urlscan.io logo urlscan.io
SecurityTrails logo

fantasy.nrl.com Open in urlscan Pro
2600:9000:2644:e800:b:4320:3300:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fantasy.nrl.com/
Effective URL: https://fantasy.nrl.com/
Submission: On February 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 112 HTTP transactions. The main IP is 2600:9000:2644:e800:b:4320:3300:93a1, located in United States and belongs to AMAZON-02, US. The main domain is fantasy.nrl.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 15th 2023. Valid for: a year.
This is the only time fantasy.nrl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:264... 16509 (AMAZON-02)
47 2600:9000:264... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 104.18.72.113 13335 (CLOUDFLAR...)
2 23.211.10.211 16625 (AKAMAI-AS)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 104.18.70.113 13335 (CLOUDFLAR...)
9 99.86.4.99 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.16.53.111 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.186.38 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
2 2600:9000:205... 16509 (AMAZON-02)
2 162.247.243.29 54113 (FASTLY)
3 54.187.119.242 16509 (AMAZON-02)
1 44.240.111.178 16509 (AMAZON-02)
5 151.101.194.133 54113 (FASTLY)
112 28
1    2600:9000:2644:ee00:b:4320:3300:93a1 (United States)

ASN16509 (AMAZON-02, US)
fantasy.nrl.com
47    2600:9000:2644:e800:b:4320:3300:93a1 (United States)

ASN16509 (AMAZON-02, US)
fantasy.nrl.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
2    23.211.10.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-10-211.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
4    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
survey.survicate.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
9    99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
surveys-static.survicate.com
5    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
nrlfantasy.zendesk.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2600:9000:2057:1400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
r.stripe.com
1    44.240.111.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-111-178.us-west-2.compute.amazonaws.com
m.stripe.com
5    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
www.nrl.com
Apex Domain
Subdomains		 Transfer
53 nrl.com
fantasy.nrl.com
www.nrl.com — Cisco Umbrella Rank: 671621
1 MB
13 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1204
r.stripe.com — Cisco Umbrella Rank: 3338
m.stripe.com — Cisco Umbrella Rank: 1173
435 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
547 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2124
21 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 99
120 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
ad.doubleclick.net — Cisco Umbrella Rank: 157
165 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
158 KB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2217
ekr.zdassets.com — Cisco Umbrella Rank: 2541
278 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242
850 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1277
18 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
216 B
2 survicate.com
survey.survicate.com — Cisco Umbrella Rank: 4690
surveys-static.survicate.com — Cisco Umbrella Rank: 7053
5 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 764
px.moatads.com — Cisco Umbrella Rank: 674
109 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
7 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 592
10 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 47
3 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6553
408 B
1 zendesk.com
nrlfantasy.zendesk.com
1 KB
112 19
Domain Requested by
48 fantasy.nrl.com 1 redirects fantasy.nrl.com
9 js.stripe.com fantasy.nrl.com
js.stripe.com
7 www.googletagmanager.com fantasy.nrl.com
www.googletagmanager.com
www.google-analytics.com
5 www.nrl.com
5 www.google-analytics.com www.googletagmanager.com
fantasy.nrl.com
4 connect.facebook.net fantasy.nrl.com
connect.facebook.net
3 r.stripe.com js.stripe.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
fantasy.nrl.com
3 static.zdassets.com fantasy.nrl.com
static.zdassets.com
2 bam.nr-data.net js-agent.newrelic.com
fantasy.nrl.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 ad.doubleclick.net 2 redirects
2 fonts.gstatic.com fantasy.nrl.com
2 www.facebook.com fantasy.nrl.com
2 securepubads.g.doubleclick.net fantasy.nrl.com
securepubads.g.doubleclick.net
2 fonts.googleapis.com fantasy.nrl.com
1 m.stripe.com m.stripe.network
1 js-agent.newrelic.com fantasy.nrl.com
1 adservice.google.com fantasy.nrl.com
1 lh3.googleusercontent.com fantasy.nrl.com
1 www.google.de fantasy.nrl.com
1 www.google.com fantasy.nrl.com
1 stats.g.doubleclick.net fantasy.nrl.com
1 region1.google-analytics.com www.googletagmanager.com
1 nrlfantasy.zendesk.com static.zdassets.com
1 surveys-static.survicate.com survey.survicate.com
1 px.moatads.com fantasy.nrl.com
1 ekr.zdassets.com static.zdassets.com
1 survey.survicate.com fantasy.nrl.com
1 z.moatads.com fantasy.nrl.com
112 30
Subject Issuer Validity Valid
*.nrl.com
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.survicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-18 -
2024-08-31		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
nrlfantasy.zendesk.com
Cloudflare Inc ECC CA-3		 2023-12-09 -
2024-12-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
nrl.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-12 -
2025-03-14		 a year crt.sh

This page contains 5 frames:

Primary Page: https://fantasy.nrl.com/
Frame ID: 86F2DD4E7F96BCF26741C633073AEBF2
Requests: 96 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a0370fe.js
Frame ID: 8280E37E3DD703B8DC6F9CE6AA98F565
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
Frame ID: FA3C67D6AB7AC2894033ACB9E0CF5001
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 0B04620A2C4A92CA56D76D7FB963F112
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8DBA03566D7154AC9F51C66CA46A51F0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NRL Fantasy

Page URL History Show full URLs

  1. http://fantasy.nrl.com/ HTTP 301
    https://fantasy.nrl.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

112
Requests

99 %
HTTPS

63 %
IPv6

19
Domains

30
Subdomains

28
IPs

4
Countries

3481 kB
Transfer

10601 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fantasy.nrl.com/ HTTP 301
    https://fantasy.nrl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=388533808.1708744939;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=388533808.1708744939;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fantasy.nrl.com/
Redirect Chain
  • http://fantasy.nrl.com/
  • https://fantasy.nrl.com/
25 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
543aa4b76071b9d3a50c82528989dd55aa250d73f4aebfaa374236c6e7f4780e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
168
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 24 Feb 2024 03:19:31 GMT
etag
W/"41f67d8ad4fcf48c9b2e8c8e0568ccb2"
last-modified
Mon, 12 Feb 2024 05:39:39 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-id
5sdB57oAFgjnHHUUOZCEFanfZWIahbk0eyvHmYxOpl0KbnVSOLc5mQ==
x-amz-cf-pop
FRA60-P6
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sat, 24 Feb 2024 03:22:18 GMT
Location
https://fantasy.nrl.com/
Server
CloudFront
Via
1.1 41f78d12a2f737c8e7f8a05cb4262794.cloudfront.net (CloudFront)
X-Amz-Cf-Id
19iRBT_Jv0mrEjfigZOyvJ5LkcNaF8f6Eq2iyL2G5_NL8aT-x5IGfw==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Redirect from cloudfront
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3273996622afec9de3fde1cdde7686ad7e8a0c67b0073df16e84c8e099d6d898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Feb 2024 03:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 02:56:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Feb 2024 03:22:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af2979c5a83f9ca07fa88cbd8b7f95525351e2841fd0c5ed01b6947391a41263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29207
x-xss-protection
0
server
cafe
etag
111 / 19777 / m202402200101 / config-hash: 2958856145408218626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Feb 2024 03:22:18 GMT
js
www.googletagmanager.com/gtag/ 		192 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-47034296-3
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80ed5c71c79ae51043334efbf98d8c392b1deee38dcab564b33e475b37fc8274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70658
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Feb 2024 03:22:18 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=7da2a88a-3afb-4af6-b133-0abb9da2bb85
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:18 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
44
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nRww8GDpbrps5BXLq9NwvvRAirQ2gbsW9lmcyt%2Fw5n5kajAnRMl7TkUrBkdCIsiYXK3eFQViRoi%2B1LThmHM1QqTWN3qi0rgdk2HqS79nu%2BFIXTuGvJlzPIN9hXINBkrQCGUcq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
85a4955abcfe450a-TXL
access-control-allow-headers
*
moatad.js
z.moatads.com/wavemakeraudcmdisplay106871250942/ 		318 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/wavemakeraudcmdisplay106871250942/moatad.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-10-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b0979a3dabd376ba13b02f64e7232074981d6d493b9dcd1e6b4b788206756b3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sat, 24 Feb 2024 03:22:18 GMT
last-modified
Thu, 22 Feb 2024 08:23:59 GMT
server
AmazonS3
x-amz-request-id
9KG5M64W0S6158VS
etag
"f920d63d2d6ddb948e9ac628940572f7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2636
accept-ranges
bytes
content-length
110894
x-amz-id-2
MXVhb4uKMJYwSmmySQ4yOTzZ6NdKv3iyk8E2PB5IEgcFUR1jdEt9vTa/J8HV+Lk5xoGIo3Av/Do=
app.css
fantasy.nrl.com/ 		341 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77f202f36f5e2a3d43ac32c50de64bcb01ed22c16fd8af2f1423937b7dd05589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:41 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76238
etag
W/"8bd72c5831b5534a35f411199c425595"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Fpr9yPdnf796BTQJOc3OGnBUSd18GYFQu6VPIxB2G8SrIS4KdoyGWA==
app.js
fantasy.nrl.com/ 		2 MB
483 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/app.js?c76517809118eb4ae658
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d60d591bf78bb898d1d0cdd84c71c720a9bf4fff313d98668ceba514bc9b561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:41 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76238
etag
W/"5fcca965d191ac8b32bd53aec023d26f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
UN2Z4b4bGFolvoN3Zexs4Zca_zdHmZEoU_i1y2QZtefOG92xU8s2nQ==
gtm.js
www.googletagmanager.com/ 		468 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bca96220aef6c54a1ab7a45db75c88a24d3e13528484c9b3a8bf22a41a95a762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122484
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Feb 2024 03:22:18 GMT
gtm.js
www.googletagmanager.com/ 		147 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWJMMKP
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e7736c13b7cec747a97fcb498205d941a49b967f060daea8c2ab46a65f13f82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56804
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Feb 2024 03:22:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Feb 2024 03:22:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
GR7zKXiMUMZKfm9hTPiobuwt+pdWJlXxKH8/GN63b93Ky28iDZZQQqXA0ihwxcccTW8Xiu/n/tSXMxN73m/8jg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
web_surveys.js
survey.survicate.com/workspaces/b6de952525ab9e6d6eabf98389d0459f/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.survicate.com/workspaces/b6de952525ab9e6d6eabf98389d0459f/web_surveys.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
dc8e358e5f6538cfd22204b593d5b5e9685b469d7b99bc37296aa956a39b23c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
x-amz-version-id
8WeY1QQvzXNJQ6jDbqK8N6Uu.3w3o6GW
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1081
content-security-policy
default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
x-amz-request-id
GGY755W6DVJWXNB6
cdn-cachedat
02/21/2024 14:17:14
cdn-pullzone
1158558
x-amz-id-2
pCO1NpVuYDVJEg+f4GC8Yfi/1a3Da4hGZf+3oGVTE+t4aJ3YGHRHzbt0km1tv5zRT1PGuHDF/I8=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Feb 2024 13:53:01 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"24ae2b36f2bb408b1373596d21071d2e"
vary
Accept-Encoding, Accept-Encoding
report-to
{ "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] }
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=300
cdn-requestid
f6aca2b28f9e3527fe470648dcd3fe1d
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
7da2a88a-3afb-4af6-b133-0abb9da2bb85
ekr.zdassets.com/compose/ 		966 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/7da2a88a-3afb-4af6-b133-0abb9da2bb85
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7da2a88a-3afb-4af6-b133-0abb9da2bb85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f210694f177765b4a3f3192dfa83ae5d8ad7fb86acff02f9a3e4bd68fbe38309
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
857d756e0c457823-SEA, 857d756e0c457823-SEA
x-runtime
0.014421
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f210694f177765b4a3f3192dfa83ae5d"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEmIqhpwAENDVfEljHflxgACME8%2F%2BXhx6G5yLau0gKBmsUVP9WYpaBZYXroPHVWveXb%2BnmpACRZiHe4T5wSKP6YExentRXZHPotBqXLsm9EZT7HqS1riKnMGLrBosWyoLWU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
85a4955bbfe84480-TXL
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/ 		428 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
70995
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137981
x-xss-protection
0
server
cafe
etag
12437356588311396475
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 22 Feb 2025 07:39:03 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=WAVEMAKER_AU_DCM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1708744938857&de=81822152435&m=0&ar=b14f40e8f24-clean&iw=065e98e&q=2&cb=0&ym=0&cu=1708744938857&ll=2&lm=0&ln=0&em=0&en=0&d=29447628%3A6720305%3A360037070%3A187179749&zMoatADV=10359490&zGSRC=1&gu=https%3A%2F%2Ffantasy.nrl.com%2F&id=1&ii=4&bo=nrl.com&bd=fantasy.nrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=wavemakeraudcmdisplay106871250942&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A-%3A0%3A0&fs=207200&na=251676934&cs=0
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-10-211.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 24 Feb 2024 03:22:18 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.js?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea491d862b51a7e302849ca58d0aec9bb21880311019d8da7c314957f8380d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Feb 2024 03:22:18 GMT
content-md5
a0Au3CM9RQ7Iip+l7TmDTQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
0i989JpzBNuSxxBF9dO3YrnzLncoLcG4R2NHptKE2JuZcwthKv8E2GBsXPu0P3Jdh5w2ug72s7eWtCl430l8ag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
522bb9b06c7d45e58dd76264371563b5
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e38a76e5fa4d4b35a1379152fe99ad7e"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 24 Feb 2024 03:34:08 GMT
RLFontRegular.woff2
fantasy.nrl.com/assets/fonts/rl/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/rl/RLFontRegular.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bba05df4dc016bcf23a114d0a4b4c354bbcaa3f2b5e28d8bb9696cec83522b04

Request headers

Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:44:08 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
70691
x-cache
Hit from cloudfront
content-length
13300
last-modified
Mon, 12 Feb 2024 05:39:27 GMT
server
AmazonS3
etag
"d7de6b8af08206ddbdac3d6eee866249"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://fantasy.nrl.com
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
gTIv3sES2EullB5LO34cboM1XFf7fo2PhTb5GQyLtwIvhFpyjo6hHw==
/
js.stripe.com/v3/ 		600 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.js?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9edb2179b3a4de19f2bd050f807bf098dc9820ac1301e7cda0916d1cf75316b3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:18 GMT
content-encoding
br
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 23 Feb 2024 21:40:09 GMT
server
Cloudfront
etag
W/"f51da0bba6ffbda45dab8baf8465073f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
PWqpMpA3Dp36imDR8digenWyrFtuYdrLNLIOJ6VKztQ0Fb7XT0cHZg==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1708744938932
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15941c40cdc7143b253abbe3b15fa42a5c133658d768b5cacd01ef9ef889d0d9

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Sat, 24 Feb 2024 03:20:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"334cf56cd9189486603b1b975f9fd280"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
302
x-amz-cf-id
tw9DIWqKsW5clea7JFILAY6Po8lOMI17N5cG_Y9lRWVGqvmoLw_2vw==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1708744938934
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15941c40cdc7143b253abbe3b15fa42a5c133658d768b5cacd01ef9ef889d0d9

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Sat, 24 Feb 2024 03:20:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"334cf56cd9189486603b1b975f9fd280"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
302
x-amz-cf-id
XAdchSc8VJBU1PwW1jRDNq17-sMZK6kPFkZzrfw-H7FOjG4JHDCLjg==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1708744938934
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15941c40cdc7143b253abbe3b15fa42a5c133658d768b5cacd01ef9ef889d0d9

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Sat, 24 Feb 2024 03:20:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"334cf56cd9189486603b1b975f9fd280"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
302
x-amz-cf-id
s_wVzzKwbxJeQqXFZGDUchvjTHj309_mpBNQZnHUo6LS4xMUHrSKjQ==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1708744938935
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15941c40cdc7143b253abbe3b15fa42a5c133658d768b5cacd01ef9ef889d0d9

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Sat, 24 Feb 2024 03:20:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"334cf56cd9189486603b1b975f9fd280"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
302
x-amz-cf-id
TwinUIKlJLJcN9y6nT1A6csIGaLaY_TKuGGl4eKyOUpM3f69e5ng7Q==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1708744938940
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15941c40cdc7143b253abbe3b15fa42a5c133658d768b5cacd01ef9ef889d0d9

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Sat, 24 Feb 2024 03:20:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"334cf56cd9189486603b1b975f9fd280"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
302
x-amz-cf-id
1MnyyGpdPvuyOhNaZdiek6W4K73uXCUuAxNQglev8yP7hgFN-MBfcw==
menu_logo.svg
fantasy.nrl.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/menu_logo.svg
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5264ff2e5f577600364b18e62e7a83813cd74d94754e9509f4154cf7fe3250c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:44:08 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70691
etag
W/"78a6a32085d9c65476de196d6b71c515"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
aaoRMWWaYH_9U32W0cjhO-sTLdEQq-C87Cat3WLVAKM1XGSudXH_ag==
nrl-fantasy-logo-header.svg
fantasy.nrl.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/nrl-fantasy-logo-header.svg
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a502624853ea4a283c94ed4e4b2773a9d0f55a0267ea673b6bb0155555ee0525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
W/"b4653f6a77d75f8f5b6b9a152ba5ef6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
zj16uTznfkLjPnUMGODJezRq81tsEjVeSJ1XBpGxxkuIL7Ic51TxMw==
fb.webp
fantasy.nrl.com/assets/images/footer/ 		116 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/fb.webp
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2f388377ae43ef4d60aee5c3652deaa9c1fd16280e0ef3e714e46771067085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 00:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"39b48de2b0814cf41700f98424b34b0f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/webp
cache-control
max-age=300, must-revalidate
content-length
116
x-amz-cf-id
iO-tJNEDmNfS9K09FgzU1I4n4t6DM06PB1uLiHVyhOvRu-HhDkMZeg==
tw.webp
fantasy.nrl.com/assets/images/footer/ 		202 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/tw.webp
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11f8e74475f9ed0a82574a5348d75fdf715a2a109078757c5d8b02a8022a7ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 00:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"795a062c1a442e5e06d540c738715edc"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/webp
cache-control
max-age=300, must-revalidate
content-length
202
x-amz-cf-id
ga5I-HY0eV2ESlSoZQof0jtAfeps7qIcQbvfB_2HoclxXqdohRgF3A==
Insta.webp
fantasy.nrl.com/assets/images/footer/ 		314 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/Insta.webp
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d848900e5ba0a253af315927116d66de0a46ce0746a05bd91e60119a9922e6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 00:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"5532914f7c317b4d52d264545ad10eaa"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
max-age=300, must-revalidate
content-length
314
x-amz-cf-id
Eb9g_eQoansTIKMHtGrf6O4ScBLxeba1OHMFMHDY5Fk32xodhHLxgw==
genius.png
fantasy.nrl.com/assets/images/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/genius.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24522eb9ab8da6382f5119995db3aa4bb9ca27236a30fb23e65eaa9b853c279e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"5d1edae0db1aabcb0421b6237c3c28f3"
x-cache
Hit from cloudfront
content-type
image/png
content-length
2535
x-amz-cf-id
13t9BxYcuJfk7arhg63ZbpplFVxW1AcSwPYQX-Z9tffgs2mp6gM57Q==
nrl-logo-white.png
fantasy.nrl.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/nrl-logo-white.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:44:08 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70691
etag
"724ba7934133c15cfac1430064673891"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
1751
x-amz-cf-id
_7pDieFMEj2xzFnv3D5jOQM9Z4jr94v5ux02tUPIIzik7xEcxS3Ipg==
green-arrow-down.png
fantasy.nrl.com/assets/images/ 		262 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/green-arrow-down.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba96da88d333751b4c4365aba8517c0ba8aefa837d574baef1835c7a9581347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"4fdbe966d1289297289a670254677fc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
262
x-amz-cf-id
wfN-ZOq-2X-abq625p1PwydxYFXVZV_8Q7l-P-8EfWh1BzAi4B4UQw==
login-banner.png
fantasy.nrl.com/assets/images/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/login-banner.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c472cc8b0d581072a9d9067bf18b88006357f37f3018fd45dc33c8978426acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"e40ea84540e09dd4189acd67dc361047"
x-cache
Hit from cloudfront
content-type
image/png
content-length
392677
x-amz-cf-id
1ENDli_ZC-CRYE0drMSTHHKkigzwCZ3lvVzfgzyBeq5rFn8FcdYNrw==
fantasy-badge.png
fantasy.nrl.com/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/fantasy-badge.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09c1bee000689fd2a03b672378dea010d385dd6160b49435180c79d78154e7c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"d3803bfe9c0d9827531cdf0f76b0b280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
2404
x-amz-cf-id
-dHwsGfg83ONMPKNgo-oW39YpyTnDYv8UnApJKloOBhuvS5LShKcOg==
draft-badge.png
fantasy.nrl.com/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/draft-badge.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d5f7db5c567c34a7ae0b4f30399ae8a8c7739f3b74d8b67e055b36ab3bd1e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"531db242d8f30610f2e19ae37331de72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
2650
x-amz-cf-id
q7AUXbw6Vb-ZpGSm4T-iDJpDiiXN1n4Tgntsy6zbkJVCu6ZqZdokkA==
ionicons.ttf
fantasy.nrl.com/assets/fonts/Ionicons/ 		184 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/Ionicons/ionicons.ttf?v=2.0.0
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:44:08 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
70691
x-cache
Hit from cloudfront
last-modified
Mon, 12 Feb 2024 05:39:25 GMT
server
AmazonS3
etag
W/"24712f6c47821394fba7942fbb52c3b2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
https://fantasy.nrl.com
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
4d_LN7MqCPGzYNRUsjMcUtNBmhAeFGI-VT3pA8stCO1g7WZdT62vIw==
RLFontBoldItalic.woff2
fantasy.nrl.com/assets/fonts/rl/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/rl/RLFontBoldItalic.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e09beca6d0029cf68f76c9e56600f1c65c3a1d73ac3772dbb06ed00b801184d

Request headers

Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 08:25:31 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
68208
x-cache
Hit from cloudfront
content-length
15020
last-modified
Mon, 12 Feb 2024 05:39:27 GMT
server
AmazonS3
etag
"68b0b6118d5848c1b64f54d509bf7a75"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://fantasy.nrl.com
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
DttWKSVIV7mHA0zWQhd966_Km2b69bcBZXT6dPEWgcG4LJv2MKDEQg==
RLFontBold.woff2
fantasy.nrl.com/assets/fonts/rl/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/rl/RLFontBold.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d099b34701fb032d6ee01032360b7d3a660361e5c335824a25aea3cd5b64a345

Request headers

Referer
https://fantasy.nrl.com/app.css?c76517809118eb4ae658
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 11:21:45 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
57634
x-cache
Hit from cloudfront
content-length
13044
last-modified
Mon, 12 Feb 2024 05:39:26 GMT
server
AmazonS3
etag
"b807acd63711c482b168c0edf53bacb3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://fantasy.nrl.com
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
LupyiKOUR_HIA4WrCZDws9t3WbhqCYVE8ymmnY_mRYEbSJP1BOGKdA==
sdk.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b1869b1816b045575be11ff291c42fc1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd620081f799651ffe3952e8eb9a68614b325f01809f33a411c730057e5a85be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fantasy.nrl.com/
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Feb 2024 03:22:19 GMT
content-md5
iz3XYKRWBYQ+i6NqVl5r5g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87206
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
FFiU7Cs22FOwAIyNdCdvSkGVLpg3TEhPiuHS2GDefXb9b8I/eRGdv4yWupCFv5Ta5lCc3ODSthdqZA01QONHOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ac1b712a69b3cea78cd1d90de740251b
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"d9a41fc2b182aace931b74714d828089"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 23 Feb 2025 01:32:08 GMT
78756360
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/78756360?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58aeb9c4be9f92992d4b59bad1f24ee5d99cc45f70fb3aaabd2e1a4428f036ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KboKQYiligpErGbvGeyt0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-KboKQYiligpErGbvGeyt0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj6mHU4pJi8NaQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIW6O1wefrmMTuNH_ORoAP9FAYw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
fonts.css
surveys-static.survicate.com/fonts/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://surveys-static.survicate.com/fonts/fonts.css
Requested by
Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/b6de952525ab9e6d6eabf98389d0459f/web_surveys.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1082
content-security-policy
default-src 'self'
x-amz-request-id
3RMP7AJA27HB68V3
cdn-cachedat
01/24/2024 11:53:05
cdn-pullzone
1133799
x-amz-id-2
WrZjnOrPu8JOVOi2e0wBGd1FxV4H1gxGxoQMzVmbn3w5lgdoe8eMYxisL6Jt9dfn5ssFCdemBR0=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Apr 2022 12:02:06 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"175a0d0343589473e72c6e512936d749"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=604800
cdn-requestid
ddffcce7135729355e3e6365936ff6e6
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
878285258903139
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/878285258903139?v=2.9.147&r=stable&domain=fantasy.nrl.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b85c93ac3963796ad6cc245a462fdcd66c648b21a33abb335c3947069a544cda
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Feb 2024 03:22:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
lgsIbnxHD7REHZyiZA5b1yF7FgsRmVafTtZHImG0y4GoZGjQ9/rhfp56bzBu9LZkDryAYncEhGiYc9Dhk7l90g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
web-widget-main-a0370fe.js
static.zdassets.com/web_widget/classic/latest/ Frame 8280 		909 KB
266 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7da2a88a-3afb-4af6-b133-0abb9da2bb85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e16477198d21785ce72b061aef055a3105753236dc2e49e7d6293d2bee9ec6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
x-amz-version-id
LWp0BJGOiQlDv4RQzoZ3p3lhR0Lclxwc
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FG17W3XJ1J8P52H3
age
410308
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Q273Fo2pMZWRFMrCDkQNFLIUiAHnPq2CRkQb1nZf5hgmpxEL5cbmaeEb8kbWbvxVhKhfOMbumnGL2Q0+2zqK7A==
last-modified
Thu, 15 Feb 2024 16:53:11 GMT
server
cloudflare
etag
W/"d59d0403b5d8dedcf8b2ea5301079d73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FJayPMurdA530tbrKY4YhL%2B0vFkfDMCLXU97CCDBQ9gPB6gdA4ta1sSyEqM2E5I7A%2FAeCbgM1lDEIsf4s9l9FVzxd6ytueor4jUd%2BOax8Q6ahRnY32kgtdWLdepmY2vh3izynY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85a4955d2e9c450a-TXL
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:53:10 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJMMKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Feb 2024 01:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6616
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 24 Feb 2024 03:32:03 GMT
js
www.googletagmanager.com/gtag/ 		192 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-47034296-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJMMKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c4fc425296356c65dd3dd93b0b4bb0e13ced90235f5ed3b48731b8e072e1873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70759
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Feb 2024 03:22:19 GMT
controller-f3aaf0a4588c11fbdf4221277351eb39.html
js.stripe.com/v3/ Frame FA3C 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
113016669803e5472a495a27d0257cb180b3beb92a817841465d6ef0c7a8e564
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
51
cache-control
max-age=60, stale-while-revalidate=900
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 24 Feb 2024 03:21:31 GMT
etag
"f3aaf0a4588c11fbdf4221277351eb39"
last-modified
Fri, 23 Feb 2024 21:02:27 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
RbwgaZV3JYNzwzzuadSURqbma50nLVGT_6WDKxI5_40m4hVSkMfWtQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
en-us-json-a0370fe.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 8280 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
x-amz-version-id
Eayr8wE0O1QlREvlJDJDRqBtMG5lJ2lJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWV7HMVNAY7NJZ7
age
410307
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
v8ShxWVC630p/sLfgAu2hjWeG55jvFIi3lwblOxMUnu9pJiCEXpchyYtyJvFL0EtP50XagsYgPs=
last-modified
Thu, 15 Feb 2024 16:53:13 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJ8S1rqOuFKA0bMrwBFGth0h%2BLxpqWRz1sFnBXgNFjijxt3KtZmB7ZXwgeXei4joRT8JGLckFfLn1l8FpWXituQRIbjUVN4NZhDrE5OrKFK8jAzXFLXbSmAyTg1DWSIYfO%2BLm2o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85a4955e0f23450a-TXL
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:53:12 GMT
config
nrlfantasy.zendesk.com/embeddable/ Frame 8280 		546 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nrlfantasy.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7af9b6a16b2b91d8d8932cf3bd478bc25eb2dd5ed901fefc9d7febb8b96430

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-776988b649-5bgmw
x-cached
MISS
x-request-id
85a4955ea9556a73-WAW
x-runtime
0.002271
last-modified
Fri, 23 Feb 2024 13:41:18 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnWBTXFwOvW5jBOecC%2F8DjnQWSTxWbG0Y1A43vsoQqZ1AxweHlWdrnl4nXhBp2XWO3qKjIKD07ZhB7GGC%2Bl629p0mwAFpBHbp0mFcCczFsuObDhsnZPgEaHXvTE1btNB360z6W8oQgY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
85a4955ea9556a73-TXL
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-40RMV36ZL2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47034296-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56014b52c3eec469466c6e1100a98cf042a96bbb79675bba543ec3cade26c6cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83247
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 24 Feb 2024 03:22:19 GMT
shared-dfc36c72938e02dbf0b948f02dc01c05.js
js.stripe.com/v3/fingerprinted/js/ Frame FA3C 		535 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dfc36c72938e02dbf0b948f02dc01c05.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9a53a378b0bf8737dd5384da05ca56af9af8e7a218eb8a2d22a96eca1ac5141b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:04:21 GMT
content-encoding
br
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1097
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 23 Feb 2024 21:02:41 GMT
server
Cloudfront
etag
W/"ee779d877b789585dcd76914b08ab7f0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
dlhAaJmOaEQNPnx0uwAt9CxSJW1E52oxC_M7P6bRpYpm7OPN8p3Bew==
controller-c5e9d80808364fba673096e3a8aa9195.js
js.stripe.com/v3/fingerprinted/js/ Frame FA3C 		696 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-c5e9d80808364fba673096e3a8aa9195.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d7ab36bda2c2cd614f2273a36ad7318d78fac4580fc027603e82801fd539a499
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:04:19 GMT
content-encoding
br
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1097
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 23 Feb 2024 21:02:39 GMT
server
Cloudfront
etag
W/"d08b421b5096714447361f320e2f6b0e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
4gZwy24H4ZQlgMexQrvPAfi7W0s9runXmijYaDZWN0DwA3-b2CyXew==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=878285258903139&ev=PageView&dl=https%3A%2F%2Ffantasy.nrl.com%2F&rl=&if=false&ts=1708744939234&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708744939233.291918917&hmd=45350d8fb0345adb3257c9c5&pl=https%3A%2F%2Ffantasy.nrl.com%2F&ler=empty&cdl=API_unavailable&it=1708744939049&coo=false&exp=e1&rqm=GET
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=878285258903139&ev=Microdata&dl=https%3A%2F%2Ffantasy.nrl.com%2F&rl=&if=false&ts=1708744939236&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NRL%20Fantasy%22%2C%22meta%3Adescription%22%3A%22Join%20the%20Official%20NRL%20Fantasy%20competition%20in%202024%20and%20you%20could%20win%20some%20epic%20prizes.%20It%E2%80%99s%20free%20and%20easy%20to%20join!%20Register%20to%20pick%20your%20squad%2C%20get%20free%20access%20to%20experts%20opinion.%20Ramp%20up%20the%20rivalry%20amongst%20your%20friends%20and%20test%20your%20skill%20with%20the%20new%20open%20bench.%20This%20will%20be%20the%20most%20fun%20NRL%20Fantasy%20season%20yet%20and%20will%20change%20the%20way%20you%20watch%20the%20game%2C%20guaranteed!%22%2C%22meta%3Akeywords%22%3A%22NRL%20Fantasy%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22NRL%20Fantasy%22%2C%22og%3Asite_name%22%3A%22NRL%20Fantasy%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffantasy.nrl.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ffantasy.nrl.com%2Fassets%2Fimages%2Ffavicons%2Ffavicon-200.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.147&r=stable&ec=1&o=4126&fbp=fb.1.1708744939233.291918917&hmd=45350d8fb0345adb3257c9c5&pl=https%3A%2F%2Ffantasy.nrl.com%2F&ler=empty&cdl=API_unavailable&it=1708744939049&coo=false&es=automatic&tm=3&exp=e1&rqm=GET
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
destination
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4375528&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46a8f66659ed4c12878c531fc4d239b1ae52d915d82bb45b5722f16ee339da42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70028
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Feb 2024 03:22:19 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame FA3C 		474 B
917 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dfc36c72938e02dbf0b948f02dc01c05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b0f2842cf2fe230f30d403634d26de441e415c437b4d81fe2626ea0e95426c78
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Feb 2024 03:21:45 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
34
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Fri, 23 Feb 2024 21:40:09 GMT
server
Cloudfront
etag
"f2dfc898e40eddf6e7e8133dd4803280"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
6mbeXpfogjvB-JCzwvyCA8mhukjsReP_cT_c40MRujBWTzkGw88m7w==
.deploy_status_henson.json
js.stripe.com/v3/ Frame FA3C 		474 B
917 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dfc36c72938e02dbf0b948f02dc01c05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b0f2842cf2fe230f30d403634d26de441e415c437b4d81fe2626ea0e95426c78
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-f3aaf0a4588c11fbdf4221277351eb39.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Feb 2024 03:21:45 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
34
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Fri, 23 Feb 2024 21:40:09 GMT
server
Cloudfront
etag
"f2dfc898e40eddf6e7e8133dd4803280"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
TRDQO8uy9YC2o9Gzlawrw3KrvICAgdEW6FmXueqLaXUNEDzRKkvpZg==
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-40RMV36ZL2&gtm=45je42l0v9126439918za200&_p=1708744938774&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1385015319.1708744939&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708744939&sct=1&seg=0&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dt=NRL%20Fantasy&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=932
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40RMV36ZL2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXUIGZ62hjsip0x5Z3i7wgZrl-Oqmk-1Qzy_iSrl1A7vZouv9AmnXuNzUIXtGMJ-SPWmw-sLTmk2oRJtJLh3cGCqveVRHjx-3RZ9_Y9yUQlpVlxofR6xJG2oXB15WorvhxHF83AzA==
fundingchoicesmessages.google.com/f/ 		374 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXUIGZ62hjsip0x5Z3i7wgZrl-Oqmk-1Qzy_iSrl1A7vZouv9AmnXuNzUIXtGMJ-SPWmw-sLTmk2oRJtJLh3cGCqveVRHjx-3RZ9_Y9yUQlpVlxofR6xJG2oXB15WorvhxHF83AzA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4NzQ0OTM5LDM0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mYW50YXN5Lm5ybC5jb20vIixudWxsLFtbOCwiNlRHTElUSGZXNmMiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMyMVmm8CcagMpvNRObksjSo6R36yw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4bf54b92d8f8b389e2816953538d6587029743a1273fbaa73e39e088a4343021
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eBKgRmOW0qS1iUYLbA_P6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eBKgRmOW0qS1iUYLbA_P6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePBwvfuumsKkCsu346aygQxzyfzpoCxItZZ7CuBmKn9BmsQUD8OXMG628g9qmfwRoDxEI8HK8PPl3HJvDiyab7jACFpEYV"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1675777185&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=352695071&gjid=1243555449&cid=1385015319.1708744939&tid=UA-47034296-3&_gid=2071189195.1708744939&_r=1&_slc=1&gtm=45He42l0n81TWJMMKPza220&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1889180862
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f0182d6185686a8a60c0a2b32c5de094b92eb704989b69bb2c7c8a44a4afe4f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1675777185&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAHAAUABAAAAACAAI~&jid=1831615246&gjid=956863679&cid=1385015319.1708744939&tid=UA-47034296-3&_gid=2071189195.1708744939&_r=1&gtm=457e42l0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=611950694
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1675777185&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHACUABBAAAACAEKB~&jid=288744751&gjid=784847145&cid=1385015319.1708744939&tid=UA-98403742-20&_gid=2071189195.1708744939&_r=1&_slc=1&gtm=45He42l0n81PV42QSKv77533538za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd2=-&cd3=-&cd4=-&cd5=-&cd6=-&cd7=-&cd8=-&cd9=-&cd10=-&cd11=-&cd13=-&cd14=-&cd15=-&cd16=-&cd19=No&cd24=Web&cd25=fantasy.nrl.com&cd26=-&cd32=CONTAINER%20ID%3A%20GTM-PV42QSK%20%7C%20CONTAINER%20VERSION%3A%20209&cd34=False&cd35=-&cd36=-&cd59=%2F&cd27=1385015319.1708744939&z=1144699306
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-40RMV36ZL2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00bcfa18c201cc0407c592f1f7a54d3c124aa530decf03e507817b1e8b868d99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85048
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 24 Feb 2024 03:22:19 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-98403742-20&cid=1385015319.1708744939&jid=288744751&gjid=784847145&_gid=2071189195.1708744939&_u=YCHACUABBAAAACAEKB~&z=367678036
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98403742-20&cid=1385015319.1708744939&jid=288744751&_u=YCHACUABBAAAACAEKB~&z=1185370363
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98403742-20&cid=1385015319.1708744939&jid=288744751&_u=YCHACUABBAAAACAEKB~&z=1185370363
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		107 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.6TGLITHfW6c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMycXI7Isepk92VOfjSlH0PjGf93dQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10714421e06d1b3cd77ddf70bb8d6ad17da0e6f725e33aee3db23c54295977a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Feb 2024 03:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 03:22:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Feb 2024 03:22:19 GMT
P07sA3RWdMgQI3xB8rJcqEVUU2zuL_IhcNFR1IjT2f8YpvbL3E_JByz3XIqUyIIdx4zrY8HZ1gcm4juMy50XChY6O3vRF-aaxvNwpaMub1Bbi2S9HysC=h60
lh3.googleusercontent.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/P07sA3RWdMgQI3xB8rJcqEVUU2zuL_IhcNFR1IjT2f8YpvbL3E_JByz3XIqUyIIdx4zrY8HZ1gcm4juMy50XChY6O3vRF-aaxvNwpaMub1Bbi2S9HysC=h60
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
843ada21bff4f39ce9ebcc86246e462a8115eb4d57718a3ab28ec4940f66c9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:07:24 GMT
x-content-type-options
nosniff
age
895
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Feb 2024 03:07:24 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.nrl.com/
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:08:42 GMT
x-content-type-options
nosniff
age
256417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 04:08:42 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.nrl.com/
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:35:45 GMT
x-content-type-options
nosniff
age
243994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:35:45 GMT
AGSKWxUwyO7T8fCs4jXuptjhGHXWQIiN2rioPd2eGwcO18me4LO13iQ5zkrSTZ_ZoBUxF69jdBlUNyH14a0Fk2b11YeJ3Ln3KGQ9jGzM4aranK8tw3b8zvNkm_vtuGZmKxF_MdIS0iXuvw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwyO7T8fCs4jXuptjhGHXWQIiN2rioPd2eGwcO18me4LO13iQ5zkrSTZ_ZoBUxF69jdBlUNyH14a0Fk2b11YeJ3Ln3KGQ9jGzM4aranK8tw3b8zvNkm_vtuGZmKxF_MdIS0iXuvw==
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sixg-4fo5mVv5QeLbE4GOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Feb 2024 03:22:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-sixg-4fo5mVv5QeLbE4GOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Xh98Ok6NoEHS1-dYQIASqIWSA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fantasy.nrl.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;ua...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=388533808.1708744939;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma...
  • https://ad.doubleclick.net/activity;dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=388533808.1708744939;pscdl=noapi;gtm=45fe42l0z877533538za201...
  • https://adservice.google.com/ddm/fls/z/dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;...
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Feb 2024 03:22:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=COGDnPmCw4QDFVdlkQUdHLMIGw;src=4375528;type=nrlve0;cat=nrl-f00;ord=4082698245959;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42l0z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
squads.json
fantasy.nrl.com/data/nrl/ 		2 KB
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/squads.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
962f1c6674d3611778079bf6feb1d98016213f53665e990efa33cb81553f6d28

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
date
Sat, 24 Feb 2024 03:22:21 GMT
last-modified
Fri, 15 Dec 2023 05:16:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"329e7e01ce1f1542ca4432e931660c0d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
503
x-amz-cf-id
Kw-_edCot61dNgOe76-OJcA3VFTNh9_GCl9nK7KE3Fl4dnqHA_jpDQ==
news_fantasy.json
fantasy.nrl.com/data/nrl/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/news_fantasy.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76cf1b73ba3a9bffc536987a1aa4fe0c145da80aae1a6c3e6b18ca28fccf7e16

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:21 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sat, 24 Feb 2024 03:15:02 GMT
server
AmazonS3
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
etag
W/"6084bc4a87c12a133f6433dffcb45403"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
x-amz-cf-id
yuTzeN3yCewKQ8pOA53QWSw0Yr3_CbnQcMLR_qrRC-AHVqm55RNrmw==
rounds.json
fantasy.nrl.com/data/nrl/ 		99 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/rounds.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a14f1f78fbef4eb9f2cc0a6adbd6e41f29772d8c4892e724165263ad0bd0a499

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
date
Sat, 24 Feb 2024 03:22:21 GMT
last-modified
Thu, 22 Feb 2024 22:00:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"36043b91de5943fcd11cd4f6ed9320f7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
5896
x-amz-cf-id
oIqFFKbG_q0i6FE9KRAORmKMaKDY5zzXPQ3fsYvsf7iJb12RluqItw==
ladder.json
fantasy.nrl.com/data/nrl/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/ladder.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5750726c64a350a85a7bd5ed4c2c3eb4f3dbf1f0422efb85cfbf48a71025e452

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
date
Sat, 24 Feb 2024 03:22:21 GMT
last-modified
Fri, 23 Feb 2024 07:00:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"2eb6159c671b33dbab8ac49b651c260e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
764
x-amz-cf-id
nXabFqOYZpMP_HYlXeZeMzCEFfAIGeIXWxlRzlSExFB_8RLC_WVDag==
nr-1044.min.js
js-agent.newrelic.com/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1044.min.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
7HtucEuUII5n9P5t3z5IzYZpz_YC7K5u
content-encoding
br
via
1.1 varnish
date
Sat, 24 Feb 2024 03:22:20 GMT
strict-transport-security
max-age=300
x-amz-request-id
CV1GC7H17PJAA2W4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9269
x-amz-id-2
KtZqdcEtX3tEic4naX353RMfCnyV8l551BTi23xhMnWASR14EIBMboEtamDYGl8BTAFJUpfm56Y=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Wed, 18 Oct 2023 20:58:59 GMT
server
AmazonS3
x-timer
S1708744940.276560,VS0,VE0
etag
"6442aaa45ec28f8b2c541026f3c24871"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
3233
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0B04 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1635
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 24 Feb 2024 02:55:05 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 20 Feb 2024 21:32:41 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
WJ1rDgqThdZx-yJjAw4oXdeFiQa1EylfLhQjpa7-I_TNM6GoJVyY8A==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 0B04 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 02:55:05 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1637
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Tue, 20 Feb 2024 21:32:39 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
M_anyRWhJ5zYi0kVGyN2q4x7cRkFRskx89xccctQ9IteX9JSZ-rCrw==
inner.html
m.stripe.network/ Frame 8DBA 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
226
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 24 Feb 2024 03:18:34 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-cf-id
uqR2iYkZf-cBQ2bdry1TNYYXDstsdCwS8BDoHYu_wh3eTbI3P4IGeg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
f1790837ce
bam.nr-data.net/1/ 		56 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f1790837ce?a=94661911&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=1889&ref=https://fantasy.nrl.com/&be=365&fe=1792&dc=520&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1708744938406,%22n%22:0,%22f%22:113,%22dn%22:114,%22dne%22:114,%22c%22:114,%22s%22:142,%22ce%22:172,%22rq%22:172,%22rp%22:205,%22rpe%22:207,%22dl%22:207,%22di%22:520,%22ds%22:520,%22de%22:550,%22dc%22:1792,%22l%22:1792,%22le%22:1799%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1044.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
566cc1d59f8457de6a57a3f8f1854870b1d2c1f6737c56b0fac7bafcd36492dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:20 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-fra-eddf8230134-FRA
out-4.5.43.js
m.stripe.network/ Frame 8DBA 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 03:22:15 GMT
content-encoding
gzip
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
6
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
69zkI3UZOPz0AV2ESP8TfudxttBX9W8LEmbaaTUoKQ7NWFKfjfE82g==
b
r.stripe.com/ Frame FA3C 		0
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dfc36c72938e02dbf0b948f02dc01c05.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 24 Feb 2024 03:22:20 GMT
x-stripe-server-envoy-start-time-us
1708744940915887
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
14
x-stripe-client-envoy-start-time-us
1708744940915496
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA3C 		0
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dfc36c72938e02dbf0b948f02dc01c05.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 24 Feb 2024 03:22:20 GMT
x-stripe-server-envoy-start-time-us
1708744940915877
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1708744940915397
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame 8DBA 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.111.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-111-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8b0cdd243e01b0566edf708e05a503059d755d61687551b16c778e6eaf3165c2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 24 Feb 2024 03:22:20 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1708744940958730
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1708744940957918
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
f1790837ce
bam.nr-data.net/resources/1/ 		36 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/f1790837ce?a=94661911&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2508&ref=https://fantasy.nrl.com/&st=1708744938406
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
451b32f25b5de71155576a19ff4f0c243f480ee7dcbd40c135462fded5403fb1

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 24 Feb 2024 03:22:21 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-served-by
cache-fra-eddf8230134-FRA
nrl-logo-white.png
fantasy.nrl.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/nrl-logo-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:44:08 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70694
etag
"724ba7934133c15cfac1430064673891"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
1751
x-amz-cf-id
PYi0aCfmT_d3VEEvpI40wnBTOndcNv9r-7WtaXsqTAdnuhrM3kP26Q==
green-arrow-down.png
fantasy.nrl.com/assets/images/ 		262 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/green-arrow-down.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba96da88d333751b4c4365aba8517c0ba8aefa837d574baef1835c7a9581347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:43 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76239
etag
"4fdbe966d1289297289a670254677fc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
262
x-amz-cf-id
d5NTXClbfH-yA9LcHdFw1mF1rMjDE9myMA5mtNHLiMUMB81osxaERQ==
73772327_fakaosit-_240223_gp1552_202422316119.jpg
www.nrl.com/contentassets/e7a2d5899a964f0189b19fe0d072a929/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/contentassets/e7a2d5899a964f0189b19fe0d072a929/73772327_fakaosit-_240223_gp1552_202422316119.jpg?center=0.347%2C0.488&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e67300030c1f5072bf1846a0abd4aa352816a66b7ce160f80188351ed4e5fd70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Sun, 23 Feb 2025 03:22:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:22 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
0
x-cache
MISS
content-length
50442
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230062-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 24 Feb 2024 02:58:34 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1708744941.136585,VS0,VE1221
etag
"0x8DC34E47D6DCD82"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
remote.axd
www.nrl.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/remote.axd?https://imageproxy-prod.nrl.digital/api/assets/73766973/keyframes/477190/image?center=0.416%2C0.553&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cbfc9a8b503d031fc3ac6b1666658f51e7ebc56583d28b7e3c1bf7c4fcb552a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Sat, 22 Feb 2025 21:12:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:21 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
22186
x-cache
HIT
content-length
34815
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230062-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 23 Feb 2024 20:01:30 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1708744941.136586,VS0,VE1
etag
"0x8DC34AA3A68655C"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
72746980_hynesn-230817_sd_1335_2023817184133.jpg
www.nrl.com/siteassets/2023/2023-nrl-season/230814---round-25/cowboys-v-sharks/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/siteassets/2023/2023-nrl-season/230814---round-25/cowboys-v-sharks/72746980_hynesn-230817_sd_1335_2023817184133.jpg?center=0.449%2C0.53&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
49d2608d5aa80b59659d6b8ad2d64d41d80fbd6781fe49ee2f996e73be763228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Fri, 21 Feb 2025 06:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:21 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
163206
x-cache
HIT
content-length
51172
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230062-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 22 Feb 2024 04:17:32 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1708744941.136602,VS0,VE1
etag
"0x8DC335D30E5CBF5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
remote.axd
www.nrl.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/remote.axd?https://imageproxy-prod.nrl.digital/api/assets/73765445/keyframes/477189/image?center=0.296%2C0.506&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c42fff434758e3615ceef64fc6be400f95e77977174ad7cc847398a58383e0f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Fri, 21 Feb 2025 23:11:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:21 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
89677
x-cache
HIT
content-length
37393
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230062-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 22 Feb 2024 20:02:06 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1708744941.136262,VS0,VE1
etag
"0x8DC33E1250DD1A8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
remote.axd
www.nrl.com/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/remote.axd?https://imageproxy-prod.nrl.digital/api/assets/73759939/keyframes/477052/image?center=0.442%2C0.326&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f550dddc5703735e607fb65909e80ac02ce10bb8de187f51b2f62b4ac1d3a08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Wed, 19 Feb 2025 21:51:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Feb 2024 03:22:21 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
153718
x-cache
HIT
content-length
63302
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230062-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Feb 2024 21:02:07 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1708744941.136605,VS0,VE1
etag
"0x8DC325732FF396A"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1675777185&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHACUABBAAAACAEKB~&jid=&gjid=&cid=1385015319.1708744939&tid=UA-98403742-20&_gid=2071189195.1708744939&gtm=45He42l0n81PV42QSKv77533538za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd2=-&cd3=-&cd4=-&cd5=-&cd6=-&cd7=-&cd8=-&cd9=-&cd10=-&cd11=-&cd13=-&cd14=-&cd15=-&cd16=-&cd19=No&cd24=Web&cd25=fantasy.nrl.com&cd26=-&cd32=CONTAINER%20ID%3A%20GTM-PV42QSK%20%7C%20CONTAINER%20VERSION%3A%20209&cd34=False&cd35=-&cd36=-&cd59=%2F&cd27=1385015319.1708744939&tcfd=10001&z=586866598
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 00:12:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11415
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
menu_logo.svg
fantasy.nrl.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/menu_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5264ff2e5f577600364b18e62e7a83813cd74d94754e9509f4154cf7fe3250c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 07:44:08 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 05:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70694
etag
W/"78a6a32085d9c65476de196d6b71c515"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
wnASilWbgA8iixR6OCyrOW4aII2UH98mymKBnTQZIC8BR2msx_P94w==
500002.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500002.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc9cb8e7ca45d76bd5ce59a68c0b0e94cf0ec1c5c1a26d6f3da6a88725b1a991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 05:25:58 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
78984
x-amz-server-side-encryption
AES256
etag
"7a30deea1987ce1c0bb36089befe65ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6351
x-amz-cf-id
w4rMZZKSuogkxvA53pWGqCItcXVoE7g9zDIGBwFFAGHFCBSKA97ziw==
500005.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500005.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f5e96a23ab9b40463fbb465a0e467f0ad7fc8322842fd7f2800e34021f2b5f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:46 GMT
x-amz-version-id
null
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 12:08:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"a3be9acfd0d5ecdc719f22c42b7ec977"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6119
x-amz-cf-id
Klpi3WvDHcmQxlizJzw3253VMuEm7eYgEsqDvOBz29SwXFifNZW1Ig==
500001.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500001.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21b5afbaba35978d0c87818d893ece3096e27abad5b2ece60f82d8b5186b88db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 07:44:24 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70678
x-amz-server-side-encryption
AES256
etag
"15239c590d413c7c120ef01cc7584dec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6097
x-amz-cf-id
mzgwK3RK93Ux1woqOyzgLBvqY9ZA9AoiR_yzWgxA4OR-m6j0cHJpdg==
500011.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500011.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a32536791e8b76049def158cd74b2f6b115a0e4c5145e04fd608f85561a2d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:46 GMT
x-amz-version-id
null
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"723fbfdb5e65e123ed6b57742500a62a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3414
x-amz-cf-id
WcTeOToEu2CdN6i85R3pRjUCBM4s6t3AzD9AvYd_o3NNVBseHTvqDQ==
500003.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500003.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bc357dd355256693e5b8549a5f53625c6cfa488bc7c1cd6d49bde54e2ed034e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 07:42:52 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70770
x-amz-server-side-encryption
AES256
etag
"928d716f54e27aa64575381eaf687b86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3477
x-amz-cf-id
BFck770SRxIAgQDo3nPAgQAgt9Uyu0Pj5h5BwQdg236rPP8-9pcMiA==
500013.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500013.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cdde887474b3cd70ca97e3e55bccf06e017c3f222df2c4c725652b10f01318b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 07:44:24 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70678
x-amz-server-side-encryption
AES256
etag
"c115ff5dd89f910c195645c5b286bb37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4456
x-amz-cf-id
sPDo3Z_JRj5ZEjyQRnlhVrSh20Kypv-Tug_BU54qD50AXuXt4jdz5g==
500032.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500032.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88c59cf6d483a79e16315605c2c3b298a2b9a25ba3b7627a653968907449e0dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 05:25:58 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
78984
x-amz-server-side-encryption
AES256
etag
"dbbdc817cfa290cdc5feb490ae8ff730"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5222
x-amz-cf-id
gjkO8ImpD6hEC9AMIGa2ZbHQbNQsHqw9h48XE8pI73E9GedlsPVP_A==
500028.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ffaa0dcfb48819ddc8655d77cbe105bcaee2e582dc1da1c6b14638f7cf51cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:46 GMT
x-amz-version-id
null
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"8ef1ae0fb269db24cb179d0ccd967b80"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2415
x-amz-cf-id
4CHNTbsXUCEwS70vYvYE3a3y2ySrl92w_AXR_NCn0XiTHi-nv48vLg==
500021.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500021.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a843a89cbe1dace12d74733084ac62b3cfdcb07c6c16a4633adcc6e588b30cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 07:42:52 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70770
x-amz-server-side-encryption
AES256
etag
"9402c2bd1eb67f01b6382332b528ea64"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3373
x-amz-cf-id
mGp_E7p7IUA3sKVYnL9NTX3SN3G0ezoPVlwZ1-Ue8Ly0erdeLolO9Q==
500014.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500014.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9f777b496c500e33f96a886d9bfc61026c65321813a427cca8bf7f81994f362

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 06:11:46 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
x-amz-server-side-encryption
AES256
etag
"71667c902634474d19ba36d52fb7398c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3510
x-amz-cf-id
q79bAemAswdD1jQHyxIo9L3VrRjKEwBKqM1SYa0aNNlXKlgYrHAj8A==
500031.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500031.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc1137b4143789c83c44b10760ea3c053e52c58dcc1ff0cb065c0384a1dd131c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:46 GMT
x-amz-version-id
null
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"51da3cb3bd25954035008b1abc1cf88f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4720
x-amz-cf-id
R1FQ7yua6aWne3Seu77IK7HfItDCYD6WBV9jUXpid0QXbggISiJ27g==
500010.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500010.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7780f0132860caa09ccf7c1e16b5d03fb00159adb4c45e83657ce8138774ca8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 07:42:52 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70770
x-amz-server-side-encryption
AES256
etag
"e962b66e5ff8cda4589f594da04255df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4218
x-amz-cf-id
23nCJJT4DwQ-LnCsge1LmbgWPLlx-c2oEQQIIR0yBWvW9h2snrGJ9w==
500004.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500004.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca28a6dd37e69036a915f13530d224a2d57b896910236d99eee05f1bd0ab2c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 07:44:24 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
70678
x-amz-server-side-encryption
AES256
etag
"bef470ad3e45a341e357a7a4b19da9b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3278
x-amz-cf-id
7k3SEZtAdRs8u1_vY3cGkviNmkIeYV6WhXrD8dXn0i1Ibra1hQyYnw==
500022.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500022.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bbc5dbff83d0da2babac108a83e8f386b918692e4e92c40e7b77bccc0124325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:46 GMT
x-amz-version-id
null
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"8911a002e77b3d0e17373bd94d81d159"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3603
x-amz-cf-id
g4tYWEkCiTmOQWrzr23w6SMvSz0AqAvFc705YsSIS3ClVMwuhlyZjw==
500723.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500723.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e63d27e2af214bb208b95e93695623571035be9571354de209f3ede3bb828e72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 05:43:05 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
77957
x-amz-server-side-encryption
AES256
etag
"31922ed9636ec028b479965695746ad7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2999
x-amz-cf-id
ouXksCoWqyBdQDccx94FLTTEAbKbOjdnr9sj2qfjFSuyfo2q0HL4mQ==
500012.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500012.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c29b5bcc1b112518fc4edd1e558a1b3d6fd98ebd377e342dd4ec0e779a10ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 23 Feb 2024 06:11:46 GMT
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 05:42:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
x-amz-server-side-encryption
AES256
etag
"e2843b0c3b1473f5f30e0f0beed2dd9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18234
x-amz-cf-id
KKdBeenxJxuUa7zySAin-DMrWfI5owgWFOuMEsCtOIR4XfUZ9X4ftg==
500023.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500023.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:e800:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66631301c2939308e8285e555bb1a7085e76f02d19f9c45dcfa39c3ce5ac1fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:11:46 GMT
x-amz-version-id
null
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76236
etag
"16a37d7a562bf180cf7d5d85b805b716"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3884
x-amz-cf-id
qr4NNPX9mR9kJPRo5PeXQFDxQPrj-ciqzsUT7gsBHSdpmtLcq8hliQ==
b
r.stripe.com/ Frame FA3C 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dfc36c72938e02dbf0b948f02dc01c05.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 24 Feb 2024 03:22:22 GMT
x-stripe-server-envoy-start-time-us
1708744942174766
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1708744942174286
access-control-allow-credentials
true
content-length
0
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 02:39:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2666
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
176
last-modified
Tue, 20 Feb 2024 21:32:40 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
wWAR7yi0v2YKJwDmH1XD_GKcbFH6zuCnuNzTs_K8-uLB_8Dx87V6eA==

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| getParameterByName boolean| is_app_view object| NREUM object| newrelic function| __nr_require string| site string| sect string| ctype object| googletag object| dataLayer function| gtag function| fbq function| _fbq object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| Backbone function| Color function| Chart function| fbAsyncInit object| FB undefined| google_measure_js_timing boolean| _sTrackingAlreadyPresent object| _svc object| _svd boolean| zEACLoaded object| __buffer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| webpackChunkStripeJSouter function| noop function| Stripe object| stripe function| $zopim string| newSource string| newMedium object| paramArr object| urlArr object| gaGlobal object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTZkNjNjZTY2M2RmYTM2YWxvYWRlcl9qcw== string| ZTZkNjNjZTY2M2RmYTM2YWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| gaplugins object| gaData

16 Cookies

Domain/Path Name / Value
.nrl.com/ Name: _fbp
Value: fb.1.1708744939233.291918917
.nrl.com/ Name: _gcl_au
Value: 1.1.388533808.1708744939
.nrl.com/ Name: _ga_40RMV36ZL2
Value: GS1.1.1708744939.1.0.1708744939.0.0.0
.fantasy.nrl.com/ Name: _ga
Value: GA1.3.1385015319.1708744939
.fantasy.nrl.com/ Name: _gid
Value: GA1.3.2071189195.1708744939
.fantasy.nrl.com/ Name: _gat_UA-47034296-3
Value: 1
.nrl.com/ Name: _ga
Value: GA1.2.1385015319.1708744939
.nrl.com/ Name: _gid
Value: GA1.2.2071189195.1708744939
.nrl.com/ Name: _gat_gtag_UA_47034296_3
Value: 1
.nrl.com/ Name: _gat_UA-98403742-20
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 1a677cf32a135e7c
m.stripe.com/ Name: m
Value: e1f09a78-8470-492c-aa04-6d930c8682ebd1a830
.fantasy.nrl.com/ Name: __stripe_mid
Value: e194df69-31da-4341-abb4-e99a248081e915ab09
.fantasy.nrl.com/ Name: __stripe_sid
Value: 41a46ab9-12d7-4523-83bc-32df7969ff17fdd112

6 Console Messages

Source Level URL
Text
rendering warning URL: https://fantasy.nrl.com/(Line 18)
Message:
The key "target-densitydpi" is not supported.
other warning URL: https://connect.facebook.net/signals/config/878285258903139?v=2.9.147&r=stable&domain=fantasy.nrl.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://fantasy.nrl.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fantasy.nrl.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fantasy.nrl.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fantasy.nrl.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
bam.nr-data.net
connect.facebook.net
ekr.zdassets.com
fantasy.nrl.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
js-agent.newrelic.com
js.stripe.com
lh3.googleusercontent.com
m.stripe.com
m.stripe.network
nrlfantasy.zendesk.com
px.moatads.com
r.stripe.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nrl.com
z.moatads.com
104.16.53.111
104.18.70.113
104.18.72.113
142.250.186.38
151.101.194.133
151.101.66.137
162.247.243.29
2001:4860:4802:32::36
23.211.10.211
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2600:9000:2057:1400:19:7d10:bd80:93a1
2600:9000:2644:e800:b:4320:3300:93a1
2600:9000:2644:ee00:b:4320:3300:93a1
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
44.240.111.178
54.187.119.242
99.86.4.99
00bcfa18c201cc0407c592f1f7a54d3c124aa530decf03e507817b1e8b868d99
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
09c1bee000689fd2a03b672378dea010d385dd6160b49435180c79d78154e7c1
0cdde887474b3cd70ca97e3e55bccf06e017c3f222df2c4c725652b10f01318b
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0f5e96a23ab9b40463fbb465a0e467f0ad7fc8322842fd7f2800e34021f2b5f6
0ffaa0dcfb48819ddc8655d77cbe105bcaee2e582dc1da1c6b14638f7cf51cd9
10714421e06d1b3cd77ddf70bb8d6ad17da0e6f725e33aee3db23c54295977a0
113016669803e5472a495a27d0257cb180b3beb92a817841465d6ef0c7a8e564
11f8e74475f9ed0a82574a5348d75fdf715a2a109078757c5d8b02a8022a7ff2
15941c40cdc7143b253abbe3b15fa42a5c133658d768b5cacd01ef9ef889d0d9
21b5afbaba35978d0c87818d893ece3096e27abad5b2ece60f82d8b5186b88db
24522eb9ab8da6382f5119995db3aa4bb9ca27236a30fb23e65eaa9b853c279e
2a32536791e8b76049def158cd74b2f6b115a0e4c5145e04fd608f85561a2d55
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2d5f7db5c567c34a7ae0b4f30399ae8a8c7739f3b74d8b67e055b36ab3bd1e5f
2d60d591bf78bb898d1d0cdd84c71c720a9bf4fff313d98668ceba514bc9b561
3273996622afec9de3fde1cdde7686ad7e8a0c67b0073df16e84c8e099d6d898
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3bbc5dbff83d0da2babac108a83e8f386b918692e4e92c40e7b77bccc0124325
3bc357dd355256693e5b8549a5f53625c6cfa488bc7c1cd6d49bde54e2ed034e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
451b32f25b5de71155576a19ff4f0c243f480ee7dcbd40c135462fded5403fb1
46a8f66659ed4c12878c531fc4d239b1ae52d915d82bb45b5722f16ee339da42
49d2608d5aa80b59659d6b8ad2d64d41d80fbd6781fe49ee2f996e73be763228
4bf54b92d8f8b389e2816953538d6587029743a1273fbaa73e39e088a4343021
4e7736c13b7cec747a97fcb498205d941a49b967f060daea8c2ab46a65f13f82
543aa4b76071b9d3a50c82528989dd55aa250d73f4aebfaa374236c6e7f4780e
56014b52c3eec469466c6e1100a98cf042a96bbb79675bba543ec3cade26c6cd
566cc1d59f8457de6a57a3f8f1854870b1d2c1f6737c56b0fac7bafcd36492dc
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
5750726c64a350a85a7bd5ed4c2c3eb4f3dbf1f0422efb85cfbf48a71025e452
58aeb9c4be9f92992d4b59bad1f24ee5d99cc45f70fb3aaabd2e1a4428f036ac
5ba96da88d333751b4c4365aba8517c0ba8aefa837d574baef1835c7a9581347
66631301c2939308e8285e555bb1a7085e76f02d19f9c45dcfa39c3ce5ac1fad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e09beca6d0029cf68f76c9e56600f1c65c3a1d73ac3772dbb06ed00b801184d
76cf1b73ba3a9bffc536987a1aa4fe0c145da80aae1a6c3e6b18ca28fccf7e16
7780f0132860caa09ccf7c1e16b5d03fb00159adb4c45e83657ce8138774ca8a
77f202f36f5e2a3d43ac32c50de64bcb01ed22c16fd8af2f1423937b7dd05589
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
7c29b5bcc1b112518fc4edd1e558a1b3d6fd98ebd377e342dd4ec0e779a10ddf
7c4fc425296356c65dd3dd93b0b4bb0e13ced90235f5ed3b48731b8e072e1873
80ed5c71c79ae51043334efbf98d8c392b1deee38dcab564b33e475b37fc8274
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843ada21bff4f39ce9ebcc86246e462a8115eb4d57718a3ab28ec4940f66c9c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c59cf6d483a79e16315605c2c3b298a2b9a25ba3b7627a653968907449e0dc
8b0cdd243e01b0566edf708e05a503059d755d61687551b16c778e6eaf3165c2
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
962f1c6674d3611778079bf6feb1d98016213f53665e990efa33cb81553f6d28
9a53a378b0bf8737dd5384da05ca56af9af8e7a218eb8a2d22a96eca1ac5141b
9c472cc8b0d581072a9d9067bf18b88006357f37f3018fd45dc33c8978426acd
9edb2179b3a4de19f2bd050f807bf098dc9820ac1301e7cda0916d1cf75316b3
a14f1f78fbef4eb9f2cc0a6adbd6e41f29772d8c4892e724165263ad0bd0a499
a2f388377ae43ef4d60aee5c3652deaa9c1fd16280e0ef3e714e46771067085b
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a502624853ea4a283c94ed4e4b2773a9d0f55a0267ea673b6bb0155555ee0525
a843a89cbe1dace12d74733084ac62b3cfdcb07c6c16a4633adcc6e588b30cea
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2979c5a83f9ca07fa88cbd8b7f95525351e2841fd0c5ed01b6947391a41263
b0979a3dabd376ba13b02f64e7232074981d6d493b9dcd1e6b4b788206756b3b
b0f2842cf2fe230f30d403634d26de441e415c437b4d81fe2626ea0e95426c78
b85c93ac3963796ad6cc245a462fdcd66c648b21a33abb335c3947069a544cda
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bba05df4dc016bcf23a114d0a4b4c354bbcaa3f2b5e28d8bb9696cec83522b04
bca96220aef6c54a1ab7a45db75c88a24d3e13528484c9b3a8bf22a41a95a762
bd7af9b6a16b2b91d8d8932cf3bd478bc25eb2dd5ed901fefc9d7febb8b96430
c42fff434758e3615ceef64fc6be400f95e77977174ad7cc847398a58383e0f5
ca28a6dd37e69036a915f13530d224a2d57b896910236d99eee05f1bd0ab2c31
cbfc9a8b503d031fc3ac6b1666658f51e7ebc56583d28b7e3c1bf7c4fcb552a5
cc1137b4143789c83c44b10760ea3c053e52c58dcc1ff0cb065c0384a1dd131c
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d099b34701fb032d6ee01032360b7d3a660361e5c335824a25aea3cd5b64a345
d7ab36bda2c2cd614f2273a36ad7318d78fac4580fc027603e82801fd539a499
d848900e5ba0a253af315927116d66de0a46ce0746a05bd91e60119a9922e6fe
d9e16477198d21785ce72b061aef055a3105753236dc2e49e7d6293d2bee9ec6
d9f777b496c500e33f96a886d9bfc61026c65321813a427cca8bf7f81994f362
dc8e358e5f6538cfd22204b593d5b5e9685b469d7b99bc37296aa956a39b23c5
dc9cb8e7ca45d76bd5ce59a68c0b0e94cf0ec1c5c1a26d6f3da6a88725b1a991
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5264ff2e5f577600364b18e62e7a83813cd74d94754e9509f4154cf7fe3250c
e63d27e2af214bb208b95e93695623571035be9571354de209f3ede3bb828e72
e67300030c1f5072bf1846a0abd4aa352816a66b7ce160f80188351ed4e5fd70
ea491d862b51a7e302849ca58d0aec9bb21880311019d8da7c314957f8380d34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0182d6185686a8a60c0a2b32c5de094b92eb704989b69bb2c7c8a44a4afe4f3
f210694f177765b4a3f3192dfa83ae5d8ad7fb86acff02f9a3e4bd68fbe38309
f550dddc5703735e607fb65909e80ac02ce10bb8de187f51b2f62b4ac1d3a08a
fd620081f799651ffe3952e8eb9a68614b325f01809f33a411c730057e5a85be