urlscan.io logo urlscan.io
SecurityTrails logo

tipping.nrl.com Open in urlscan Pro
108.138.7.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tipping.nrl.com/
Effective URL: https://tipping.nrl.com/
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 48 HTTP transactions. The main IP is 108.138.7.12, located in United States and belongs to AMAZON-02, US. The main domain is tipping.nrl.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 25th 2024. Valid for: a year.
This is the only time tipping.nrl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net
tipping.nrl.com
15    108.138.7.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-12.fra56.r.cloudfront.net
tipping.nrl.com
4    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
nrltipping.zendesk.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
16 nrl.com
tipping.nrl.com
1 MB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2089
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 2
120 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
ad.doubleclick.net — Cisco Umbrella Rank: 158
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
165 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
364 KB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2184
ekr.zdassets.com — Cisco Umbrella Rank: 2517
279 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
7 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6744
408 B
1 zendesk.com
nrltipping.zendesk.com
1 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
3 KB
48 13
Domain Requested by
16 tipping.nrl.com 1 redirects tipping.nrl.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com tipping.nrl.com
www.googletagmanager.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
tipping.nrl.com
3 static.zdassets.com tipping.nrl.com
static.zdassets.com
2 www.google-analytics.com www.googletagmanager.com
tipping.nrl.com
2 fonts.gstatic.com tipping.nrl.com
2 www.facebook.com tipping.nrl.com
2 ad.doubleclick.net 2 redirects
2 connect.facebook.net tipping.nrl.com
connect.facebook.net
2 securepubads.g.doubleclick.net tipping.nrl.com
securepubads.g.doubleclick.net
2 fonts.googleapis.com tipping.nrl.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net tipping.nrl.com
1 nrltipping.zendesk.com static.zdassets.com
1 lh3.googleusercontent.com tipping.nrl.com
1 adservice.google.com tipping.nrl.com
1 ekr.zdassets.com static.zdassets.com
48 19
Subject Issuer Validity Valid
tipping.nrl.com
Amazon RSA 2048 M02		 2024-01-25 -
2025-02-23		 a year crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
nrltipping.zendesk.com
Cloudflare Inc ECC CA-3		 2023-12-09 -
2024-12-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tipping.nrl.com/
Frame ID: ECB398A1D10CD87E0E19FF9DA7C1D9CA
Requests: 45 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4793dd1.js
Frame ID: 9539D2EA087D195886923E02DAEE4680
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NRL Tipping

Page URL History Show full URLs

  1. http://tipping.nrl.com/ HTTP 301
    https://tipping.nrl.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

98 %
HTTPS

74 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

2407 kB
Transfer

6285 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tipping.nrl.com/ HTTP 301
    https://tipping.nrl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=1761201709.1709420782;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=1761201709.1709420782;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tipping.nrl.com/
Redirect Chain
  • http://tipping.nrl.com/
  • https://tipping.nrl.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02a71299ad250e484e6ad079d07c4207d49ef184d1307ce112c457be7662ad84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
127
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 02 Mar 2024 23:04:15 GMT
etag
W/"1ed17ec5e537c54340ba9672efb5ca75"
last-modified
Fri, 01 Mar 2024 15:00:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-id
FZyeGpC3HDr0bZmO0yTM_7wrI9CeAybcG7CYHgyT2hYyeB852GK1oA==
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sat, 02 Mar 2024 23:06:21 GMT
Location
https://tipping.nrl.com/
Referrer-Policy
strict-origin-when-cross-origin
Server
CloudFront
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
X-Amz-Cf-Id
_cd54XM3-qFTQlicp5A2NGQ1XG8mirLUSU3fU4aZtqboF_kxQEcIsA==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Redirect from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=82f9e28d-3935-49a1-b96f-a3d57b5d706e
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:21 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
37
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDQzwoMqeQ3WUTwJgTEv1qgWS0Va%2FvMaTSpRNyyfp7CVssueQQ1dYHSFR2W3NPCo30Q%2Fz%2FQzzGzw9To2EaNHqxpPjlzEg1xFXPn7yEheoOIhHZn88yEx3JMQ7lFHCPc7uvSIeOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
85e5096efe461c85-FRA
access-control-allow-headers
*
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter&family=Roboto&&display=swap
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1110c919a69177cea1c63211266ece478ae499fd7368ec306c076ee472068758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Mar 2024 23:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 23:06:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Mar 2024 23:06:21 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DY1M428ZXL
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e32a5e1fc5e9609c3c941c0a7d4d96ec7366216c7b64e45f595532449b219034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84520
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 23:06:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c9a69020c2dabe3a8c4a250537bf9c649cea8d9102659dc2b61afc56ec4a63b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29093
x-xss-protection
0
server
cafe
etag
817 / 19784 / m202402220101 / config-hash: 7305879754805612343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 23:06:22 GMT
main.371f95df.js
tipping.nrl.com/static/js/ 		1 MB
365 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/js/main.371f95df.js
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5025d702eab85902f370481b32488fdf86045ad15967e582d710e1f494abf22a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 15:19:35 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
28007
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:26 GMT
server
AmazonS3
etag
W/"a4bc4e27ac3e669307623811f639ac5e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
5f-T2hFYihHw74mnnilHJ4m30JKPHALUkJUgmtS76sceKDDm6-1Y0Q==
main.3573f3ce.css
tipping.nrl.com/static/css/ 		16 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/css/main.3573f3ce.css
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3ae470112f7e0bcd1384aeac12a008a604046661bd46d51ed0c3dd33854ee29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 15:19:35 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
28007
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:21 GMT
server
AmazonS3
etag
W/"645769208c3498e53c67f4081c95e5d9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
BJvHqdkpi9vxBw7WiHb_4kXbM0TOYCJmjLkfqsKJO3wssw-bR9oNjw==
gtm.js
www.googletagmanager.com/ 		469 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef066381ce47ad3fe387ca6a4f3a3b32b56b2d6d3ea2aaff4313c9ba5ae1eeb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123784
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Mar 2024 23:06:22 GMT
82f9e28d-3935-49a1-b96f-a3d57b5d706e
ekr.zdassets.com/compose/ 		966 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/82f9e28d-3935-49a1-b96f-a3d57b5d706e
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=82f9e28d-3935-49a1-b96f-a3d57b5d706e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c00a6db407d1f2f182f11a877b2743ea91533e87e6dd88acb383869ce2eede
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
85c4078e7c6c5e92-SEA, 85c4078e7c6c5e92-SEA
x-runtime
0.013579
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"57c00a6db407d1f2f182f11a877b2743"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUP%2FAdFoAtIho5so%2BLXULUwo28S%2FofBb4Kst1F7ghcl0Y6XdWeVgHZe4rnrpDV50pmayNVvXkavlkVLuTDhr4iHrkfB%2BVgXic6N5jmO97Bw%2Bk9uqA9Ityxv380o0iMFfwqI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
85e5097038ec3a9d-FRA
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DY1M428ZXL&gtm=45je42t1v9176188525za220&_p=1709420781806&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1752034637.1709420782&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1709420782&sct=1&seg=0&dl=https%3A%2F%2Ftipping.nrl.com%2F&dt=NRL%20Tipping&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=778
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY1M428ZXL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tipping.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3HDDN5MHSK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY1M428ZXL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb33f1722850f4bd49d69c5f1570f18bbedecefb86f50c574890c450ab064be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92573
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 23:06:22 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 		428 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:29:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
34588
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137662
x-xss-protection
0
server
cafe
etag
2919427224111863329
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 02 Mar 2025 13:29:54 GMT
destination
www.googletagmanager.com/gtag/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4375528&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1c2122832b594eb392290401e68604e99a3dc908c751c39a69855a7fed5f177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71048
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Mar 2024 23:06:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 23:06:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
5q1PafUvgHfAOZKtuOGC+/FAx+DbhVm2yBQMLSUjv4xO5rproBoATKTqPx3mXC0BoScoGLLaRWSHPqkboG2QBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
en.json
tipping.nrl.com/json/tipping/loco/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/json/tipping/loco/en.json
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30c2d8b01918d2c7f83876911b82ee92bccb53a15f49677a16c7870631a61313

Request headers

Accept
application/json, text/plain, */*
Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:24 GMT
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Sat, 02 Mar 2024 16:28:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
etag
"e54ad5353d9f6a5227cf0ff9726f2e62"
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
max-age=15
accept-ranges
bytes
content-length
4097
x-amz-cf-id
NuxFZEkgFqd96-Nrp9JaxJcL43zh6GcQSd6IG6pkd506PR8ErRUCZA==
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3HDDN5MHSK&gtm=45je42t1v889228556za220&_p=1709420781806&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1752034637.1709420782&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709420782&sct=1&seg=0&dl=https%3A%2F%2Ftipping.nrl.com%2F&dt=NRL%20Tipping&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1038
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HDDN5MHSK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tipping.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
78756360
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/78756360?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff7d871a3eef7c0f485b1d8a365dc9bb32d3038aa62ce5268508e7e823c3d09d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-_f9cYWFE5gEcI6h6rrqTnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-_f9cYWFE5gEcI6h6rrqTnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8e5h33o2gQ0XGmYyAQAB5y1o"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=1761201709.1709420782;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;d...
  • https://ad.doubleclick.net/activity;dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=1761201709.1709420782;pscdl=noapi;gtm=45fe42t1z877533538za2...
  • https://adservice.google.com/ddm/fls/z/dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1...
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=CPf7k9TY1oQDFeLLOwIdICAAHw;src=4375528;type=nrlve0;cat=nrl-t001;ord=1739062183499;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42t1z877533538za201;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
878285258903139
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/878285258903139?v=2.9.148&r=stable&domain=tipping.nrl.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2566abe31fa835fb333f9edfb0f83df5b14f91adfcb2f633a18ffc4fe7fd55fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 23:06:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
pzDmWyjUKPwrisG5STqxHV1tiJ+kdu18hF9OfLB9583N5NcLlFMYWHsTh92uBIeY3ohFMEYr13KNYO6lgjXLsw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
AGSKWxVsSWRLt916swEiyLPDLB5Uk7-Iq4lnMzZ7CCF9PGUVGEp_1O3HZOVJriSJ8fqI-DhGHGQ6LfiU1AnFIn7lZfWW5yFIylhXsuhx0Ytw4phMJ1iqy9ITc2F1D6kcwmdhIN9H5Xy8Lw==
fundingchoicesmessages.google.com/f/ 		374 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVsSWRLt916swEiyLPDLB5Uk7-Iq4lnMzZ7CCF9PGUVGEp_1O3HZOVJriSJ8fqI-DhGHGQ6LfiU1AnFIn7lZfWW5yFIylhXsuhx0Ytw4phMJ1iqy9ITc2F1D6kcwmdhIN9H5Xy8Lw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NDIwNzgyLDY5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aXBwaW5nLm5ybC5jb20vIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwQF2fskyAOycMmVP1q4f6hVo0GBQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f6dbfd99673e1a27c68d187d3825ae644d850b97b217785e9ae448cc03453d5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uq0vQ-YSLrpFpW4rjty8tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uq0vQ-YSLrpFpW4rjty8tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8e5h33o2gQ-da38xAQACeC3t"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=878285258903139&ev=PageView&dl=https%3A%2F%2Ftipping.nrl.com%2F&rl=&if=false&ts=1709420782755&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709420782752.1705804658&hmd=ddc1f9650716a18ccd1028d7&pl=https%3A%2F%2Ftipping.nrl.com&ler=empty&cdl=API_unavailable&it=1709420782573&coo=false&rqm=GET
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 23:06:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=878285258903139&ev=Microdata&dl=https%3A%2F%2Ftipping.nrl.com%2F&rl=&if=false&ts=1709420782759&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NRL%20Tipping%22%2C%22meta%3Adescription%22%3A%22Your%20journey%20to%20tipping%20greatness%20begins%20here%20%E2%80%93%20step%20into%20the%20NRL%20Tipping%20Game%20and%20let%20your%20instincts%20shine!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22NRL%20Tipping%22%2C%22og%3Adescription%22%3A%22Your%20journey%20to%20tipping%20greatness%20begins%20here%20%E2%80%93%20step%20into%20the%20NRL%20Tipping%20Game%20and%20let%20your%20instincts%20shine!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftipping.nrl.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftipping.nrl.com%2Fsocial_share.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.148&r=stable&ec=1&o=4126&fbp=fb.1.1709420782752.1705804658&hmd=ddc1f9650716a18ccd1028d7&pl=https%3A%2F%2Ftipping.nrl.com&ler=empty&cdl=API_unavailable&it=1709420782573&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 23:06:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
web-widget-main-4793dd1.js
static.zdassets.com/web_widget/classic/latest/ Frame 9539 		910 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4793dd1.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=82f9e28d-3935-49a1-b96f-a3d57b5d706e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b2031c3a3e0c45b54275a78b8c0083ad6f1e8a46162ccb0884f175507ad627
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
x-amz-version-id
4JS.UrrxV8DpFlX2_OMaaMRkaPXSuvEX
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FWDEBW896YMRCNCW
age
511087
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
WywfU1fSN7+aSDmxiDw687NeU045r1K3/Y+DpoUzOhbsEf2ZswCzRY3DrBw51Vj/u63NqD/uGkPQZ1gyKP60cQ==
last-modified
Fri, 23 Feb 2024 00:28:02 GMT
server
cloudflare
etag
W/"92b28a14a7b6fd2d7a610c33e17b7569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd7cItfcS%2ByCwerltLO34O66ydP%2BN9w%2FLqLNoKSvWtYi2oyj5VZxMEJQmyBVkj4T%2BI3%2BQtJCa03F06WVpMHNUI97Wdt%2F4Xfx5EKamDa%2Bl%2BJl0233dvkD6J4VS0j8IRZitTf8VwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85e50974698b1c85-FRA
access-control-allow-headers
*
expires
Sat, 22 Feb 2025 00:28:01 GMT
css
fonts.googleapis.com/ 		107 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwyFLpNKY2V7TORlzEb8_ENYoGtZQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Mar 2024 23:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 23:06:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Mar 2024 23:06:22 GMT
P07sA3RWdMgQI3xB8rJcqEVUU2zuL_IhcNFR1IjT2f8YpvbL3E_JByz3XIqUyIIdx4zrY8HZ1gcm4juMy50XChY6O3vRF-aaxvNwpaMub1Bbi2S9HysC=h60
lh3.googleusercontent.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/P07sA3RWdMgQI3xB8rJcqEVUU2zuL_IhcNFR1IjT2f8YpvbL3E_JByz3XIqUyIIdx4zrY8HZ1gcm4juMy50XChY6O3vRF-aaxvNwpaMub1Bbi2S9HysC=h60
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
843ada21bff4f39ce9ebcc86246e462a8115eb4d57718a3ab28ec4940f66c9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:22 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 03 Mar 2024 23:06:22 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tipping.nrl.com/
Origin
https://tipping.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 03:51:57 GMT
x-content-type-options
nosniff
age
328466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 03:51:57 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tipping.nrl.com/
Origin
https://tipping.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:34:50 GMT
x-content-type-options
nosniff
age
322293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 05:34:50 GMT
AGSKWxVc7MXYF8A7PH8CuNSXurjE7ANQLk--g5e6rdv9wJGeV8ZQEckxNk45XT0xiOyMFa8LSjY9lTYHUjMwP2uugWuD6M1JyabQ5VR7fprAJx6GjEZJsZvbqtzh8YErPWvp_c-wRuoQWA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVc7MXYF8A7PH8CuNSXurjE7ANQLk--g5e6rdv9wJGeV8ZQEckxNk45XT0xiOyMFa8LSjY9lTYHUjMwP2uugWuD6M1JyabQ5VR7fprAJx6GjEZJsZvbqtzh8YErPWvp_c-wRuoQWA==
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sp5SUk8q3HgUhe51she_kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Mar 2024 23:06:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sp5SUk8q3HgUhe51she_kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTN8f5h33o2gYa9PYIAfMYQww"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tipping.nrl.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
en-us-json-4793dd1.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 9539 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4793dd1.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4793dd1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:23 GMT
x-amz-version-id
jTivVr0cQDBLE_o7brRaksXveHkOFUrV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
S2PVK6ANR7J0SXCP
age
511083
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
HrauFZmlMQ6RSorsnDCHR+hTyMiDktc49VcZA8kFljC8ME0JNm1UEww7u9vqWTE9q16O6yn1ckg=
last-modified
Fri, 23 Feb 2024 00:28:04 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUvBZbhBzBkWNigYOJ7dmR3Y4kLKPUZ%2FYAkv%2BgnScTGFYwdKJ5%2B4eckwRSL8U%2F%2BcEfolbzaKY9HuQi1mUCsWMk908VQFWRYrrYeESL5tDFZS4UUUq4n%2FZV5zuIMBBSlZ5UW0MAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85e509767aca1c85-FRA
access-control-allow-headers
*
expires
Sat, 22 Feb 2025 00:28:03 GMT
config
nrltipping.zendesk.com/embeddable/ Frame 9539 		546 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nrltipping.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4793dd1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4845c02833e6f14f06ed15f698b2681c772e64f9bea192845fd06b8902d9e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-64967c44cf-tzdsx
x-cached
MISS
x-request-id
85e509771cff03e0-FRA
x-runtime
0.001982
last-modified
Sat, 02 Mar 2024 05:56:25 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ze9ETMeZhTIEVi%2F8BZ713r7JVjBdqFqQ1wMbHnrmI0yIsOAg0%2F7L5NwFHBqzSZASsfKpYTK14nHwqcFNgdf8GxJgziOIDG6Y25b9RKNpBUXgZtj9oIEw%2Fpk%2BiLtwf1XUmDJX5rOYEvY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
85e509771cff03e0-FRA
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Mar 2024 21:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5660
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 02 Mar 2024 23:32:03 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3HDDN5MHSK&gtm=45je42t1v889228556za220&_p=1709420781806&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1752034637.1709420782&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709420782&sct=1&seg=0&dl=https%3A%2F%2Ftipping.nrl.com%2F&dt=NRL%20Tipping&en=scroll&epn.percent_scrolled=90&_et=8&tfd=1798
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HDDN5MHSK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tipping.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2065293112&t=pageview&_s=1&dl=https%3A%2F%2Ftipping.nrl.com%2F&ul=en-us&de=UTF-8&dt=NRL%20Tipping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEKB~&jid=980739207&gjid=637578959&cid=1752034637.1709420782&tid=UA-98403742-21&_gid=41208031.1709420783&_r=1&_slc=1&gtm=45He42t1n81PV42QSKv77533538za200&cd2=-&cd3=-&cd4=-&cd5=-&cd6=-&cd7=-&cd8=-&cd9=-&cd10=-&cd11=-&cd13=-&cd14=-&cd15=-&cd16=-&cd19=No&cd24=Web&cd25=tipping.nrl.com&cd26=-&cd32=CONTAINER%20ID%3A%20GTM-PV42QSK%20%7C%20CONTAINER%20VERSION%3A%20210&cd34=False&cd35=-&cd36=-&cd40=-&cd41=-&cd43=-&cd45=-&cd61=0&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&tcfd=10001&cd27=1752034637.1709420782&z=1673763345
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tipping.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-98403742-21&cid=1752034637.1709420782&jid=980739207&gjid=637578959&_gid=41208031.1709420783&_u=YCDACEAABAAAACAEKB~&z=1634364665
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 02 Mar 2024 23:06:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tipping.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98403742-21&cid=1752034637.1709420782&jid=980739207&_u=YCDACEAABAAAACAEKB~&z=1494857532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98403742-21&cid=1752034637.1709420782&jid=980739207&_u=YCDACEAABAAAACAEKB~&z=1494857532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
tipping.nrl.com/api/en/ 		66 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/api/en/user
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7bc4bfd04b30283a95eecf798629efc05a8b2b93d2544da6057734a437767159

Request headers

Accept
application/json, text/plain, */*
Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:24 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P6
x-trace
2B6C8DB14A36E9D32ECE6BF1EE64F7F845B4DEF38ECA40E10D43AFDE3D00
x-cache
Error from cloudfront
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-amz-cf-id
EHxzRxxF0L0GhdYTQDw_adQLnyKEuFl9l-wKvIypg4-91W6GoOEIwA==
expires
Sat, 02 Mar 2024 23:06:24 GMT
sb_web.json
tipping.nrl.com/json/tipping/ 		97 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/json/tipping/sb_web.json
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
692106f87eebab6d09e7f9dc8cb4bd58a5aeeed88dd82956b134c84e0e8509c4

Request headers

Accept
application/json, text/plain, */*
Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:26 GMT
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 15:36:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
etag
"00af8cbcb4096b81cce7ef67dcb0f39c"
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
max-age=15
accept-ranges
bytes
content-length
81
x-amz-cf-id
CnQBvzqXSq4nRez6YrYx4vbqRErCFI2jNvbRbX_p0GceKB6m2B5Hyg==
847.235cc40e.chunk.js
tipping.nrl.com/static/js/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/js/847.235cc40e.chunk.js
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac155741fb3f28936ecbf5427df648b3fc95de3078871e777b5d5279c8f1f6c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 15:19:35 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
28011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:25 GMT
server
AmazonS3
etag
W/"2ec3e111bfdb5d20a5577df2bf46ef51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
jP4a2gAmwFH38F-YKHFHHKmGC8-UM96n7xdJuht1lmGRX5dwaIT15A==
rounds.json
tipping.nrl.com/json/tipping/ 		162 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/json/tipping/rounds.json
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/js/main.371f95df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
723bbd2a7637a15b87d20498a111ce1db0ce38ba515c21bcf0e40ca75b3f18b0

Request headers

Accept
application/json, text/plain, */*
Referer
https://tipping.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 23:06:27 GMT
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Sat, 02 Mar 2024 23:00:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
"d5336e6e70e1599f6c3c205d2ebb82f0"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
cache-control
max-age=15
accept-ranges
bytes
content-length
8162
x-amz-cf-id
agQ5rqaIm6g7yu1bNb0ciT7yHgYp-kuaM5XMEEQWytqRtK1dAcKHAQ==
homeBg.04d4d7fd1ec03d8fbfa0.png
tipping.nrl.com/static/media/ 		369 KB
370 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tipping.nrl.com/static/media/homeBg.04d4d7fd1ec03d8fbfa0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
295e74fcbf9f83ee08da9264a39ad55f05bb55de2bc262140f1e6680c300cd30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 16:55:59 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
22227
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
377395
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:30 GMT
server
AmazonS3
etag
"2d7608b5daf22a85e79386a4883c66ce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
dhkA3fAUiNafBxxe3MFcdpF_2d1RQZrJLdgPikJF5HvYV0-TMDKuGQ==
mobileHomeBg.d10fb4968e4593cc7296.png
tipping.nrl.com/static/media/ 		242 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tipping.nrl.com/static/media/mobileHomeBg.d10fb4968e4593cc7296.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf9eda4ef57c96f4c29716c8d2a909ae90271d684f8d30d63e4b21509b5bb5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 15:19:35 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
28011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
247646
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:30 GMT
server
AmazonS3
etag
"cd22584c654fa46f6197c46e42a35e17"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
nGPsjeKhY9KHC8bSVRvKoOCLC6-Q6BWOdGrOcgik12KejheODDNXUg==
streakCardBg.0c3a5ca4fbede793d83d.png
tipping.nrl.com/static/media/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tipping.nrl.com/static/media/streakCardBg.0c3a5ca4fbede793d83d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ed85f9922cd320de17fb1025d83c6b1473d41a6ad0e5e2d56edede37de95f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 15:19:35 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
28011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
91021
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:32 GMT
server
AmazonS3
etag
"0f1bd94d082762099e339e3476e7b614"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
SybbJcVOM79lAt3NPeodf_XFOtEQusXCVU32q3Ru-vhMIUWM8vtJ8g==
RL2-Bold.013a3553dc02158c0f14.woff2
tipping.nrl.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/media/RL2-Bold.013a3553dc02158c0f14.woff2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/css/main.3573f3ce.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d8415b1edba822c55866ee442d6d79b06d29fb3c8cf0f736000f594eea62f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tipping.nrl.com/static/css/main.3573f3ce.css
Origin
https://tipping.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:00:42 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
36344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15176
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:26 GMT
server
AmazonS3
etag
"53aa285d1c94f18322ac8f25640cfd4d"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
x-amz-cf-id
kCnZPVfkZhYsA6UDyq6XKyDv8-_XTHp2HOitrlsTjhuHA1ySTq_iqA==
SourceSansPro-Regular.3e4631df0f467cf3b82d.woff2
tipping.nrl.com/static/media/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/media/SourceSansPro-Regular.3e4631df0f467cf3b82d.woff2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/css/main.3573f3ce.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484aad4b12cb849cd0e001d1c8855e0503547d6a2fbee8a8cfebb7c4126aba64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tipping.nrl.com/static/css/main.3573f3ce.css
Origin
https://tipping.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:00:42 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
36344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
57036
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:28 GMT
server
AmazonS3
etag
"fb1a09f7255cfccbba9e355ed4355011"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
x-amz-cf-id
x0rcERp7Pz1H8vBqHIJfE3XjXY5TSxADJrtpXxT5dpD75L6W--LURw==
RL2-Regular.7e0d8c798c78fad284e7.woff2
tipping.nrl.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/media/RL2-Regular.7e0d8c798c78fad284e7.woff2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/css/main.3573f3ce.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6db4671eaf5f1c45b4cfb9e659d07e8ec158e4ec0513cfa21e69f8acb01e6d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tipping.nrl.com/static/css/main.3573f3ce.css
Origin
https://tipping.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:00:33 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
36353
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15300
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:27 GMT
server
AmazonS3
etag
"3169b396bc84872cdc4c2a8d5d7304d0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
x-amz-cf-id
LmEG66xfX2wLctNLeOR-vl2eBLPzIR3RY5bLGIzi4EK55sMiVRbw3Q==
RL2-Medium.e13dd6019c7fbdcde2bd.woff2
tipping.nrl.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tipping.nrl.com/static/media/RL2-Medium.e13dd6019c7fbdcde2bd.woff2
Requested by
Host: tipping.nrl.com
URL: https://tipping.nrl.com/static/css/main.3573f3ce.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f7f7d6dd97fc394d28e4b9786a09c2aea0976a560269e287fe4c0a299c01c84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tipping.nrl.com/static/css/main.3573f3ce.css
Origin
https://tipping.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:00:43 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P6
age
36343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15288
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 15:00:27 GMT
server
AmazonS3
etag
"5e513fc564042dd1713528a9aa4e1734"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
x-amz-cf-id
eiPyxRkYGHhck50E0Xms6h_1Z5mN72VIIUiNwMST2JOK324d2tMe-w==
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3HDDN5MHSK&gtm=45je42t1v889228556z877533538za220&_p=1709420781806&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=1752034637.1709420782&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1709420782&sct=1&seg=1&dl=https%3A%2F%2Ftipping.nrl.com%2F&dt=NRL%20Tipping&en=page_view&ep.platform=Web&ep.page_load_time=1.76&ep.content_id=-&ep.content_type=-&ep.content_name=-&ep.publish_date=-&ep.content_topic=-&ep.content_subtype=-&ep.content_sponsor=-&ep.content_teams=-&ep.content_team_1=-&ep.competition=-&ep.season=-&ep.round=-&ep.match=-&ep.syndicate_content=False&ep.syndicate_original_creator=-&ep.syndicate_original_url=-&ep.content_author=-&ep.players=-&ep.content_additionalTopics=-&_et=745&up.loggedin=No&up.has_adblocker=-&up.ga_cid=GA1.1.1752034637.1709420782&up.age=-&tfd=6798
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HDDN5MHSK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tipping.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 23:06:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tipping.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings function| gtag object| googletag object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunknrl_tipping_fe function| _ number| __mobxInstanceCount object| __mobxGlobals object| __SENTRY__ object| ggeac object| google_js_reporting_queue function| fbq function| _fbq string| newSource string| newMedium object| paramArr object| urlArr function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTZkNjNjZTY2M2RmYTM2YWxvYWRlcl9qcw== string| ZTZkNjNjZTY2M2RmYTM2YWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| zEACLoaded function| $zopim string| GoogleAnalyticsObject function| ga boolean| isOverIframe object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
.nrl.com/ Name: _ga_DY1M428ZXL
Value: GS1.1.1709420782.1.0.1709420782.0.0.0
.nrl.com/ Name: _ga
Value: GA1.1.1752034637.1709420782
.nrl.com/ Name: _gcl_au
Value: 1.1.1761201709.1709420782
.nrl.com/ Name: _fbp
Value: fb.1.1709420782752.1705804658
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.nrl.com/ Name: _ga_3HDDN5MHSK
Value: GS1.1.1709420782.1.1.1709420783.0.0.0
.nrl.com/ Name: _gid
Value: GA1.2.41208031.1709420783
.nrl.com/ Name: _gat_UA-98403742-21
Value: 1
tipping.nrl.com/ Name: PHPSESSID
Value: 4s0modep46raj31q1nqtkkapvt

4 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/878285258903139?v=2.9.148&r=stable&domain=tipping.nrl.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://tipping.nrl.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tipping.nrl.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://tipping.nrl.com/api/en/user
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
nrltipping.zendesk.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
tipping.nrl.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.53.111
104.18.70.113
108.138.7.111
108.138.7.12
142.250.185.198
2001:4860:4802:32::36
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c02::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
01b2031c3a3e0c45b54275a78b8c0083ad6f1e8a46162ccb0884f175507ad627
02a71299ad250e484e6ad079d07c4207d49ef184d1307ce112c457be7662ad84
0c9a69020c2dabe3a8c4a250537bf9c649cea8d9102659dc2b61afc56ec4a63b
1110c919a69177cea1c63211266ece478ae499fd7368ec306c076ee472068758
1f7f7d6dd97fc394d28e4b9786a09c2aea0976a560269e287fe4c0a299c01c84
2566abe31fa835fb333f9edfb0f83df5b14f91adfcb2f633a18ffc4fe7fd55fe
295e74fcbf9f83ee08da9264a39ad55f05bb55de2bc262140f1e6680c300cd30
30c2d8b01918d2c7f83876911b82ee92bccb53a15f49677a16c7870631a61313
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
484aad4b12cb849cd0e001d1c8855e0503547d6a2fbee8a8cfebb7c4126aba64
4d8415b1edba822c55866ee442d6d79b06d29fb3c8cf0f736000f594eea62f70
5025d702eab85902f370481b32488fdf86045ad15967e582d710e1f494abf22a
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
57c00a6db407d1f2f182f11a877b2743ea91533e87e6dd88acb383869ce2eede
5ed85f9922cd320de17fb1025d83c6b1473d41a6ad0e5e2d56edede37de95f61
692106f87eebab6d09e7f9dc8cb4bd58a5aeeed88dd82956b134c84e0e8509c4
6db4671eaf5f1c45b4cfb9e659d07e8ec158e4ec0513cfa21e69f8acb01e6d9f
6f6dbfd99673e1a27c68d187d3825ae644d850b97b217785e9ae448cc03453d5
723bbd2a7637a15b87d20498a111ce1db0ce38ba515c21bcf0e40ca75b3f18b0
7bc4bfd04b30283a95eecf798629efc05a8b2b93d2544da6057734a437767159
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
843ada21bff4f39ce9ebcc86246e462a8115eb4d57718a3ab28ec4940f66c9c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
ac155741fb3f28936ecbf5427df648b3fc95de3078871e777b5d5279c8f1f6c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4845c02833e6f14f06ed15f698b2681c772e64f9bea192845fd06b8902d9e82
c3ae470112f7e0bcd1384aeac12a008a604046661bd46d51ed0c3dd33854ee29
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cf9eda4ef57c96f4c29716c8d2a909ae90271d684f8d30d63e4b21509b5bb5c8
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c2122832b594eb392290401e68604e99a3dc908c751c39a69855a7fed5f177
e32a5e1fc5e9609c3c941c0a7d4d96ec7366216c7b64e45f595532449b219034
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
ef066381ce47ad3fe387ca6a4f3a3b32b56b2d6d3ea2aaff4313c9ba5ae1eeb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb33f1722850f4bd49d69c5f1570f18bbedecefb86f50c574890c450ab064be6
ff7d871a3eef7c0f485b1d8a365dc9bb32d3038aa62ce5268508e7e823c3d09d