Chain
  • https://click.mail.nz.rugby/?qs=28fc384bd0f7c3c6cf2f90d253315ec0da9671b34cccd7e665b6f09e20d6cad05d6586def40949f1248a50cb8a51ddad5643b2de719b3d876438821d79998daa
  • https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc34f67c9df1ca51cade6763b017481a3068dfa1946b00f514f8b020e27803b2

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
4
alt-svc
h3=":443"; ma=86400
cache-control
max-age=5
content-encoding
gzip
content-type
text/html
date
Thu, 09 May 2024 22:13:54 GMT
etag
W/"366ac75397c249bbbfccf297d274772f"
last-modified
Thu, 09 May 2024 15:41:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-id
SCyWocVfyRp9s2fK-vQlp_EX5rZ6KQE4JQkywaLgQGXrOZ6ZyNKb5Q==
x-amz-cf-pop
SYD62-P1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
fRV54v5nPp6INWmLJFUQhxX.jkTdEey4
x-cache
Error from cloudfront

Redirect headers

Cache-Control
private
Connection
close
Content-Length
241
Content-Type
text/html; charset=utf-8
Date
Thu, 09 May 2024 22:13:52 GMT
Location
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
8692.js
app.nzrplus.com/code/6.0.2.6088358/js/ 		3 MB
840 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa323ab54a7079c2b551428212dee31d7b8b84ce9fc92761f268b4a86bbdd491

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:42 GMT
x-amz-version-id
HNAg6RhTnpp_8_2D8jzlvTydDT09muqV
content-encoding
gzip
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
23473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"bb5d13057afdca2e1b1129ac7536e1e0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
H_7Hld7QEozJi90YdmA66YjuUO07FUM1BetLuireT1tm1DKWjSQtXw==
7388.js
app.nzrplus.com/code/6.0.2.6088358/js/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/7388.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42a878968b5aca7fba9d36c6df5018b08a24e638c50ab083025953a3d61e1bdd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:42 GMT
x-amz-version-id
_9Pwz41DVYZHjkeWz9PxSSwoH4ix9Fg3
content-encoding
gzip
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
23473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"3276d6b36f59e6671702d768cc29fb19"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
vO7q0hUVOYKlAocNqt6-OE9YrdRLu45oMbo2aP4vbpq-oVW4OcO_FA==
8520.js
app.nzrplus.com/code/6.0.2.6088358/js/ 		744 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/8520.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b52cc0e504bf33bd0f1e8840bde995a11ac65e6ba36a293cf4b4ff0e0765ca1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:42 GMT
x-amz-version-id
C6SUqW9T5oolaOabINB4JTu_e81C.r3k
content-encoding
gzip
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
23473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"d6c987194d888e8b95bb58b6c76646d9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
ljjNNHG4DGentOcIaflEJD7zADpzwVY5iTBu3HKQBFW7q1B4dq9cVg==
app.js
app.nzrplus.com/code/6.0.2.6088358/js/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f71f8f9bbf1d8f7a7a7f64067bd604bccfa8edc488daef9a4563e197bb66746

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:42 GMT
x-amz-version-id
eym_wH7NY0qCxAZ9jotXPeZA2qOAceoW
content-encoding
gzip
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
23473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"e29ec159c9a11fcadb4d2c1436c4c938"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
GtsXZ225WfVF0E7FkWxCsakLeK3v-WniABUkanBnaf5gU23C8-6iXA==
8692.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/8692.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c64f63e7f679542e1fc164573f0d77392471ddf42b0f21a34acaadbafeee2236

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:42 GMT
x-amz-version-id
Y_t0WpsSpXdkFmSvAT8V_7lCxLuksOfz
content-encoding
gzip
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
23473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
W/"ab8eeb0a8a25fa65488ac91faedddf75"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
zmwOg4Zjj0UIyqk1apu05C-CffKT0wnSc1sppScgfrFZkoXd4fPDeg==
8520.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		365 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/8520.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0522b799af0eb6aa3a225b469439603a5fbde621de3a50798eb6eb20a2833ed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:42 GMT
x-amz-version-id
OBPd3dfS4ZK2O3_XZpYQ.u6UIWBboLYH
content-encoding
gzip
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
23473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
W/"10f1e44f7a98f165a6edb64484d12496"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
jag3S9G1MYzjA-HIMhydZr0kohov0oQlC2WResCRT0h2Xg20vTtFrA==
nzrHead.lppvE.js
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
363 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
via
1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jul 2023 10:14:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
"9b571aee0d300ee8b4a1ba9e3c4d4f72"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
content-length
363
x-amz-cf-id
gDnOvS6JFLJLWDXwfgMEt8TbhermK99y4vYh8_Kn1ew8UNhI5RsoiA==

Redirect headers

date
Thu, 09 May 2024 22:13:55 GMT
vary
Realm, Authorization, Origin
loc
eu-west-1
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/nzrHead.lppvE.js?ts=1690366457
processing-time
0
cache-control
no-transform, max-age=10
request-id
0ade88dd676d261e
content-length
0
v3
js.stripe.com/ 		604 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-18.syd3.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5c05d6e3b974c5bb099d57a1ce4c669fecaf82e83ce442281e4ca8d4cc733d66
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:50 GMT
content-encoding
br
via
1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
33
x-amz-cf-pop
SYD3-P2
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:42:39 GMT
server
Cloudfront
etag
W/"58e92e51fcfab351e56d57ed32f3c331"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
ato8ilUYNwJgE2ZZ6aQaGhBPUWhGrM4DUtJcaYSoO96H58Mi5VJClg==
/
dce-frontoffice.imggaming.com/api/v1/init/ 		79 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8520.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
47e8c9046c6ef468e9696979ae03b810d610bd273198c8ca742d064e89838ec5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-app-var
6.0.2.6088358
Accept-Language
en-NZ
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:56 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
content-language
en-GB
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
cache-control
private, no-transform, max-age=10
access-control-allow-credentials
true
content-type
application/json
processing-time
59
request-id
c391ab8aa9e48602
/
dce-frontoffice.imggaming.com/api/v1/init/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/init/?lk=language&pk=subTitleLanguage&pk=audioLanguage&pk=autoAdvance&pk=pluginAccessTokens&readLicences=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,content-type,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 09 May 2024 22:13:56 GMT
loc
eu-west-1
processing-time
0
request-id
948211e4c3d7de83
vary
Origin
gtm.js
www.googletagmanager.com/ 		269 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Requested by
Host: dce-frontoffice.imggaming.com
URL: https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/HEADER_SCRIPT/redirect?domain=app.nzrplus.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8de3b85336ed6c61c6ca752d857b2c3e0f3c06394fdc62ed3585e727de193a47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93024
x-xss-protection
0
last-modified
Thu, 09 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 22:13:56 GMT
/
o129937.ingest.sentry.io/api/1321936/envelope/ 		2 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o129937.ingest.sentry.io/api/1321936/envelope/?sentry_key=d25c8126c77f4064b4b0b921d37b2d0b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
js
www.googletagmanager.com/gtag/ 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-ML4CN7G8
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8520.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fe906f1f932ae7f520ce9924f44869854d40d2d00a2ba1c29a95febef20008c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93375
x-xss-protection
0
last-modified
Thu, 09 May 2024 21:15:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 22:13:57 GMT
564.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/564.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fb59a8f0d7301b71cf272c54f45e643228a364190622b7c723b9c1295bb192c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
DtibB6z_69Ri7orj6yowM1gQY3.coA9F
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
W/"3cad89c3311fec750db73f28cac2198e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
ly1ZhgxeRCfwNm1Sz9_wkHhIt1o7bvh7i3nxYiUYY5yDuSZqGZ-Hbw==
564.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		102 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/564.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6ba7f5cefeb2cba2091d6211ee89b3ef86ffe53a42fe151a7cf3c8b63b0cd5d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
uU.pKHqLclzfwDdNOcLYkRHFQQEhxnLl
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:14 GMT
server
AmazonS3
etag
W/"ac44cbfcf1900720e10b441ffabe7d1e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
lVr8CX3ngJmU2c0dPPn0vHg21HceUMq5x5fyBLBt_g1mf_U9T2aAtQ==
9976.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/9976.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1437dfba423ca6116da2dd257ecc686fef1a3f75aabbbd7ef0da6420d9ff505d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
Uk71ntMXfk2T1_HKFmeCxBxGamVyT3vo
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
W/"21fa820872ac5cc154107f6ed0fcd342"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
qmvNMsppMILAIVaRzgKbVsgnSuEh-IO_UoQYj2YbAJ4AgYU_gCrSrQ==
7788.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/7788.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb3fac646cae4ac79143986dc7b92e212fd15cf2de93c8fae5f7c25d3e0e135c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
BX1YgJUKgN4inHEk7deLjqS6NZWoFOi6
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:14 GMT
server
AmazonS3
etag
W/"0b2d96d26bd544fee02f10cd6d1532a6"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
7lK9zqK33Uoy-5FzzdG2VpSHP8FbxgUjH3NdLQ-kAsn-aMk59fBimA==
9812.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/9812.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7d6a1b2a5c9834d81eda40d94cacc35f96e58aadf19922d511ead3e96f9be51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
btWBfizBPnSOV2SI_m7I5_EmqZMasTzz
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:15 GMT
server
AmazonS3
etag
W/"3060757bc80b0c74c5901d86d343569b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
viCrQwywr0mYvwv_cCwX4YPrWS1kFKxXAbiDk3uYD_RJoqB9gma-bg==
9492.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/9492.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a551f47c526521f2cbe3e6fc5ff0dd6ddcb474d89de64dd440d866f4f224f1d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
5tPcw_7sQaOZZUGawzdAzppPOrt2iY_I
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:15 GMT
server
AmazonS3
etag
W/"1dc48472f3db7c051e6d28b01bcf2cde"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
xd65QLyVmOzGMBN-vxmYyqL-NNy0QOsdCST6ffGKxw3aAt-w4NYX4A==
5108.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		511 B
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/5108.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
G43909PQFRB6HQk9naQJtzm2EIRjI1O7
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
511
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
"f48980685b25397bcd242dffdc9446e7"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
sSeMGzFXXLJvzcd_cGAP2uvMDvv4kOzre7sJgo_8Br9iRaPfvIv5OA==
5108.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/5108.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6aade5f9a140df1389d845a644f0ce681ba12830a7d9098c4c3ec9c7d4ea5155

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
Anq8u3cm__RGVmstsszcEGDIf3.Bjp0K
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:14 GMT
server
AmazonS3
etag
W/"158d742dc7c83a0006702844c6ca5f64"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
FMIevCL63nmrjQ-kLOW4zghdOLp4_0IPFPlgerG1XZ9VOiKK3CR1zg==
2240.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/2240.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c25c5584e905d3b87d9ab90c9b855d22288163e809ff1f5f13428dabc81437dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
UNCZunNcAZdd6B.kq4Q15iK3cLjNCco9
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"c78dcb5e95ae49ff610837d407e5bae2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
mdRCrjrzf12JodvMn04jfciK7vzVeGbHrFdNOwBgfLXMRWTMn2bRWQ==
6356.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/6356.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59b96a912dad5a41134ff64b3fc9fa4cb24d34035838951ce312455da953ca75

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
gnPEcS.Gcxf.8qIDtztYdf13W_BErjdm
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:14 GMT
server
AmazonS3
etag
W/"5461205c5ae475ae4bfcdc4c6e759914"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
vj6iusCnSGdrHy_NPQgJpo0jev7FOrEaBoJ0ncc1Wr9EsqAz4Znp-Q==
6352.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/6352.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3906958111ec3cc15750fca273f86f2dde10c920a898460830df0372c4366a06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
sCxsFQfJFOTCAyIb_uevZACVPt1Q5rvM
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
W/"07caa03c0769edaa6bef7fbe86d42b11"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
4N0BT9BLgJsvw9Z1YNE4RHT7ZW5ovzVonu--GvNrmz2S3rnt8PqAIg==
6352.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/6352.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0950e142e25cc90ed25017dfb3e418e5d2289a6880c2efbe5b6a2d9b993bc1d0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
Ob.zIM.a3Htd2MBVf1oqNoLJMFJIO5s1
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:14 GMT
server
AmazonS3
etag
W/"8e70e41107717a8eead93cf39886b1a9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
ijilvoCWHGABIhARARS2-Hn-fn33kJg-Ylv19Ks7sYHzPq5vDq_qiQ==
2308.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/2308.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa3be4e3958bba3b60b76f65bd65112782b14c4c866b010cc5f3eae1d2561bc8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
9dOtI4yuHGEyMn8okwvWVNm61T3Wi1AU
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"5aa412e6e2c60aae47761749fd30cc8d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
zdUPTXRlUNpVCBOcCoM4StSdf-deNE3Q2pKO-B8bLOl9LyI3_p3kgw==
1893.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		363 B
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/1893.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
j5zkNTS0OM6JQ6MUa1aH78LB0g59Sdsj
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
363
last-modified
Thu, 09 May 2024 15:41:16 GMT
server
AmazonS3
etag
"8a9c8ed7c197723e2929b511b17a1870"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jLIVbgYWku64Qym9Fb0aWju7JsG1x-JW474ssyjrO4qOqdvUYH1ObQ==
dice.css
app.nzrplus.com/style/6.0.2.6088358/css/ 		707 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/style/6.0.2.6088358/css/dice.css
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c5b0f2a1a6973ae83b38783d27a817e39e9d042d6c65051a748ede588b021dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
l6Kj4LU9kPUNaUX1nWp_A.bh2MCnY1Zm
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:17 GMT
server
AmazonS3
etag
W/"7b1d67ec7b57dc2f5dd7a1a5b4110845"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
Cu74NxaOBro9n4ft5NpJgEUtUdtPxr30flokUDqYObnRwmoRFalP9Q==
dice.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/dice.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86b28743dbfa16a46927f9519a491e1d465ce790c2c0349a61200606fdd6b7e0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:42:44 GMT
x-amz-version-id
av6RcawmY3V7PwZtIBGC5ilNY8KvtYWN
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23474
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:15 GMT
server
AmazonS3
etag
W/"e00db94fc62fb31b1b33c73d801c2b2a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
QrRbi1zmtI3bFvdzj-0Bhlj-V-0HvJHV0CL7xEU0XnrWJPUfxcm-JA==
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
75822f0a3172878861efc0740f07aa903d546595900c9fe025682984f7d93775

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Realm
dce.nzrugby
x-app-var
6.0.2.6088358
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MTUyOTI4MzYsImRldiI6IkJST1dTRVIiLCJlbnQiOnt9LCJlbnYiOiJwcm9kIiwiZXhwIjoxNzE1MjkzNDM2LCJndWUiOnRydWUsImlhdCI6MTcxNTI5MjgzNiwiaXAiOiIxMDMuNzUuMTEuMTAxIiwiaXNzIjoiZGNlLWlkIiwibG8yIjoiTlosQXVja2xhbmQsQXVja2xhbmQsQXVja2xhbmQsMTAxMCwwLDEsMCIsInBhciI6MCwicHJvIjp7ImlkIjoiQ0pYQkpwfDQ0NDhlYWU4LTkwOTktNDc2OS1hNTUzLWMyNThhNjhkZTY2YyIsInRwIjoiYSJ9LCJyb2wiOiJDVVNUT01FUiIsInN1YiI6IkNKWEJKcHw0NDQ4ZWFlOC05MDk5LTQ3NjktYTU1My1jMjU4YTY4ZGU2NmMiLCJ1dHAiOiJIVU1BTiJ9.HD4dronroffzNt3Yv9vSsTbMgcj98OVV7xgnj2edfhQ0wkFTwwTyh1eN2-2Gow81Vn4szBGqmslrwWEfVt7qCx9X4rcdt7D2RqLAe_d5kz-nCAtmzclXzDBoTXG_Ak5uhLwkUA0FSdTRA6YORpQ5NhCLteuXZjw6SHSsTmktKCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
processing-time
2
access-control-allow-credentials
true
content-type
application/json
request-id
fc3e3670c0ce102c
content-length
640
WEB
dce-frontoffice.imggaming.com/api/v2/navigation/menu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/navigation/menu/WEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 09 May 2024 22:13:57 GMT
loc
eu-west-1
processing-time
1
request-id
b3dcda67afea1db0
vary
Origin
js
www.googletagmanager.com/gtag/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ac10516d62d2ddc08f8809185615c374279b8e7825bfec5a7662423457c5cd41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88454
x-xss-protection
0
last-modified
Thu, 09 May 2024 21:15:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 22:13:57 GMT
destination
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c733eeaa7f8211fc0741a6559258275644a4d9b5cdc1016b31b9b6927293cb65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87365
x-xss-protection
0
last-modified
Thu, 09 May 2024 21:15:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 22:13:57 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 07 May 2024 17:43:30 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"337f63427080a8d6a60316b759dab390"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12083
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML4CN7G8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000023-IAD, cache-syd10182-SYD
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f019:116:face:b00c:0:3 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 22:13:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
MODERATE; q=0.3, rtt=180, rtx=0, c=12, mss=1326, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
NQrDHNWoHNu1b/5gBfBvHeR+0IDZdu+cfdR0Zb1pMwQe/qXHrlUGEMTXjcAWXysUDXblt8G5WFgtvuQgCM12/g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
404.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/404.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc09bd9e7d8b452f9192014c6e58935ed56816b310d56ca09b91a63cff25e8dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 20:12:46 GMT
x-amz-version-id
6P6Ued.DfXJUOENgEaoz0ZvXIYRrGiG7
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
7272
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:14 GMT
server
AmazonS3
etag
W/"12cbd54e9ab2a010c3e160c14ed91dae"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
RwfdwJv3DBAuvUw18IqNLLUBgXIPgaX_pDann7SVXS8VA3HjmMtgIg==
National2Condensed-Medium.ttf
static.diceplatform.com/prod/original/dce.nzrugby/fonts/ 		107 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/fonts/National2Condensed-Medium.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae194a3960a19a104a204ecf869413e95b230ba6a1a748177d323e6ebfe9160e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Origin
https://app.nzrplus.com
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:58 GMT
content-encoding
gzip
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
last-modified
Thu, 03 Aug 2023 13:19:39 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
W/"a49afdc1e2e5bdf230fca04e4ed78ec1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZWkQPrbp3xHnqQ2nZ-Wl4JiI5rfWfWg2H1t0eJmeHKkzqT0iAuHOIw==
Roboto-Medium.ttf
app.nzrplus.com/assets/fonts/ 		159 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/assets/fonts/Roboto-Medium.ttf
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/style/6.0.2.6088358/css/8520.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8559132c89ad51d8a2ba5b171887a44a7ba93776e205f553573de228e64b45f8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/style/6.0.2.6088358/css/8520.css
Origin
https://app.nzrplus.com
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jul 2023 22:06:08 GMT
x-amz-version-id
hVYnPyo.rQflQWTheam_1uL4OXe64yPY
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
24538070
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 28 Jul 2023 13:21:39 GMT
server
AmazonS3
etag
W/"fe13e4170719c2fc586501e777bde143"
vary
Accept-Encoding
content-type
font/ttf
cache-control
max-age=31536000
x-amz-cf-id
u8tuxbjaP4MmBC8_HOhyg9nbe77_Ld7l7fUK_eIjEvVU5sxrTGwKNg==
NZR-LOGO.MTffM.png
static.diceplatform.com/prod/AUTOx350/dce.nzrugby/settings/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.diceplatform.com/prod/AUTOx350/dce.nzrugby/settings/NZR-LOGO.MTffM.png?ts=1689765879
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c4fadff3842ee289911d583a790ea2a49e78f6956edd30e7477277c0b3faef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 05 Mar 2024 09:20:29 GMT
via
1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
last-modified
Tue, 05 Mar 2024 09:20:29 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
5662409
etag
"999409d18c8d5bbb228871cf0a200918"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
content-length
20001
x-amz-cf-id
Cn-b8NSYG6o7ub-AP36e73DVRD8RGVVpiv0QTtvJ1DaQtymWrxhDDw==
authentication-providers
dce-frontoffice.imggaming.com/api/v2/realm/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/realm/authentication-providers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 09 May 2024 22:13:57 GMT
loc
eu-west-1
processing-time
0
request-id
da4784d3ef759a9b
vary
Origin
authentication-providers
dce-frontoffice.imggaming.com/api/v2/realm/ 		315 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v2/realm/authentication-providers
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e373b17638a65d0711224d06d6d18711e140c91b04935adfb0c42f1d3a01a981

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Realm
dce.nzrugby
x-app-var
6.0.2.6088358
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MTUyOTI4MzYsImRldiI6IkJST1dTRVIiLCJlbnQiOnt9LCJlbnYiOiJwcm9kIiwiZXhwIjoxNzE1MjkzNDM2LCJndWUiOnRydWUsImlhdCI6MTcxNTI5MjgzNiwiaXAiOiIxMDMuNzUuMTEuMTAxIiwiaXNzIjoiZGNlLWlkIiwibG8yIjoiTlosQXVja2xhbmQsQXVja2xhbmQsQXVja2xhbmQsMTAxMCwwLDEsMCIsInBhciI6MCwicHJvIjp7ImlkIjoiQ0pYQkpwfDQ0NDhlYWU4LTkwOTktNDc2OS1hNTUzLWMyNThhNjhkZTY2YyIsInRwIjoiYSJ9LCJyb2wiOiJDVVNUT01FUiIsInN1YiI6IkNKWEJKcHw0NDQ4ZWFlOC05MDk5LTQ3NjktYTU1My1jMjU4YTY4ZGU2NmMiLCJ1dHAiOiJIVU1BTiJ9.HD4dronroffzNt3Yv9vSsTbMgcj98OVV7xgnj2edfhQ0wkFTwwTyh1eN2-2Gow81Vn4szBGqmslrwWEfVt7qCx9X4rcdt7D2RqLAe_d5kz-nCAtmzclXzDBoTXG_Ak5uhLwkUA0FSdTRA6YORpQ5NhCLteuXZjw6SHSsTmktKCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
gzip
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
processing-time
6
access-control-allow-credentials
true
content-type
application/json
request-id
ba0c23221244f897
content-length
254
t2_gfeyuwzzi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gfeyuwzzi_telemetry
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1715292837418&id=t2_gfeyuwzzi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=89470e4b-c54a-4bbe-8044-0ccde940d1dc&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_a8bbbcc6&dpm=&dpcc=&dprc=
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=072173d4-bdfd-4b16-b8f1-42e302144aaa&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=116a3349-d8da-4b22-ade4-6dc7efc5a961&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
214
date
Thu, 09 May 2024 22:13:57 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
5e5b0aed070d6453
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
017048383ab67ac1938e1fd60ab8cbe9cc477fa51ca68f6c81094b3dab7fddf7
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=072173d4-bdfd-4b16-b8f1-42e302144aaa&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=116a3349-d8da-4b22-ade4-6dc7efc5a961&tw_document_href=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&tw_iframe_status=0&txn_id=oclsx&type=javascript&version=2.3.30
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
208
date
Thu, 09 May 2024 22:13:57 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
8cfdfb022409e553
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
095a7c9c0b53098f2ff7f7f3e80411aced208892c0f4f82a45bffa6f4e64a908
content-length
43
view
dce-frontoffice.imggaming.com/api/v1/route/ 		122 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/route/view?path=/gaming
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fba4a329c72ed881a893c20903d765aefb43dd25f1df4372a140eaef02ccb383

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Realm
dce.nzrugby
x-app-var
6.0.2.6088358
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MTUyOTI4MzYsImRldiI6IkJST1dTRVIiLCJlbnQiOnt9LCJlbnYiOiJwcm9kIiwiZXhwIjoxNzE1MjkzNDM2LCJndWUiOnRydWUsImlhdCI6MTcxNTI5MjgzNiwiaXAiOiIxMDMuNzUuMTEuMTAxIiwiaXNzIjoiZGNlLWlkIiwibG8yIjoiTlosQXVja2xhbmQsQXVja2xhbmQsQXVja2xhbmQsMTAxMCwwLDEsMCIsInBhciI6MCwicHJvIjp7ImlkIjoiQ0pYQkpwfDQ0NDhlYWU4LTkwOTktNDc2OS1hNTUzLWMyNThhNjhkZTY2YyIsInRwIjoiYSJ9LCJyb2wiOiJDVVNUT01FUiIsInN1YiI6IkNKWEJKcHw0NDQ4ZWFlOC05MDk5LTQ3NjktYTU1My1jMjU4YTY4ZGU2NmMiLCJ1dHAiOiJIVU1BTiJ9.HD4dronroffzNt3Yv9vSsTbMgcj98OVV7xgnj2edfhQ0wkFTwwTyh1eN2-2Gow81Vn4szBGqmslrwWEfVt7qCx9X4rcdt7D2RqLAe_d5kz-nCAtmzclXzDBoTXG_Ak5uhLwkUA0FSdTRA6YORpQ5NhCLteuXZjw6SHSsTmktKCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
vary
Realm, Authorization, Accept-Language, Origin
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
processing-time
3
access-control-allow-credentials
true
content-type
application/json
request-id
157c7059f2ed14fb
content-length
122
view
dce-frontoffice.imggaming.com/api/v1/route/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/route/view?path=/gaming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 09 May 2024 22:13:57 GMT
loc
eu-west-1
processing-time
1
request-id
0e66eedc7868d75c
vary
Origin
destination
www.googletagmanager.com/gtag/ 		309 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ae3a5030b0ccfd984bdb719ca8559058b8008bcb545827a83e0c15ec92f75e3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104536
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 May 2024 22:13:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11011756152/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11011756152/?random=1715292837589&cv=11&fst=1715292837589&bg=ffffff&guid=ON&async=1&gtm=45be4510v896579455z89135919949za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&hn=www.googleadservices.com&frm=0&tiba=New%20Zealand%20Rugby&npa=0&pscdl=noapi&auid=248995650.1715292837&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11011756152&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
db44a0d27af8d2b1469a4734acbfab083308484480288fb5a02109eda6cf2cd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1919.js
app.nzrplus.com/code/6.0.2.6088358/js/chunks/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/code/6.0.2.6088358/js/chunks/1919.js
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d300dacb92dcaa010507fdea7605d777c21d4e12b8c3c1e7124c7b8d5e445b4e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 15:43:22 GMT
x-amz-version-id
Gl9IVnszRAFoVS9TFKypaQ7_CsTE4oLX
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
age
23436
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:13 GMT
server
AmazonS3
etag
W/"26b33888c041cecb690cb540061f93a1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
5cZ-0gjUo3JtMP1OqRXClMRpiEFSkvG2WCDAr845l6ILFZ_JpfygJQ==
Haka_Icons-AllBlacks-edit.2uhLq.XvUQh.svg
static.diceplatform.com/prod/original/dce.nzrugby/menus/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/menus/Haka_Icons-AllBlacks-edit.2uhLq.XvUQh.svg
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50847ba24b0c9fe071021ade828b7709ad169aebb307dc9a339fcf8e0f36b8e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:59 GMT
content-encoding
gzip
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Mar 2024 13:16:04 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
W/"54dc9546060897df2aca9bb3c4f1c88f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
MozK4bbwEwSHc9VncrhA2HTHE7L-uzla6irMtVImrof8X8ZVA9TXkg==
Haka_Icons-BlackFerns-edit.V6xlv.cX95Y.svg
static.diceplatform.com/prod/original/dce.nzrugby/menus/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/menus/Haka_Icons-BlackFerns-edit.V6xlv.cX95Y.svg
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93870bd3496ee623cfd06b16b8a5c86d377bfb838ab6e756d24411d90bcfaff8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:59 GMT
content-encoding
gzip
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Mar 2024 13:16:04 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
W/"254dada1d13c4de52e632648081b5d22"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rS2ISx3NyGYMjkv1K9VCC0mDQIwPXrc1rNg_F2nYu1QfF1mBAUA2yQ==
News-02.m6dns.7ubMe.svg
static.diceplatform.com/prod/original/dce.nzrugby/menus/ 		2 KB
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/menus/News-02.m6dns.7ubMe.svg
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01518dc0318737a8200e51471c5d890c22caeda949b63e47173e15dfa0ec5c65

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:59 GMT
content-encoding
gzip
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Mar 2024 19:38:06 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
W/"0ad99e998fd8b87c03ebf9b2634ab7c7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Zeuo7HpAqZPWWFbXk_g7Xuzu_Pjr8AHd72aoIdhPjg3vl7Az0Yz_ug==
NZR_Icon_Shop.iTAqx.odP4c.svg
static.diceplatform.com/prod/original/dce.nzrugby/menus/ 		910 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/menus/NZR_Icon_Shop.iTAqx.odP4c.svg
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11ff56a198e945754a5b88d3a76736c73372744a32ab149d1f42bfa8527dd9c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:59 GMT
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 15:29:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
"3bf85b79254943194ec7f35d77a1053d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
content-length
910
x-amz-cf-id
AJa6MqgbZ58u_z-S7Q-29FVqw3jnECNEjipXHfG50Bhop4L-OiVE-g==
NZR_Icon_Ticket.bdAYs.vmHay.svg
static.diceplatform.com/prod/original/dce.nzrugby/menus/ 		1006 B
911 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/menus/NZR_Icon_Ticket.bdAYs.vmHay.svg
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c44a66ed4e50e9e48e4a7dbc18ee06bc0e2fca80d67838f597bde5d2646231f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:59 GMT
content-encoding
gzip
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 15:29:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
W/"8fa55ec8af23c30a519a158ef9f8cd0e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_CUnQhQ7PuNeJYf3rLVnIfIB8d5NmAXaCLBz0qkumRmj7ZpO900Y3Q==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11151866773/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11151866773/?random=1715292837910&cv=11&fst=1715292837910&bg=ffffff&guid=ON&async=1&gtm=45be4510v9117817558z89135919949za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&hn=www.googleadservices.com&frm=0&tiba=New%20Zealand%20Rugby&npa=0&pscdl=noapi&auid=248995650.1715292837&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11151866773&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ca01c18241a58f16dd4b6c3d3a98aa8438db5f99d80bbbebc34edab78384775b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1468
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11011756152/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11011756152/?random=1715292837589&cv=11&fst=1715292000000&bg=ffffff&guid=ON&async=1&gtm=45be4510v896579455z89135919949za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&hn=www.googleadservices.com&frm=0&tiba=New%20Zealand%20Rugby&npa=0&pscdl=noapi&auid=248995650.1715292837&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqNLfrVcsKFI1boyFZvE1s6HrT0Y0JBw&random=1428692111&rmt_tld=0&ipr=y
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.nz/pagead/1p-user-list/11011756152/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-user-list/11011756152/?random=1715292837589&cv=11&fst=1715292000000&bg=ffffff&guid=ON&async=1&gtm=45be4510v896579455z89135919949za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&hn=www.googleadservices.com&frm=0&tiba=New%20Zealand%20Rugby&npa=0&pscdl=noapi&auid=248995650.1715292837&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqNLfrVcsKFI1boyFZvE1s6HrT0Y0JBw&random=1428692111&rmt_tld=1&ipr=y
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11151866773/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11151866773/?random=1715292837910&cv=11&fst=1715292000000&bg=ffffff&guid=ON&async=1&gtm=45be4510v9117817558z89135919949za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&hn=www.googleadservices.com&frm=0&tiba=New%20Zealand%20Rugby&npa=0&pscdl=noapi&auid=248995650.1715292837&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqHjCYcQ67ZNUFI7ka_5qsn9IZqljDxA&random=2391544919&rmt_tld=0&ipr=y
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.nz/pagead/1p-user-list/11151866773/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-user-list/11151866773/?random=1715292837910&cv=11&fst=1715292000000&bg=ffffff&guid=ON&async=1&gtm=45be4510v9117817558z89135919949za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&hn=www.googleadservices.com&frm=0&tiba=New%20Zealand%20Rugby&npa=0&pscdl=noapi&auid=248995650.1715292837&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqHjCYcQ67ZNUFI7ka_5qsn9IZqljDxA&random=2391544919&rmt_tld=1&ipr=y
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dce.nzrugby.json
app.nzrplus.com/redirects/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.nzrplus.com/redirects/dce.nzrugby.json
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc34f67c9df1ca51cade6763b017481a3068dfa1946b00f514f8b020e27803b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fRV54v5nPp6INWmLJFUQhxX.jkTdEey4
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
date
Thu, 09 May 2024 22:13:59 GMT
age
2
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 May 2024 15:41:18 GMT
server
AmazonS3
etag
W/"366ac75397c249bbbfccf297d274772f"
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=5
x-amz-cf-id
yQZP-qtTY1trs9mNMOq4nEzsoYjySWZeOrWXFPwLi5R5aYzpwg4QCQ==
page-not-found
dce-frontoffice.imggaming.com/api/v1/ 		29 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/page-not-found
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91c81b6fcf54c835e15921a4ed446d9973688a602a33f0baad2233cfa5882aed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Realm
dce.nzrugby
x-app-var
6.0.2.6088358
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MTUyOTI4MzYsImRldiI6IkJST1dTRVIiLCJlbnQiOnt9LCJlbnYiOiJwcm9kIiwiZXhwIjoxNzE1MjkzNDM2LCJndWUiOnRydWUsImlhdCI6MTcxNTI5MjgzNiwiaXAiOiIxMDMuNzUuMTEuMTAxIiwiaXNzIjoiZGNlLWlkIiwibG8yIjoiTlosQXVja2xhbmQsQXVja2xhbmQsQXVja2xhbmQsMTAxMCwwLDEsMCIsInBhciI6MCwicHJvIjp7ImlkIjoiQ0pYQkpwfDQ0NDhlYWU4LTkwOTktNDc2OS1hNTUzLWMyNThhNjhkZTY2YyIsInRwIjoiYSJ9LCJyb2wiOiJDVVNUT01FUiIsInN1YiI6IkNKWEJKcHw0NDQ4ZWFlOC05MDk5LTQ3NjktYTU1My1jMjU4YTY4ZGU2NmMiLCJ1dHAiOiJIVU1BTiJ9.HD4dronroffzNt3Yv9vSsTbMgcj98OVV7xgnj2edfhQ0wkFTwwTyh1eN2-2Gow81Vn4szBGqmslrwWEfVt7qCx9X4rcdt7D2RqLAe_d5kz-nCAtmzclXzDBoTXG_Ak5uhLwkUA0FSdTRA6YORpQ5NhCLteuXZjw6SHSsTmktKCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:58 GMT
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
processing-time
1
access-control-allow-credentials
true
content-type
application/json
request-id
de7bc999eaf7467b
content-length
29
page-not-found
dce-frontoffice.imggaming.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/page-not-found
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app,authorization,content-type,realm,x-api-key,x-app-var
Access-Control-Request-Method
GET
Origin
https://app.nzrplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,Realm,x-api-key,x-app-var,Accept-Language,Origin,challenge-input,app,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE
access-control-allow-origin
https://app.nzrplus.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 09 May 2024 22:13:58 GMT
loc
eu-west-1
processing-time
0
request-id
6613f3870f5fe45a
vary
Origin
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7MSG54SCKT&gtm=45je4510v9137464323z89135919949za200&_p=1715292836241&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=745181853.1715292838&ul=en-nz&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715292838&sct=1&seg=0&dl=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&dt=New%20Zealand%20Rugby&en=dice_navigation.general&_fv=1&_nsi=1&_ss=2&tfd=5978
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7MSG54SCKT&cid=745181853.1715292838&gtm=45je4510v9137464323z89135919949za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7MSG54SCKT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.nzrplus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7MSG54SCKT&cid=745181853.1715292838&gtm=45je4510v9137464323z89135919949za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=967650166
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 22:13:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
696296242296371
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696296242296371?v=2.9.156&r=stable&domain=app.nzrplus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f019:116:face:b00c:0:3 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c54ea92f15bd686d22943c43fc91a56b73b40102de297e6df4996d3e5b43b791
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 22:13:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
MODERATE; q=0.3, rtt=180, rtx=0, c=62, mss=1326, tbw=63281, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
58lawhy0c32D+3GMbMCXBVjvFUcleuUM3lL5ySMrr6b38FwqgSCjgADcz9WdadqYgm/6Eu/y0YxBiBa5iH7KjQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
481997073503704
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481997073503704?v=2.9.156&r=stable&domain=app.nzrplus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
4cfc9d97c517e834b39d1755e2c74c160b7edecc3640faf7032aabadb4ad5af6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 22:13:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4828
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4326, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
ADwzilGLQgkyJPlhAN4uLv6G2g6kPa/f7WPJJo5LK8YlqfrUIEQNv4OGMQfP4nydLiNg3a4nQKiV0J2YITSoIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696296242296371&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&rl=&if=false&ts=1715292838575&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715292838574.1633110542&ler=empty&cdl=API_unavailable&it=1715292838363&coo=false&rqm=GET
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
MODERATE; q=0.3, rtt=200, rtx=0, c=10, mss=1326, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 09 May 2024 22:13:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481997073503704&ev=PageView&dl=https%3A%2F%2Fapp.nzrplus.com%2Fgaming%3Futm_medium%3Demail%26utm_source%3Demail%26utm_campaign%3Dnzrplus%26utm_content%3Dplay-predictor&rl=&if=false&ts=1715292838648&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715292838574.1633110542&ler=empty&cdl=API_unavailable&cs_est=true&it=1715292838363&coo=false&rqm=GET
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.nzrplus.com/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
MODERATE; q=0.3, rtt=200, rtx=0, c=10, mss=1326, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 09 May 2024 22:13:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 94F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-18.syd3.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
386
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 09 May 2024 22:07:34 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Mon, 06 May 2024 20:02:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 4ec881b9cff95ab6b1f20a72ee8404c4.cloudfront.net (CloudFront)
x-amz-cf-id
qwYqFGvBL3zJqCPkw5HQUUjcPQQlu3CLMRiBeVaMD1TCoi2pYFSRTg==
x-amz-cf-pop
SYD3-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
page-not-found
dce-frontoffice.imggaming.com/api/v1/ 		29 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-frontoffice.imggaming.com/api/v1/page-not-found
Requested by
Host: app.nzrplus.com
URL: https://app.nzrplus.com/code/6.0.2.6088358/js/8692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.113.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-113-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91c81b6fcf54c835e15921a4ed446d9973688a602a33f0baad2233cfa5882aed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Realm
dce.nzrugby
x-app-var
6.0.2.6088358
Accept-Language
en-GB
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInB1ciI6IkFVVCIsInNpZyI6ImciLCJ0eXAiOiJKV1QiLCJ2IjozfQ.eyJhcCI6eyJhcHQiOiJJRCJ9LCJhcHIiOiJJRCIsImF1ZCI6WyJkY2UubnpydWdieSJdLCJjaGsiOjE3MTUyOTI4MzYsImRldiI6IkJST1dTRVIiLCJlbnQiOnt9LCJlbnYiOiJwcm9kIiwiZXhwIjoxNzE1MjkzNDM2LCJndWUiOnRydWUsImlhdCI6MTcxNTI5MjgzNiwiaXAiOiIxMDMuNzUuMTEuMTAxIiwiaXNzIjoiZGNlLWlkIiwibG8yIjoiTlosQXVja2xhbmQsQXVja2xhbmQsQXVja2xhbmQsMTAxMCwwLDEsMCIsInBhciI6MCwicHJvIjp7ImlkIjoiQ0pYQkpwfDQ0NDhlYWU4LTkwOTktNDc2OS1hNTUzLWMyNThhNjhkZTY2YyIsInRwIjoiYSJ9LCJyb2wiOiJDVVNUT01FUiIsInN1YiI6IkNKWEJKcHw0NDQ4ZWFlOC05MDk5LTQ3NjktYTU1My1jMjU4YTY4ZGU2NmMiLCJ1dHAiOiJIVU1BTiJ9.HD4dronroffzNt3Yv9vSsTbMgcj98OVV7xgnj2edfhQ0wkFTwwTyh1eN2-2Gow81Vn4szBGqmslrwWEfVt7qCx9X4rcdt7D2RqLAe_d5kz-nCAtmzclXzDBoTXG_Ak5uhLwkUA0FSdTRA6YORpQ5NhCLteuXZjw6SHSsTmktKCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app.nzrplus.com/
app
dice
x-api-key
857a1e5d-e35e-4fdf-805b-a87b6f8364bf
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 22:13:59 GMT
vary
Realm, Authorization, Accept-Language, Origin, Accept-Encoding
loc
eu-west-1
outside-region
INSIDE
access-control-allow-origin
https://app.nzrplus.com
access-control-expose-headers
Outside-Region,Date,request-id,loc,challenge-response-id-token,challenge-required,challenge-response,processing-time,x-next-heartbeat,x-vpn-detected,CM-APP-BUNDLE,CM-APP-NAME,CM-APP-STOREID,CM-APP-VERSION,CM-DVC-DNT,CM-DVC-H,CM-DVC-W,CM-DVC-IFA,CM-DVC-LANG,CM-DVC-LAT,CM-DVC-MAKE,CM-DVC-MODEL,CM-DVC-OS,CM-DVC-OSV,CM-DVC-TYPE,CM-DVC-UA,CM-WEB-PAGE,CM-WEB-MBL,CM-CST-TCF,CM-CST-USP
processing-time
3
access-control-allow-credentials
true
content-type
application/json
request-id
7c6bb828b9030045
content-length
29
NZR_2B_app_logo_1024x1024.wwsaP.jpg
static.diceplatform.com/prod/original/dce.nzrugby/settings/
Redirect Chain
  • https://dce-frontoffice.imggaming.com/api/v2/realm-settings/settings/APP_ICON/redirect?domain=app.nzrplus.com
  • https://static.diceplatform.com/prod/original/dce.nzrugby/settings/NZR_2B_app_logo_1024x1024.wwsaP.jpg?ts=1685629399
90 KB
90 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/NZR_2B_app_logo_1024x1024.wwsaP.jpg?ts=1685629399
Protocol
H3
Server
108.158.32.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-74.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad8a43be4d3b84c9ac8a45131c86c5115e65e30d1e9edcf19a92c94d26f18993

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://app.nzrplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 22:14:01 GMT
via
1.1 4445030cc387fae2e8f01664465bd4fc.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 14:23:20 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
etag
"b846d5178e88d8cad72fca89f91bd2ae"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400
content-length
92040
x-amz-cf-id
PGa1jqFIiBW0sULlkQt8h8FcqRpHDSH7RsT7yBJdUWcbbLJy9ITcqw==

Redirect headers

date
Thu, 09 May 2024 22:14:00 GMT
vary
Realm, Authorization, Origin
loc
eu-west-1
location
https://static.diceplatform.com/prod/original/dce.nzrugby/settings/NZR_2B_app_logo_1024x1024.wwsaP.jpg?ts=1685629399
processing-time
0
cache-control
no-transform, max-age=10
request-id
caa6dd4d45e650c4
content-length
0

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkdice_web object| regeneratorRuntime object| ENV_CONF string| APP_READY object| AUTH_PROVIDERS object| APP_CONF string| VERSION object| DORIS string| OUTPUT_FOLDER object| webpackChunkStripeJSouter function| noop function| Stripe object| dataLayer string| REALM object| DOMAINS object| PAYMENT_PROVIDERS object| APPS object| MARKETING_PROVIDERS object| RAW_REALM_SETTINGS object| __SENTRY__ object| digitalData function| gtag object| DEFAULT_LICENCES object| google_tag_manager object| google_tag_data function| rdt function| twq function| fbq function| _fbq object| __algolia function| redditNormalizeEmail object| twttr object| GooglebQhCsO object| __sentry_instrumentation_handlers__ function| onYouTubeIframeAPIReady object| gaGlobal

11 Cookies

Domain/Path Name / Value
.nzrplus.com/ Name: _gcl_au
Value: 1.1.248995650.1715292837
.nzrplus.com/ Name: _rdt_uuid
Value: 1715292837417.89470e4b-c54a-4bbe-8044-0ccde940d1dc
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171529283797783172
.twitter.com/ Name: guest_id_ads
Value: v1%3A171529283797783172
.twitter.com/ Name: personalization_id
Value: "v1_0wcTSGXFTTaRAQrb8/dqKA=="
.twitter.com/ Name: guest_id
Value: v1%3A171529283797783172
.nzrplus.com/ Name: _ga
Value: GA1.1.745181853.1715292838
.t.co/ Name: muc_ads
Value: fdcadb43-d278-419a-8295-abc3ee8ff048
.nzrplus.com/ Name: _ga_7MSG54SCKT
Value: GS1.1.1715292838.1.0.1715292838.60.0.0
.nzrplus.com/ Name: _fbp
Value: fb.1.1715292838574.1633110542

11 Console Messages

Source Level URL
Text
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://dce-frontoffice.imggaming.com/api/v1/route/view?path=/gaming
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/696296242296371?v=2.9.156&r=stable&domain=app.nzrplus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.nzrplus.com/gaming?utm_medium=email&utm_source=email&utm_campaign=nzrplus&utm_content=play-predictor
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.google.com
analytics.twitter.com
app.nzrplus.com
click.mail.nz.rugby
connect.facebook.net
dce-frontoffice.imggaming.com
googleads.g.doubleclick.net
js.stripe.com
o129937.ingest.sentry.io
static.ads-twitter.com
static.diceplatform.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.redditstatic.com
104.244.42.195
104.244.42.5
108.158.32.18
108.158.32.74
128.245.209.99
142.250.204.4
142.250.66.194
142.250.66.232
142.250.71.67
151.101.28.157
151.101.65.140
157.240.8.23
18.67.93.38
2404:6800:4003:c1a::9a
2404:6800:4006:810::2008
2404:6800:4006:814::200e
2a03:2880:f019:116:face:b00c:0:3
2a03:2880:f119:8083:face:b00c:0:25de
2a04:4e42:600::396
34.120.195.249
34.247.113.159
01518dc0318737a8200e51471c5d890c22caeda949b63e47173e15dfa0ec5c65
0950e142e25cc90ed25017dfb3e418e5d2289a6880c2efbe5b6a2d9b993bc1d0
0c5b0f2a1a6973ae83b38783d27a817e39e9d042d6c65051a748ede588b021dd
1191817e48d0e32c1f86135dddfaa99e41a12bd82471473cda306d56a1a94c63
11ff56a198e945754a5b88d3a76736c73372744a32ab149d1f42bfa8527dd9c2
1437dfba423ca6116da2dd257ecc686fef1a3f75aabbbd7ef0da6420d9ff505d
2b52cc0e504bf33bd0f1e8840bde995a11ac65e6ba36a293cf4b4ff0e0765ca1
3906958111ec3cc15750fca273f86f2dde10c920a898460830df0372c4366a06
3fb59a8f0d7301b71cf272c54f45e643228a364190622b7c723b9c1295bb192c
42a878968b5aca7fba9d36c6df5018b08a24e638c50ab083025953a3d61e1bdd
43c4fadff3842ee289911d583a790ea2a49e78f6956edd30e7477277c0b3faef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e8c9046c6ef468e9696979ae03b810d610bd273198c8ca742d064e89838ec5
4cfc9d97c517e834b39d1755e2c74c160b7edecc3640faf7032aabadb4ad5af6
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
50847ba24b0c9fe071021ade828b7709ad169aebb307dc9a339fcf8e0f36b8e2
59b96a912dad5a41134ff64b3fc9fa4cb24d34035838951ce312455da953ca75
5c05d6e3b974c5bb099d57a1ce4c669fecaf82e83ce442281e4ca8d4cc733d66
5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071
5f71f8f9bbf1d8f7a7a7f64067bd604bccfa8edc488daef9a4563e197bb66746
5fe906f1f932ae7f520ce9924f44869854d40d2d00a2ba1c29a95febef20008c
6aade5f9a140df1389d845a644f0ce681ba12830a7d9098c4c3ec9c7d4ea5155
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
75822f0a3172878861efc0740f07aa903d546595900c9fe025682984f7d93775
8559132c89ad51d8a2ba5b171887a44a7ba93776e205f553573de228e64b45f8
86b28743dbfa16a46927f9519a491e1d465ce790c2c0349a61200606fdd6b7e0
8de3b85336ed6c61c6ca752d857b2c3e0f3c06394fdc62ed3585e727de193a47
91c81b6fcf54c835e15921a4ed446d9973688a602a33f0baad2233cfa5882aed
93870bd3496ee623cfd06b16b8a5c86d377bfb838ab6e756d24411d90bcfaff8
9a551f47c526521f2cbe3e6fc5ff0dd6ddcb474d89de64dd440d866f4f224f1d
9c44a66ed4e50e9e48e4a7dbc18ee06bc0e2fca80d67838f597bde5d2646231f
a0522b799af0eb6aa3a225b469439603a5fbde621de3a50798eb6eb20a2833ed
a6ba7f5cefeb2cba2091d6211ee89b3ef86ffe53a42fe151a7cf3c8b63b0cd5d
ac10516d62d2ddc08f8809185615c374279b8e7825bfec5a7662423457c5cd41
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad8a43be4d3b84c9ac8a45131c86c5115e65e30d1e9edcf19a92c94d26f18993
ae194a3960a19a104a204ecf869413e95b230ba6a1a748177d323e6ebfe9160e
ae3a5030b0ccfd984bdb719ca8559058b8008bcb545827a83e0c15ec92f75e3c
b4ec3e2dcc2831693473596a8ac103b9e43d81fb4ef107831d753b50fdd1f393
b7d6a1b2a5c9834d81eda40d94cacc35f96e58aadf19922d511ead3e96f9be51
bb3fac646cae4ac79143986dc7b92e212fd15cf2de93c8fae5f7c25d3e0e135c
bc09bd9e7d8b452f9192014c6e58935ed56816b310d56ca09b91a63cff25e8dc
c25c5584e905d3b87d9ab90c9b855d22288163e809ff1f5f13428dabc81437dc
c54ea92f15bd686d22943c43fc91a56b73b40102de297e6df4996d3e5b43b791
c64f63e7f679542e1fc164573f0d77392471ddf42b0f21a34acaadbafeee2236
c733eeaa7f8211fc0741a6559258275644a4d9b5cdc1016b31b9b6927293cb65
ca01c18241a58f16dd4b6c3d3a98aa8438db5f99d80bbbebc34edab78384775b
d300dacb92dcaa010507fdea7605d777c21d4e12b8c3c1e7124c7b8d5e445b4e
db44a0d27af8d2b1469a4734acbfab083308484480288fb5a02109eda6cf2cd8
dc34f67c9df1ca51cade6763b017481a3068dfa1946b00f514f8b020e27803b2
e373b17638a65d0711224d06d6d18711e140c91b04935adfb0c42f1d3a01a981
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa323ab54a7079c2b551428212dee31d7b8b84ce9fc92761f268b4a86bbdd491
fa3be4e3958bba3b60b76f65bd65112782b14c4c866b010cc5f3eae1d2561bc8
fba4a329c72ed881a893c20903d765aefb43dd25f1df4372a140eaef02ccb383
fe681434c749d9df44e04f6c3da5e7695492969cda986e4710cfee412fcc5236