urlscan.io logo urlscan.io
SecurityTrails logo

fantasy.nrl.com Open in urlscan Pro
2600:9000:2644:8200:b:4320:3300:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fantasy.nrl.com/
Effective URL: https://fantasy.nrl.com/
Submission: On January 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 105 HTTP transactions. The main IP is 2600:9000:2644:8200:b:4320:3300:93a1, located in United States and belongs to AMAZON-02, US. The main domain is fantasy.nrl.com. The Cisco Umbrella rank of the primary domain is 730177.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 15th 2023. Valid for: a year.
This is the only time fantasy.nrl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:264... 16509 (AMAZON-02)
47 2600:9000:264... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 104.18.72.113 13335 (CLOUDFLAR...)
2 2.19.245.205 16625 (AKAMAI-AS)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 104.18.70.113 13335 (CLOUDFLAR...)
3 18.165.183.30 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
5 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.184.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 104.16.53.111 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
3 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
1 34.208.216.197 16509 (AMAZON-02)
5 151.101.2.133 54113 (FASTLY)
105 28
1    2600:9000:2644:c000:b:4320:3300:93a1 (United States)

ASN16509 (AMAZON-02, US)
fantasy.nrl.com
47    2600:9000:2644:8200:b:4320:3300:93a1 (United States)

ASN16509 (AMAZON-02, US)
fantasy.nrl.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
2    2.19.245.205 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-205.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
survey.survicate.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
3    18.165.183.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-30.zrh55.r.cloudfront.net
js.stripe.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
surveys-static.survicate.com
5    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
nrlfantasy.zendesk.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:2057:8800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    34.208.216.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-216-197.us-west-2.compute.amazonaws.com
m.stripe.com
5    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.nrl.com
Apex Domain
Subdomains		 Transfer
53 nrl.com
fantasy.nrl.com — Cisco Umbrella Rank: 730177
www.nrl.com — Cisco Umbrella Rank: 638124
1 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227
q.stripe.com — Cisco Umbrella Rank: 7010
m.stripe.com — Cisco Umbrella Rank: 1188
149 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
468 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 2
120 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
166 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
181 KB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2047
ekr.zdassets.com — Cisco Umbrella Rank: 2364
277 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 236
1 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315
18 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
216 B
2 survicate.com
survey.survicate.com — Cisco Umbrella Rank: 4844
surveys-static.survicate.com — Cisco Umbrella Rank: 7196
5 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 704
px.moatads.com — Cisco Umbrella Rank: 660
109 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
10 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6518
408 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
3 KB
1 zendesk.com
nrlfantasy.zendesk.com
1 KB
105 19
Domain Requested by
48 fantasy.nrl.com 1 redirects fantasy.nrl.com
6 www.googletagmanager.com fantasy.nrl.com
www.googletagmanager.com
www.google-analytics.com
5 www.nrl.com
5 www.google-analytics.com www.googletagmanager.com
fantasy.nrl.com
4 connect.facebook.net fantasy.nrl.com
connect.facebook.net
3 q.stripe.com fantasy.nrl.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
fantasy.nrl.com
3 js.stripe.com fantasy.nrl.com
js.stripe.com
3 static.zdassets.com fantasy.nrl.com
static.zdassets.com
2 bam.nr-data.net js-agent.newrelic.com
fantasy.nrl.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.gstatic.com fantasy.nrl.com
2 www.facebook.com fantasy.nrl.com
2 ad.doubleclick.net 2 redirects
2 securepubads.g.doubleclick.net fantasy.nrl.com
securepubads.g.doubleclick.net
2 fonts.googleapis.com fantasy.nrl.com
1 m.stripe.com m.stripe.network
1 js-agent.newrelic.com fantasy.nrl.com
1 www.google.de fantasy.nrl.com
1 www.google.com fantasy.nrl.com
1 lh3.googleusercontent.com fantasy.nrl.com
1 stats.g.doubleclick.net fantasy.nrl.com
1 nrlfantasy.zendesk.com static.zdassets.com
1 region1.google-analytics.com www.googletagmanager.com
1 adservice.google.com fantasy.nrl.com
1 surveys-static.survicate.com survey.survicate.com
1 px.moatads.com fantasy.nrl.com
1 ekr.zdassets.com static.zdassets.com
1 survey.survicate.com fantasy.nrl.com
1 z.moatads.com fantasy.nrl.com
105 30
Subject Issuer Validity Valid
*.nrl.com
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.survicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-18 -
2024-08-31		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
nrlfantasy.zendesk.com
Cloudflare Inc ECC CA-3		 2023-12-09 -
2024-12-08		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
nrl.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-19 -
2024-03-21		 a year crt.sh

This page contains 4 frames:

Primary Page: https://fantasy.nrl.com/
Frame ID: 7E203DB683858D6D9E77031E15B641AD
Requests: 94 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 127EEDD391F75D542BC08F2A482FCF8D
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 92BBA93B62A1529521271D5FEB217B2C
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 87F151C39A8E173F817C100AFCC5B0F7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NRL Fantasy

Page URL History Show full URLs

  1. http://fantasy.nrl.com/ HTTP 301
    https://fantasy.nrl.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

105
Requests

99 %
HTTPS

63 %
IPv6

19
Domains

30
Subdomains

28
IPs

4
Countries

3132 kB
Transfer

9218 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fantasy.nrl.com/ HTTP 301
    https://fantasy.nrl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=262631472.1705988102;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=262631472.1705988102;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=*;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fantasy.nrl.com/
Redirect Chain
  • http://fantasy.nrl.com/
  • https://fantasy.nrl.com/
25 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79e0ea3c62f5983e3786cd28cca3261e4fd613fb2bc6e6db4e7756ffc956909f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
253
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 05:30:49 GMT
etag
W/"4cc1483ebd797a21b8ddc65ba6179ead"
last-modified
Thu, 04 Jan 2024 23:21:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-cf-id
YwDgBOAB567WQD5ARueaFbVyuippNu2UzL3T5AkxNmLM0KZNaE9DVA==
x-amz-cf-pop
FRA60-P6
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Tue, 23 Jan 2024 05:35:01 GMT
Location
https://fantasy.nrl.com/
Server
CloudFront
Via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
-q0BctyMYhHGhAMoRs3EIH63hab_8A_PI-aiJ5g8hu3d88R9-DdU7Q==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Redirect from cloudfront
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 05:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 05:28:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 05:35:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d71d2f8d81f5dcf925dedfbbea4feb64496565db0d1ec904288575e8a34d431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29769
x-xss-protection
0
server
cafe
etag
128 / 19745 / m202401180101 / config-hash: 18080187960036651006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 05:35:01 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-47034296-3
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d641a4389485de2ba6aee27d6872eaf4d6f9d4e7346437d248b52d6280cf432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69296
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 05:35:02 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=7da2a88a-3afb-4af6-b133-0abb9da2bb85
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:01 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
21
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZPQRckgieTgIxXfx10QahR5WZPm0fsx8fiFSKM97LgCVxHvMmE62IlUX6bu8atxl6zKh4lfq5LJyjKZACMejZh1lhr86V%2FYNU%2B1Wsvltm96oIFhhv%2BAN3MAnpWIvATdRRxupL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
849dabc4892a2671-TXL
moatad.js
z.moatads.com/wavemakeraudcmdisplay106871250942/ 		317 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/wavemakeraudcmdisplay106871250942/moatad.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.245.205 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-205.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
536de3d281442b78b060982a630d90fd4c351f5d08dd71011591b4af6c4e6602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:01 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 10:56:33 GMT
server
AmazonS3
x-amz-request-id
RAV2CG8GDRSH2EM8
etag
"c970d646626763d8434589ae670a2718"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=33107
accept-ranges
bytes
content-length
110499
x-amz-id-2
9fqElr3C9n+mID05agcg2NAvvAGnti4N8qcCP4fEGfniBq26NLBWHDNrIFx/aFQ0SbnX4hlHbckswFjcffRryaTKRZWAKfQy
app.css
fantasy.nrl.com/ 		341 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac667e48d3f386a514b354f3929d66628e9fc1833c134510fb5638a78b5ba579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:29:56 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
306
etag
W/"fe979ac92013334fb5b5bf2856dd975d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
gPU8YHwfYEqVFBOL0XgAeNsAu8I0pU48vGdURz-tT_ZIt1ZRE_SIsQ==
app.js
fantasy.nrl.com/ 		2 MB
494 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/app.js?93c9000a63539d0a6bdb
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa9db05fd66776a934f665e39d92f918d1a300d7f782d6329702e91037856dd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:29:56 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
306
etag
W/"3397fbf61baa678d4b58fb84d8f57bd2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2-pmVcyNd5LbSczkANaStZ68PqKzgBXDH8l94MmSgx9AUu329g9kCw==
gtm.js
www.googletagmanager.com/ 		460 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0db1552220b5ebf8ee8296a85f1add92122e392ef6f4f77648113d8622f0f5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120104
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 05:35:02 GMT
gtm.js
www.googletagmanager.com/ 		143 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWJMMKP
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04d80dc21e1c1b1b27609cdec3f1a855e6ffa4b38b3c052c4e807a9e9e394a31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55172
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 05:35:02 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 05:35:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57022
x-xss-protection
0
pragma
public
x-fb-debug
T299PRbOM4Rr/axYybTnc203F4NUq+IrE8qO/mNLHhLoldBNOXQjfSWmGMJOk+4niuUdyzicjIqRbcIe6b2iGg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
web_surveys.js
survey.survicate.com/workspaces/b6de952525ab9e6d6eabf98389d0459f/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.survicate.com/workspaces/b6de952525ab9e6d6eabf98389d0459f/web_surveys.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
f4e318237380451b4bd3b0848410ad33df7c494194da17ee8caefbe2b8d123d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
x-amz-version-id
1BqrkcyVxu1dDVcWhPv9P3xfGH3Zl9hS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1081
content-security-policy
default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
x-amz-request-id
H38TTB0N86Q81S3A
cdn-cachedat
01/15/2024 18:34:17
cdn-pullzone
1158558
x-amz-id-2
VTe4/kdkgYO5goIydshtP1bmO8syulUOAo8u2uRNMB7ilE98/nNsPp22c109BlDunOMVKgNaXY8=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Jan 2024 17:41:30 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"dfced590de0dbc66f72d99524f53091f"
vary
Accept-Encoding, Accept-Encoding
report-to
{ "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] }
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=300
cdn-requestid
5c3855770765d272923ad08ac8fefc03
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
7da2a88a-3afb-4af6-b133-0abb9da2bb85
ekr.zdassets.com/compose/ 		966 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/7da2a88a-3afb-4af6-b133-0abb9da2bb85
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7da2a88a-3afb-4af6-b133-0abb9da2bb85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb6b8dae231d8372af5858b70bfebe465c9958574f72d51aeba3d5c5ea9326ad
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
84805ec76b7c1cc3-SEA, 84805ec76b7c1cc3-SEA
x-runtime
0.003936
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"bb6b8dae231d8372af5858b70bfebe46"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXqKTkG4dQTAYjm6DXIGeoCURCPY6D%2BJLSXzffkWMxq80ve0o0L7ewWGoDmREHmJSU56rwXvnZMK30pt2Xx38uw47BeUdn0PR%2F626qsVYNymhBPzcNccgZdZJDpzEnMNel0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
849dabc56af2451c-TXL
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
59393
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138095
x-xss-protection
0
server
cafe
etag
16105826302836755247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:05:09 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=WAVEMAKER_AU_DCM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1705988102010&de=902601139791&m=0&ar=805b0ce1b97-clean&iw=0812dc4&q=2&cb=0&ym=0&cu=1705988102010&ll=2&lm=0&ln=0&em=0&en=0&d=29447628%3A6720305%3A360037070%3A187179749&zMoatADV=10359490&zGSRC=1&gu=https%3A%2F%2Ffantasy.nrl.com%2F&id=1&ii=4&bo=nrl.com&bd=fantasy.nrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=wavemakeraudcmdisplay106871250942&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A-%3A0%3A0&fs=207009&na=998813374&cs=0
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.245.205 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 05:35:02 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.js?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ef36b84a87aaddbc529b08d743b65bf7eeeb58bec2cc771b563a30f071169d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 05:35:02 GMT
content-md5
fkGjmZOS7jvliBe7iXEVCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
DEGo9tK1u0CSeVHQXJxlriiJJw93HCujp6Witbv8utKUdm1uMazkPFyoHq7R5nuV4u+mX+PrauLYQSeLD4QqRw==
x-fb-content-md5
bf85e25aaab53a0a23e19a0f7f814f52
cross-origin-opener-policy
same-origin-allow-popups
etag
"e138845910d179ce52d21ff4dfa81f12"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 23 Jan 2024 05:48:31 GMT
RLFontRegular.woff2
fantasy.nrl.com/assets/fonts/rl/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/rl/RLFontRegular.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bba05df4dc016bcf23a114d0a4b4c354bbcaa3f2b5e28d8bb9696cec83522b04

Request headers

Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
298
x-cache
Hit from cloudfront
content-length
13300
last-modified
Thu, 04 Jan 2024 23:21:32 GMT
server
AmazonS3
etag
"d7de6b8af08206ddbdac3d6eee866249"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://fantasy.nrl.com
vary
Origin
access-control-allow-credentials
true
x-amz-cf-id
1zvD2OYKg0CUaLwO3MQVi8W-S5srEL4zv9Qrnzr0IamKG4QG6SLsGg==
/
js.stripe.com/v3/ 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.js?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-30.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
87b06cd6b194feca829ea57e600dce1b26702578fc2625f14a9d867f04deb146
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:34:49 GMT
content-encoding
br
via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
17
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Mon, 22 Jan 2024 23:10:02 GMT
server
Cloudfront
etag
W/"b1efcc1a5849d78d9a9f67b56d556923"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
uHeMxmHxgFNkvzv6yI3GJQapfgwpCmyJC6mA4wSblybE_aad94VvDQ==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1705988102093
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28fb561a844eef4ae5e8f048ff585f8cfe8aea12b8f12d33959c27c0bf1dc03

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 05:35:03 GMT
last-modified
Tue, 23 Jan 2024 05:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"c2097d9381ca4ebc33bbba199ce6b156"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
303
x-amz-cf-id
W-LVCD2iWnL9-aj9PBME9ZV4lg5ch7V3YvdLVNFajBvy28V8huUgaA==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1705988102095
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28fb561a844eef4ae5e8f048ff585f8cfe8aea12b8f12d33959c27c0bf1dc03

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 05:35:03 GMT
last-modified
Tue, 23 Jan 2024 05:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"c2097d9381ca4ebc33bbba199ce6b156"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
303
x-amz-cf-id
WYTJmzLcGTDYpDrkllgJNMPPiDdIn2Pj-iyJscaKYkosmhHaIMxERQ==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1705988102095
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28fb561a844eef4ae5e8f048ff585f8cfe8aea12b8f12d33959c27c0bf1dc03

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 05:35:03 GMT
last-modified
Tue, 23 Jan 2024 05:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"c2097d9381ca4ebc33bbba199ce6b156"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
303
x-amz-cf-id
rnXqBCI4ao5zTe7X3esrYPeyMe189RvCCFM4uWbn7788kPvHGvZGbQ==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1705988102096
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28fb561a844eef4ae5e8f048ff585f8cfe8aea12b8f12d33959c27c0bf1dc03

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 05:35:03 GMT
last-modified
Tue, 23 Jan 2024 05:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"c2097d9381ca4ebc33bbba199ce6b156"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
303
x-amz-cf-id
NMsqLFLJJTfngrvgqCyCVplNYWvF-kC2GqUUmLaUxuBBJjJTsuUjSw==
checksums.json
fantasy.nrl.com/data/nrl/ 		756 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/checksums.json?_=1705988102102
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28fb561a844eef4ae5e8f048ff585f8cfe8aea12b8f12d33959c27c0bf1dc03

Request headers

Accept
*/*
Referer
https://fantasy.nrl.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 05:35:03 GMT
last-modified
Tue, 23 Jan 2024 05:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
"c2097d9381ca4ebc33bbba199ce6b156"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
303
x-amz-cf-id
RchycIb0fb9hmqh4m77R09UApoC-7KBdPTn5gVCWERKACtLP9ex10Q==
menu_logo.svg
fantasy.nrl.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/menu_logo.svg
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5264ff2e5f577600364b18e62e7a83813cd74d94754e9509f4154cf7fe3250c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
298
etag
W/"78a6a32085d9c65476de196d6b71c515"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
5Oq1xejFOqRr3xNkqJzThvD9g7GoVIAeds4WK-PPern_t0aKsH-yfg==
nrl-fantasy-logo-header.svg
fantasy.nrl.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/nrl-fantasy-logo-header.svg
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a502624853ea4a283c94ed4e4b2773a9d0f55a0267ea673b6bb0155555ee0525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
298
etag
W/"b4653f6a77d75f8f5b6b9a152ba5ef6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
n8nDSqoNNXyG6pUalM6Zm7vYAHHGMvl4lD46xvz5hij9gAww8xYeJQ==
fb.webp
fantasy.nrl.com/assets/images/footer/ 		116 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/fb.webp
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2f388377ae43ef4d60aee5c3652deaa9c1fd16280e0ef3e714e46771067085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 00:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
298
etag
"39b48de2b0814cf41700f98424b34b0f"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=300, must-revalidate
content-length
116
x-amz-cf-id
1iyNjLTBfIu85bKTyzErw1zZUgTYTi-QxKoAuUp9-gRg_iDoX6VxCA==
tw.webp
fantasy.nrl.com/assets/images/footer/ 		202 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/tw.webp
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11f8e74475f9ed0a82574a5348d75fdf715a2a109078757c5d8b02a8022a7ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 00:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
298
etag
"795a062c1a442e5e06d540c738715edc"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=300, must-revalidate
content-length
202
x-amz-cf-id
3pSz8FrjhVqsh14aGtSUuLRtmB2O-bhwWz68iawja0adA9mGUym6JQ==
Insta.webp
fantasy.nrl.com/assets/images/footer/ 		314 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/Insta.webp
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d848900e5ba0a253af315927116d66de0a46ce0746a05bd91e60119a9922e6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 00:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
298
etag
"5532914f7c317b4d52d264545ad10eaa"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=300, must-revalidate
content-length
314
x-amz-cf-id
aM-bN5CjtaMOURzwEzLjcWbP9y6GkKIs_J6XXw2qbt9PU9hSbYki9w==
genius.png
fantasy.nrl.com/assets/images/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/footer/genius.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24522eb9ab8da6382f5119995db3aa4bb9ca27236a30fb23e65eaa9b853c279e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
298
etag
"5d1edae0db1aabcb0421b6237c3c28f3"
x-cache
Hit from cloudfront
content-type
image/png
content-length
2535
x-amz-cf-id
daUOapIqkBdwrxCp9bwVyQQ1j8SCvvWCXKDqp_R95rtN7wu30-HbEw==
nrl-logo-white.png
fantasy.nrl.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/nrl-logo-white.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
289
etag
"724ba7934133c15cfac1430064673891"
x-cache
Hit from cloudfront
content-type
image/png
content-length
1751
x-amz-cf-id
PTs92xjCyUakvGWtI6XUHvkcHFfP3pfJLnS1GP-F0oWp-Qu-s-9Q3Q==
green-arrow-down.png
fantasy.nrl.com/assets/images/ 		262 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/green-arrow-down.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba96da88d333751b4c4365aba8517c0ba8aefa837d574baef1835c7a9581347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
288
etag
"4fdbe966d1289297289a670254677fc7"
x-cache
Hit from cloudfront
content-type
image/png
content-length
262
x-amz-cf-id
e8pqLOXel7uDh0axjbc9RLsrO_7iCRN3aWdEKuk41fPOHcB7YXCBkA==
login-banner.png
fantasy.nrl.com/assets/images/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/login-banner.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c472cc8b0d581072a9d9067bf18b88006357f37f3018fd45dc33c8978426acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
288
etag
"e40ea84540e09dd4189acd67dc361047"
x-cache
Hit from cloudfront
content-type
image/png
content-length
392677
x-amz-cf-id
tPMiOqr4ui2Cp1PBE5-XjfwzNtsLUduiuyh13jW3HSVLZPeTXQekVg==
fantasy-badge.png
fantasy.nrl.com/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/fantasy-badge.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09c1bee000689fd2a03b672378dea010d385dd6160b49435180c79d78154e7c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
288
etag
"d3803bfe9c0d9827531cdf0f76b0b280"
x-cache
Hit from cloudfront
content-type
image/png
content-length
2404
x-amz-cf-id
mloMcvUQd-Zn_zpsGy4d99GW2-DnzU6MqqGVd7WSIGvajFL3Dgp4Xg==
draft-badge.png
fantasy.nrl.com/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/draft-badge.png
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d5f7db5c567c34a7ae0b4f30399ae8a8c7739f3b74d8b67e055b36ab3bd1e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
288
etag
"531db242d8f30610f2e19ae37331de72"
x-cache
Hit from cloudfront
content-type
image/png
content-length
2650
x-amz-cf-id
pnIaBQYWTs6-_b2mSQhFa5CMrHnSfcqGhV4G8tV51cTJb-T7RsdDMw==
ionicons.ttf
fantasy.nrl.com/assets/fonts/Ionicons/ 		184 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/Ionicons/ionicons.ttf?v=2.0.0
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
298
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 23:21:30 GMT
server
AmazonS3
etag
W/"24712f6c47821394fba7942fbb52c3b2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
https://fantasy.nrl.com
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
Rza7rTyqf7-DilcIS6hQdKIISMAe5G1zTg73BXLlVTxRuR4z2rk3FQ==
RLFontBoldItalic.woff2
fantasy.nrl.com/assets/fonts/rl/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/rl/RLFontBoldItalic.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e09beca6d0029cf68f76c9e56600f1c65c3a1d73ac3772dbb06ed00b801184d

Request headers

Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
298
x-cache
Hit from cloudfront
content-length
15020
last-modified
Thu, 04 Jan 2024 23:21:32 GMT
server
AmazonS3
etag
"68b0b6118d5848c1b64f54d509bf7a75"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://fantasy.nrl.com
vary
Origin
access-control-allow-credentials
true
x-amz-cf-id
chOHLX0VlMR-DekD7E9M99fknDx4cPVhnW25Y6ysuQX2gMcwR2Q7pw==
RLFontBold.woff2
fantasy.nrl.com/assets/fonts/rl/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/assets/fonts/rl/RLFontBold.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d099b34701fb032d6ee01032360b7d3a660361e5c335824a25aea3cd5b64a345

Request headers

Referer
https://fantasy.nrl.com/app.css?93c9000a63539d0a6bdb
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
298
x-cache
Hit from cloudfront
content-length
13044
last-modified
Thu, 04 Jan 2024 23:21:32 GMT
server
AmazonS3
etag
"b807acd63711c482b168c0edf53bacb3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://fantasy.nrl.com
vary
Origin
access-control-allow-credentials
true
x-amz-cf-id
tmLlSmVK-vKz-YE2Md7mwOsnzp4FIZej8Hc_RL8P7yI7O4n4XHX_Zw==
78756360
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/78756360?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c75815f5065ef1ffb4a0d312e19088a32dbe905a2818245dbc6bcdb70467b88
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zWnVUU8-Yf8HDaTVrClrHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zWnVUU8-Yf8HDaTVrClrHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KchxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJp6vL5kkgFgDiN9JvmL6BsQ7fDxY3oRPZ-WKmM56umA662UgZquYzsoHxHF101nzgJhv3XRW3fXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglGsgGYqf0GaxBQPw5cwbrbyAW4uFoW7B3LZvAgRn9MxgB5Oxcog"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
web-widget-main-1bfc6fa.js
static.zdassets.com/web_widget/classic/latest/ Frame 127E 		923 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7da2a88a-3afb-4af6-b133-0abb9da2bb85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
x-amz-version-id
PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1BPBW7W4HNMQNRZQ
age
4243568
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified
Tue, 05 Dec 2023 00:24:10 GMT
server
cloudflare
etag
W/"6f8511a72c96db8b22e6373718b842ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw4A9Gehsi7PPOLVaasr59%2BAnOIb1Em5Jij%2BX9tx4grkjHpMuieA7t%2BRKRr1A6cDDNZFWVvy3SJwhoCva7XlNGAKWgBd1wn%2B%2FoPYJ8GmPTrvtgBQiRXCaeO7kxeUfYu6VBW9SSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
849dabc6ebe12671-TXL
expires
Wed, 04 Dec 2024 00:24:09 GMT
fonts.css
surveys-static.survicate.com/fonts/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://surveys-static.survicate.com/fonts/fonts.css
Requested by
Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/b6de952525ab9e6d6eabf98389d0459f/web_surveys.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1082
content-security-policy
default-src 'self'
x-amz-request-id
XM6XHCFS82KGB79G
cdn-cachedat
01/22/2024 15:27:47
cdn-pullzone
1133799
x-amz-id-2
oH9u+cOxZUQt8go4R3Jt3fsz4PrTwu/iXAa4GGM/5xWo3vnWQI8waYe/YNgd8j/2SVSlG2UMQvk=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Apr 2022 12:02:06 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"175a0d0343589473e72c6e512936d749"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=604800
cdn-requestid
361823097ec7ebd9c70973cd6beb95e5
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJMMKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 05:26:34 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
508
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jan 2024 07:26:34 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-47034296-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJMMKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fbbafc15040d6d28e85c6a716316619e88de5e74946a9b41082c297a6186169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69240
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 05:35:02 GMT
878285258903139
connect.facebook.net/signals/config/ 		143 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/878285258903139?v=2.9.142&r=stable&domain=fantasy.nrl.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83e41e3b4e844f3538e0de3c3b9d1b88233888b0303547a55ec4b45f57b696fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 05:35:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ekf+kEkvCQfow0Sr33LqKmdCajTF5tlNWNXI+r51PTh1OJTMqdUorXgmue/ptdF7cB4S89Ee9Y/3183/DR8Eaw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-40RMV36ZL2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47034296-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b50a52dd94adb488c9ded60600c4c05a37c2234596afee3595473fa5258e5df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81407
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 05:35:02 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0d09c39e3cfdccde1d275773949bb568
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcc153e401924fe1c174a33e09e034ae6910e82bfcc0ee3b390efbaa2896ce36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fantasy.nrl.com/
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 05:35:02 GMT
content-md5
Y9bI0iku1lZC6+vlWaZBOg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86998
reporting-endpoints
x-fb-debug
dgsbkxJOtKXKbOCVwlbG5lcK1wfzT3dc2nujaMjCtDuTfspk06TjkuejIDoMbHZPHovs2OpoOW2bsYkcMMEnDA==
x-fb-content-md5
80ecbfb2d36121a4d34e299f5308f14b
cross-origin-opener-policy
same-origin-allow-popups
etag
"9772275a5d0989c46cfb81abe1c3146a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jan 2025 05:15:11 GMT
dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=*;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=;uab=;uafvl=;uamb=0;u...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=262631472.1705988102;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=...
  • https://ad.doubleclick.net/activity;dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=262631472.1705988102;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=...
  • https://adservice.google.com/ddm/fls/z/dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=*;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag...
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=*;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=CLW62Pbk8oMDFcdPHgIdleoBNw;src=4375528;type=nrlve0;cat=nrl-f00;ord=3749385983868;auiddc=*;gtm=45He41h0v77533538;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tag_exp=71847096;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-40RMV36ZL2&gtm=45je41h0v9126439918&_p=1705988101883&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=253909887.1705988102&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705988102&sct=1&seg=0&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dt=NRL%20Fantasy&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=881
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40RMV36ZL2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en-us-json-1bfc6fa.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 127E 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
x-amz-version-id
Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1BPFGS4SBCJ216KA
age
4243555
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified
Tue, 05 Dec 2023 00:24:12 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESqeOxFaVsNdPfn3UZehCuU3KIKDjJyrtWDEPwQYnftXj15CPeBf0YC%2BV63XBXqj7fOhoWDVwY%2FNa7BxJLYCilHOm1AK%2FWeFuJ%2BKjLGuYeWhDLNRR0lyLnz68WxStZDEy5SBw0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
849dabc86d8c2671-TXL
expires
Wed, 04 Dec 2024 00:24:11 GMT
config
nrlfantasy.zendesk.com/embeddable/ Frame 127E 		546 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nrlfantasy.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb21b23fffdcf24c815beb65f04a447b9fdb3d341b7ffc8ce90303a91c35624c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-54b9dbf9c8-79rb6
x-cached
MISS
x-request-id
849dabc8ff346a75-WAW
x-runtime
0.001672
last-modified
Mon, 22 Jan 2024 22:31:11 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHBgjUH9O2IPMC524xvryDOWtENAhhaFwu2%2F%2Fyf%2Bj1nMZsmo3kOrvXV%2FoY56GrIQy1Yxr4aRKod0YopscGGCUnio3ELk9e70BHeB0MzhP%2Bapt%2FCQkZ8WH53yV0YUfBrZDCw9f8VJqAE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
849dabc8ff346a75-TXL
collect
www.google-analytics.com/j/ 		15 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=408548876&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=2004238783&gjid=1286486086&cid=253909887.1705988102&tid=UA-47034296-3&_gid=878183292.1705988102&_r=1&_slc=1&gtm=45He41h0n81TWJMMKP&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&z=312924913
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f0182d6185686a8a60c0a2b32c5de094b92eb704989b69bb2c7c8a44a4afe4f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=408548876&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAHAAUABAAAAACAAI~&jid=1254923137&gjid=1297312449&cid=253909887.1705988102&tid=UA-47034296-3&_gid=878183292.1705988102&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&jsscut=1&z=334836655
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=408548876&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHACUABBAAAACAEKB~&jid=951792201&gjid=65015302&cid=253909887.1705988102&tid=UA-98403742-20&_gid=878183292.1705988102&_r=1&_slc=1&gtm=45He41h0n81PV42QSKv77533538&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cd2=-&cd3=-&cd4=-&cd5=-&cd6=-&cd7=-&cd8=-&cd9=-&cd10=-&cd11=-&cd13=-&cd14=-&cd15=-&cd16=-&cd19=No&cd24=Web&cd25=fantasy.nrl.com&cd26=-&cd32=CONTAINER%20ID%3A%20GTM-PV42QSK%20%7C%20CONTAINER%20VERSION%3A%20206&cd34=False&cd35=-&cd36=-&cd59=%2F&cd27=253909887.1705988102&z=677238708
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXr0tOy51pcgnhRO8C7Gm2OlTWpDO23iLJ0bLmQ6zUJDYiF6QRrWuhhOCmRlSM_uHDonUvVjEbhBYoyt8xZFrEDHMOFG_YG3l5RQxgKxFF9K1sYVKYaCe_G-SzR2iuMSiYinqkv0g==
fundingchoicesmessages.google.com/f/ 		376 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXr0tOy51pcgnhRO8C7Gm2OlTWpDO23iLJ0bLmQ6zUJDYiF6QRrWuhhOCmRlSM_uHDonUvVjEbhBYoyt8xZFrEDHMOFG_YG3l5RQxgKxFF9K1sYVKYaCe_G-SzR2iuMSiYinqkv0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1OTg4MTAyLDUxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mYW50YXN5Lm5ybC5jb20vIixudWxsLFtbOCwiMWZHdFpuWTB3aFkiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMwmkmNcZyjaD44NYz5X9aF87zNwCg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2fbe6925155e6fc8e33897419176383ed01928648d0e1044d0d93f7edba9ca07
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NBE6oOvb1YL6NUbHROrJKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NBE6oOvb1YL6NUbHROrJKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=878285258903139&ev=PageView&dl=https%3A%2F%2Ffantasy.nrl.com%2F&rl=&if=false&ts=1705988102534&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1705988102531.36876854&hmd=45350d8fb0345adb3257c9c5&pl=https%3A%2F%2Ffantasy.nrl.com%2F&ler=empty&it=1705988102257&coo=false&exp=d2&rqm=GET
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=878285258903139&ev=Microdata&dl=https%3A%2F%2Ffantasy.nrl.com%2F&rl=&if=false&ts=1705988102536&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NRL%20Fantasy%22%2C%22meta%3Adescription%22%3A%22Join%20the%20Official%20NRL%20Fantasy%20competition%20in%202024%20and%20you%20could%20win%20some%20epic%20prizes.%20It%E2%80%99s%20free%20and%20easy%20to%20join!%20Register%20to%20pick%20your%20squad%2C%20get%20free%20access%20to%20experts%20opinion.%20Ramp%20up%20the%20rivalry%20amongst%20your%20friends%20and%20test%20your%20skill%20with%20the%20new%20open%20bench.%20This%20will%20be%20the%20most%20fun%20NRL%20Fantasy%20season%20yet%20and%20will%20change%20the%20way%20you%20watch%20the%20game%2C%20guaranteed!%22%2C%22meta%3Akeywords%22%3A%22NRL%20Fantasy%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22NRL%20Fantasy%22%2C%22og%3Asite_name%22%3A%22NRL%20Fantasy%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffantasy.nrl.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ffantasy.nrl.com%2Fassets%2Fimages%2Ffavicons%2Ffavicon-200.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.142&r=stable&ec=1&o=4126&fbp=fb.1.1705988102531.36876854&hmd=45350d8fb0345adb3257c9c5&pl=https%3A%2F%2Ffantasy.nrl.com%2F&ler=empty&it=1705988102257&coo=false&es=automatic&tm=3&exp=d2&rqm=GET
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-40RMV36ZL2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
863dfae65217a71256ae9ae6495df8d3f8ae196aa2e331c87c90b8989b522470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83229
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 05:35:02 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-98403742-20&cid=253909887.1705988102&jid=951792201&gjid=65015302&_gid=878183292.1705988102&_u=YCHACUABBAAAACAEKB~&z=1895349654
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.nrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		100 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1fGtZnY0whY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwxH0Z7OXpGErn3_ZICKUf9kgbDEg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 05:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 05:35:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 05:35:02 GMT
P07sA3RWdMgQI3xB8rJcqEVUU2zuL_IhcNFR1IjT2f8YpvbL3E_JByz3XIqUyIIdx4zrY8HZ1gcm4juMy50XChY6O3vRF-aaxvNwpaMub1Bbi2S9HysC=h60
lh3.googleusercontent.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/P07sA3RWdMgQI3xB8rJcqEVUU2zuL_IhcNFR1IjT2f8YpvbL3E_JByz3XIqUyIIdx4zrY8HZ1gcm4juMy50XChY6O3vRF-aaxvNwpaMub1Bbi2S9HysC=h60
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
843ada21bff4f39ce9ebcc86246e462a8115eb4d57718a3ab28ec4940f66c9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:53:00 GMT
x-content-type-options
nosniff
age
6122
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 03:53:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98403742-20&cid=253909887.1705988102&jid=951792201&_u=YCHACUABBAAAACAEKB~&z=2144909337
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98403742-20&cid=253909887.1705988102&jid=951792201&_u=YCHACUABBAAAACAEKB~&z=2144909337
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 05:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.nrl.com/
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:02:10 GMT
x-content-type-options
nosniff
age
498772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 11:02:10 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.nrl.com/
Origin
https://fantasy.nrl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:59:33 GMT
x-content-type-options
nosniff
age
16529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:59:33 GMT
AGSKWxVT6-iVyUdd218REj640OOGr5tL8GoWak78x3uahjioEMtnEfmVsRud2xkYEfzY1Fj1iA_VqQxbJpsLQFpmqmFbNKiXhyavb40QMu249BldbOazlyu-3qIu3F34df8FiJK3ZXb2Lg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVT6-iVyUdd218REj640OOGr5tL8GoWak78x3uahjioEMtnEfmVsRud2xkYEfzY1Fj1iA_VqQxbJpsLQFpmqmFbNKiXhyavb40QMu249BldbOazlyu-3qIu3F34df8FiJK3ZXb2Lg==
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qGzAiSjImsrD_uPIblleuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 05:35:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-qGzAiSjImsrD_uPIblleuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fantasy.nrl.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
nr-1044.min.js
js-agent.newrelic.com/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1044.min.js
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
7HtucEuUII5n9P5t3z5IzYZpz_YC7K5u
content-encoding
br
via
1.1 varnish
date
Tue, 23 Jan 2024 05:35:03 GMT
strict-transport-security
max-age=300
x-amz-request-id
CV1GC7H17PJAA2W4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9269
x-amz-id-2
KtZqdcEtX3tEic4naX353RMfCnyV8l551BTi23xhMnWASR14EIBMboEtamDYGl8BTAFJUpfm56Y=
x-served-by
cache-fra-etou8220045-FRA
last-modified
Wed, 18 Oct 2023 20:58:59 GMT
server
AmazonS3
x-timer
S1705988103.081144,VS0,VE0
etag
"6442aaa45ec28f8b2c541026f3c24871"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
37
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 92BB 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-30.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.nrl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3465
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 04:37:31 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 19 Jan 2024 21:19:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
x-amz-cf-id
EL5HpaicKnUqhogatm-YcdbtzEWCCJhp83qayT6IqbIXpTaKZEQrnA==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 92BB 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-30.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:37:31 GMT
via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3466
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7ZzwZ_wCsfPq2Moq1TT29iNgaCnI6choMMSz9z5-3OhfWE8HwjO0RQ==
csp-report
q.stripe.com/ Frame 92BB 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 23 Jan 2024 05:35:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705988103586963
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1705988103585106
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 92BB 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 23 Jan 2024 05:35:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705988103586562
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1705988103585099
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 87F1 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 05:32:57 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id
D6lGmw-bySOlB2CPpxXWjq40IE7Yehz5ZUZN_zDuFMnwmvySoAv8MA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
f1790837ce
bam.nr-data.net/1/ 		56 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f1790837ce?a=94661911&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=1631&ref=https://fantasy.nrl.com/&be=402&fe=1490&dc=607&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1705988101479,%22n%22:0,%22f%22:137,%22dn%22:138,%22dne%22:138,%22c%22:138,%22s%22:176,%22ce%22:216,%22rq%22:216,%22rp%22:262,%22rpe%22:263,%22dl%22:264,%22di%22:608,%22ds%22:608,%22de%22:640,%22dc%22:1490,%22l%22:1490,%22le%22:1506%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1044.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 05:35:03 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
849dabcd48af44fe-TXL
squads.json
fantasy.nrl.com/data/nrl/ 		2 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/squads.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
962f1c6674d3611778079bf6feb1d98016213f53665e990efa33cb81553f6d28

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Fri, 15 Dec 2023 05:16:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"329e7e01ce1f1542ca4432e931660c0d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
503
x-amz-cf-id
RkCyGm2xEQ8ySvIEgsOFH_ICL-rb2XHD4reS8UTUUkm3Ett9r4GGYg==
news_fantasy.json
fantasy.nrl.com/data/nrl/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/news_fantasy.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be1623a67a4283f717776b9d76e027a0fd8cc4111ea86f8fbed210d0b61fba0b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 05:35:05 GMT
last-modified
Tue, 23 Jan 2024 05:30:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
W/"5f0bea38661e45ccc3b0456668378ace"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
x-amz-cf-id
DKOCewbo6x7461UhcDLw4pvF4sghll6LhXhrdzLgLkPg0YyBqvPXbQ==
rounds.json
fantasy.nrl.com/data/nrl/ 		99 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/rounds.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a14f1f78fbef4eb9f2cc0a6adbd6e41f29772d8c4892e724165263ad0bd0a499

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Mon, 22 Jan 2024 22:00:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"36043b91de5943fcd11cd4f6ed9320f7"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
5896
x-amz-cf-id
PpTgk3OiB_uP_p8rkZvp1pzHhL1qPenPUdElNuUcugInhUzM9eaNpA==
ladder.json
fantasy.nrl.com/data/nrl/ 		3 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fantasy.nrl.com/data/nrl/ladder.json
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
105ad7d9304ee539c726bebbc903eedbce149b02bdd1ebb628f6978d0c6de444

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:35:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Tue, 23 Jan 2024 05:30:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
"e21cdc9d1a5514707507107fb3dffb40"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
556
x-amz-cf-id
FNpe6TSuEgVlMcrCb7Ys7KsgCASPl-7dzCUgkssuxIQpUSrTGmFvVQ==
csp-report
q.stripe.com/ Frame 87F1 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 23 Jan 2024 05:35:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705988103586859
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1705988103585151
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 87F1 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:31:56 GMT
content-encoding
gzip
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
188
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
qLNETrpO06h2BiYTUCSNrwwJJQPU3pqoJLvnFg0bD5reqiIDSHzY6Q==
6
m.stripe.com/ Frame 87F1 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.216.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-216-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f684ec1c765c2e9ae4d383bb727daa9a9f76f282d35eb993e52610d485f04ee2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 23 Jan 2024 05:35:03 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1705988103872576
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1705988103871934
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
f1790837ce
bam.nr-data.net/resources/1/ 		36 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/f1790837ce?a=94661911&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2055&ref=https://fantasy.nrl.com/&st=1705988101479
Requested by
Host: fantasy.nrl.com
URL: https://fantasy.nrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20d279f1e46c0448ecc53a754dcd785fb0b77109a92664975340397d26e6cb6

Request headers

Referer
https://fantasy.nrl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 23 Jan 2024 05:35:04 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://fantasy.nrl.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
849dabcf2b9144fe-TXL
Content-Length
36
nrl-logo-white.png
fantasy.nrl.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/nrl-logo-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
291
etag
"724ba7934133c15cfac1430064673891"
x-cache
Hit from cloudfront
content-type
image/png
content-length
1751
x-amz-cf-id
BFAGfmbbHcEykfVJcesTT1JvibzEG7eaq7fkI24G_kPM7luswFdV8A==
green-arrow-down.png
fantasy.nrl.com/assets/images/ 		262 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/green-arrow-down.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba96da88d333751b4c4365aba8517c0ba8aefa837d574baef1835c7a9581347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:14 GMT
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
290
etag
"4fdbe966d1289297289a670254677fc7"
x-cache
Hit from cloudfront
content-type
image/png
content-length
262
x-amz-cf-id
4rSsjAqEgGB7Z8bXGnxXSciCYed72gLmM-9lBXns7axBjDBmluZidw==
remote.axd
www.nrl.com/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/remote.axd?https://imageproxy-prod.nrl.digital/api/assets/73632659/keyframes/474707/image?center=0.34%2C0.67&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fb9016cc35eb03df9332547292f18f762cf821de1577fa8296bf22387d939d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 04:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:04 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
5066
x-cache
HIT
content-length
48052
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220113-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 23 Jan 2024 04:02:01 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1705988104.335243,VS0,VE1
etag
"0x8DC1BC80D6BCC95"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
72140768_munrot-230630_sw_093_2023630221025.jpg
www.nrl.com/siteassets/2023/2023-nrl-season/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/siteassets/2023/2023-nrl-season/72140768_munrot-230630_sw_093_2023630221025.jpg?center=0.235%2C0.506&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
126319fa38f0355545f288f3d22278d4869e64ff6414afbf5521d079cc92b78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 01:51:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:04 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
13422
x-cache
HIT
content-length
42108
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220113-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 23 Jan 2024 01:01:31 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1705988104.335246,VS0,VE2
etag
"0x8DC1BAED6AF80A5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
73177353_reynoldsa-230918_sd_0377_2023918132141.jpg
www.nrl.com/contentassets/b0af7471d43f45b580000cb06dfba026/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/contentassets/b0af7471d43f45b580000cb06dfba026/73177353_reynoldsa-230918_sd_0377_2023918132141.jpg?center=0.19%2C0.47&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
87bf16e6afda96a2d434de31cdac32bf3667f70d486c261e39d12c053ca2a99e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 02:29:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:04 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
97524
x-cache
HIT
content-length
26238
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220113-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 01:20:36 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1705988104.335437,VS0,VE2
etag
"0x8DC1AE856BC6EC2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
nrl_2024_warriors.jpg
www.nrl.com/siteassets/2024/act-of-squad/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/siteassets/2024/act-of-squad/nrl_2024_warriors.jpg?center=0.23%2C0.5&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b1e0b5d32bc509c1a343b1f431bb6a1e915661fcc3a69dec5d31d1267ed7ddab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 19:54:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:04 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
34806
x-cache
HIT
content-length
59093
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220113-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:02:20 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1705988104.335235,VS0,VE1
etag
"0x8DC1B7CA92A3B12"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
remote.axd
www.nrl.com/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nrl.com/remote.axd?https://imageproxy-prod.nrl.digital/api/assets/73628630/keyframes/474601/image?center=0.284%2C0.551&preset=card-default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
95a6e52442bc4acb07e05935c9feca96632a2857ef6de3dff886aeef1f10d068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 05:02:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 05:35:04 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
88346
x-cache
HIT
content-length
46268
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220113-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 04:01:46 GMT
server
Microsoft-IIS/10.0
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
x-timer
S1705988104.334709,VS0,VE2
etag
"0x8DC1AFEDA82BED9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=408548876&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHACUABBAAAACAEKB~&jid=&gjid=&cid=253909887.1705988102&tid=UA-98403742-20&_gid=878183292.1705988102&gtm=45He41h0n81PV42QSKv77533538&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cd2=-&cd3=-&cd4=-&cd5=-&cd6=-&cd7=-&cd8=-&cd9=-&cd10=-&cd11=-&cd13=-&cd14=-&cd15=-&cd16=-&cd19=No&cd24=Web&cd25=fantasy.nrl.com&cd26=-&cd32=CONTAINER%20ID%3A%20GTM-PV42QSK%20%7C%20CONTAINER%20VERSION%3A%20206&cd34=False&cd35=-&cd36=-&cd59=%2F&cd27=253909887.1705988102&tcfd=10001&z=576508750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31367
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
menu_logo.svg
fantasy.nrl.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/images/menu_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5264ff2e5f577600364b18e62e7a83813cd74d94754e9509f4154cf7fe3250c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:05 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 23:21:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
300
etag
W/"78a6a32085d9c65476de196d6b71c515"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
XWcL6IObKBmIdsPnWs36shDdP9p__RDBiU6wa3QGBdsp6drfaIqF3w==
500002.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500002.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc9cb8e7ca45d76bd5ce59a68c0b0e94cf0ec1c5c1a26d6f3da6a88725b1a991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"7a30deea1987ce1c0bb36089befe65ce"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6351
x-amz-cf-id
US-zG7eSxTdII4kjPMYHA6DDSwAT-mop6Nf7DpuB0gShjA8XYyfruA==
500005.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500005.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f5e96a23ab9b40463fbb465a0e467f0ad7fc8322842fd7f2800e34021f2b5f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 12:08:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"a3be9acfd0d5ecdc719f22c42b7ec977"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6119
x-amz-cf-id
_q8FNHwiD2Hhp0-0xajOawPgYmhxOnz8V7MjFlg3UBXP6oS3-1ZfLw==
500001.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500001.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21b5afbaba35978d0c87818d893ece3096e27abad5b2ece60f82d8b5186b88db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"15239c590d413c7c120ef01cc7584dec"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6097
x-amz-cf-id
9pPDT8nnoprvqC_yr1LhVrbrIZSk1ZU8xZXLJP0dDOOrDeQjE_4V7g==
500011.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500011.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a32536791e8b76049def158cd74b2f6b115a0e4c5145e04fd608f85561a2d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"723fbfdb5e65e123ed6b57742500a62a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3414
x-amz-cf-id
4wYnjszlSoX8lRZ0rs4X5Lx1QoXMessw2W92qYZMqW4P8gLvWKof2g==
500003.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500003.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bc357dd355256693e5b8549a5f53625c6cfa488bc7c1cd6d49bde54e2ed034e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"928d716f54e27aa64575381eaf687b86"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3477
x-amz-cf-id
smQ5DjGhmXVE7b3dhlp02PZiqdMrN_va1xN4F_8j3Ga6kIVKzkaVwA==
500013.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500013.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cdde887474b3cd70ca97e3e55bccf06e017c3f222df2c4c725652b10f01318b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"c115ff5dd89f910c195645c5b286bb37"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4456
x-amz-cf-id
cMfgbBhgNwLUHD3AXlO7YyglrOa4RMPHM4tDJazEZWyVgiPqfXLQSA==
500032.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500032.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88c59cf6d483a79e16315605c2c3b298a2b9a25ba3b7627a653968907449e0dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"dbbdc817cfa290cdc5feb490ae8ff730"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5222
x-amz-cf-id
0sE9dd4s03aJpN0bgC1osATnMUJCpW3ddmJrThWXQSOlDiFqwbcaGA==
500028.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ffaa0dcfb48819ddc8655d77cbe105bcaee2e582dc1da1c6b14638f7cf51cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"8ef1ae0fb269db24cb179d0ccd967b80"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2415
x-amz-cf-id
Rgd0nG64sgpYL2LMpQ6mWrGIw69J8JSTHN42N5Xf3y09-QEOHrCnuA==
500021.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500021.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a843a89cbe1dace12d74733084ac62b3cfdcb07c6c16a4633adcc6e588b30cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"9402c2bd1eb67f01b6382332b528ea64"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3373
x-amz-cf-id
OolRQSrRi2DRP1X3G09OaxgYQXnMljFb_7JLy7PpNLNDAqUzVyci4g==
500014.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500014.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9f777b496c500e33f96a886d9bfc61026c65321813a427cca8bf7f81994f362

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"71667c902634474d19ba36d52fb7398c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3510
x-amz-cf-id
O_viFmGrjtRiVxyMZm7hUrj5R9Yafa9_pWBMml2rip5w5_miU_l5SQ==
500031.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500031.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc1137b4143789c83c44b10760ea3c053e52c58dcc1ff0cb065c0384a1dd131c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"51da3cb3bd25954035008b1abc1cf88f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4720
x-amz-cf-id
SX_wy3m5zBHYdA_vJRZuUzSyHdYgaBYmltaJVygkTp4rKNIOOdDEPg==
500010.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500010.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7780f0132860caa09ccf7c1e16b5d03fb00159adb4c45e83657ce8138774ca8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"e962b66e5ff8cda4589f594da04255df"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4218
x-amz-cf-id
Ya0CYH5HsynbF72Q9O_NkJ-0B-YvuZLqWkWY6eYGOhBXF2gUfzwJTQ==
500004.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500004.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca28a6dd37e69036a915f13530d224a2d57b896910236d99eee05f1bd0ab2c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"bef470ad3e45a341e357a7a4b19da9b0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3278
x-amz-cf-id
-hLbNkKbqzSklIJbHbt60A9vn6x1vB11Qg5wrpIWNgehLHPiF3uUFQ==
500022.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500022.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bbc5dbff83d0da2babac108a83e8f386b918692e4e92c40e7b77bccc0124325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"8911a002e77b3d0e17373bd94d81d159"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3603
x-amz-cf-id
NatvtiXkw1H8_tSg3pj3paVZSui7dGNivtlIH0pLBibBw2gX9ZPXng==
500723.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500723.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e63d27e2af214bb208b95e93695623571035be9571354de209f3ede3bb828e72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"31922ed9636ec028b479965695746ad7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2999
x-amz-cf-id
pFDLD8SsN7zpgNSrNC35IdFDviB94h-OfaWDryMUpBuVm0gLgzQKew==
500012.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500012.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c29b5bcc1b112518fc4edd1e558a1b3d6fd98ebd377e342dd4ec0e779a10ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 05:42:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"e2843b0c3b1473f5f30e0f0beed2dd9b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18234
x-amz-cf-id
ELV3rRa_RG9Kysw5mYvOzWL6ZmB9z56bp4Bm2TpXQ3UiKUF5p6qySw==
500023.png
fantasy.nrl.com/assets/media/squads/nrl/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasy.nrl.com/assets/media/squads/nrl/logos/500023.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8200:b:4320:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66631301c2939308e8285e555bb1a7085e76f02d19f9c45dcfa39c3ce5ac1fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fantasy.nrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 05:30:08 GMT
x-amz-version-id
null
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Jan 2023 03:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
297
etag
"16a37d7a562bf180cf7d5d85b805b716"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3884
x-amz-cf-id
H0YTf588EtDnukVforHcDGy8fFvmxXOxFnSKGETCuP7LHty-VxlhGw==

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| getParameterByName boolean| is_app_view object| NREUM object| newrelic function| __nr_require string| site string| sect string| ctype object| googletag object| dataLayer function| gtag function| fbq function| _fbq object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| Backbone function| Color function| Chart function| fbAsyncInit undefined| google_measure_js_timing boolean| zEACLoaded boolean| _sTrackingAlreadyPresent object| _svc object| _svd object| google_tag_manager string| GoogleAnalyticsObject function| ga object| FB string| newSource string| newMedium object| paramArr object| urlArr object| gaGlobal object| webpackChunkStripeJSouter function| noop function| Stripe object| stripe function| $zopim object| gaplugins object| gaData object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTZkNjNjZTY2M2RmYTM2YWxvYWRlcl9qcw== string| ZTZkNjNjZTY2M2RmYTM2YWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| __buffer

15 Cookies

Domain/Path Name / Value
.nrl.com/ Name: _gcl_au
Value: 1.1.262631472.1705988102
.nrl.com/ Name: _ga_40RMV36ZL2
Value: GS1.1.1705988102.1.0.1705988102.0.0.0
.fantasy.nrl.com/ Name: _ga
Value: GA1.3.253909887.1705988102
.fantasy.nrl.com/ Name: _gid
Value: GA1.3.878183292.1705988102
.fantasy.nrl.com/ Name: _gat_UA-47034296-3
Value: 1
.nrl.com/ Name: _ga
Value: GA1.2.253909887.1705988102
.nrl.com/ Name: _gid
Value: GA1.2.878183292.1705988102
.nrl.com/ Name: _gat_gtag_UA_47034296_3
Value: 1
.nrl.com/ Name: _gat_UA-98403742-20
Value: 1
.nrl.com/ Name: _fbp
Value: fb.1.1705988102531.36876854
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nr-data.net/ Name: JSESSIONID
Value: 86ca742e731b0f02
m.stripe.com/ Name: m
Value: 9e7b66c4-b164-45b7-b8fc-5ec042d4a46a032a94
.fantasy.nrl.com/ Name: __stripe_mid
Value: 1af4bde9-aa02-4e10-8a60-3609a0bb8e21c1aa91
.fantasy.nrl.com/ Name: __stripe_sid
Value: 3427ab02-0af2-4eea-b60a-15312db13e69f798ad

2 Console Messages

Source Level URL
Text
rendering warning URL: https://fantasy.nrl.com/(Line 18)
Message:
The key "target-densitydpi" is not supported.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
bam.nr-data.net
connect.facebook.net
ekr.zdassets.com
fantasy.nrl.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
js-agent.newrelic.com
js.stripe.com
lh3.googleusercontent.com
m.stripe.com
m.stripe.network
nrlfantasy.zendesk.com
px.moatads.com
q.stripe.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nrl.com
z.moatads.com
104.16.53.111
104.18.70.113
104.18.72.113
142.250.184.198
151.101.2.133
151.101.2.137
162.247.241.14
18.165.183.30
2.19.245.205
2001:4860:4802:34::36
2400:52e0:1e00::1081:1
2400:52e0:1e00::1082:1
2600:9000:2057:8800:19:7d10:bd80:93a1
2600:9000:2644:8200:b:4320:3300:93a1
2600:9000:2644:c000:b:4320:3300:93a1
2a00:1450:4001:808::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.208.216.197
54.187.119.242
04d80dc21e1c1b1b27609cdec3f1a855e6ffa4b38b3c052c4e807a9e9e394a31
09c1bee000689fd2a03b672378dea010d385dd6160b49435180c79d78154e7c1
0cdde887474b3cd70ca97e3e55bccf06e017c3f222df2c4c725652b10f01318b
0db1552220b5ebf8ee8296a85f1add92122e392ef6f4f77648113d8622f0f5c4
0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805
0f5e96a23ab9b40463fbb465a0e467f0ad7fc8322842fd7f2800e34021f2b5f6
0ffaa0dcfb48819ddc8655d77cbe105bcaee2e582dc1da1c6b14638f7cf51cd9
105ad7d9304ee539c726bebbc903eedbce149b02bdd1ebb628f6978d0c6de444
11f8e74475f9ed0a82574a5348d75fdf715a2a109078757c5d8b02a8022a7ff2
126319fa38f0355545f288f3d22278d4869e64ff6414afbf5521d079cc92b78b
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f
1fbbafc15040d6d28e85c6a716316619e88de5e74946a9b41082c297a6186169
21b5afbaba35978d0c87818d893ece3096e27abad5b2ece60f82d8b5186b88db
24522eb9ab8da6382f5119995db3aa4bb9ca27236a30fb23e65eaa9b853c279e
2a32536791e8b76049def158cd74b2f6b115a0e4c5145e04fd608f85561a2d55
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2d5f7db5c567c34a7ae0b4f30399ae8a8c7739f3b74d8b67e055b36ab3bd1e5f
2d641a4389485de2ba6aee27d6872eaf4d6f9d4e7346437d248b52d6280cf432
2d71d2f8d81f5dcf925dedfbbea4feb64496565db0d1ec904288575e8a34d431
2fbe6925155e6fc8e33897419176383ed01928648d0e1044d0d93f7edba9ca07
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3bbc5dbff83d0da2babac108a83e8f386b918692e4e92c40e7b77bccc0124325
3bc357dd355256693e5b8549a5f53625c6cfa488bc7c1cd6d49bde54e2ed034e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
536de3d281442b78b060982a630d90fd4c351f5d08dd71011591b4af6c4e6602
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
5ba96da88d333751b4c4365aba8517c0ba8aefa837d574baef1835c7a9581347
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
66631301c2939308e8285e555bb1a7085e76f02d19f9c45dcfa39c3ce5ac1fad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c75815f5065ef1ffb4a0d312e19088a32dbe905a2818245dbc6bcdb70467b88
6e09beca6d0029cf68f76c9e56600f1c65c3a1d73ac3772dbb06ed00b801184d
7780f0132860caa09ccf7c1e16b5d03fb00159adb4c45e83657ce8138774ca8a
79e0ea3c62f5983e3786cd28cca3261e4fd613fb2bc6e6db4e7756ffc956909f
7c29b5bcc1b112518fc4edd1e558a1b3d6fd98ebd377e342dd4ec0e779a10ddf
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
83e41e3b4e844f3538e0de3c3b9d1b88233888b0303547a55ec4b45f57b696fd
843ada21bff4f39ce9ebcc86246e462a8115eb4d57718a3ab28ec4940f66c9c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863dfae65217a71256ae9ae6495df8d3f8ae196aa2e331c87c90b8989b522470
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
87b06cd6b194feca829ea57e600dce1b26702578fc2625f14a9d867f04deb146
87bf16e6afda96a2d434de31cdac32bf3667f70d486c261e39d12c053ca2a99e
88c59cf6d483a79e16315605c2c3b298a2b9a25ba3b7627a653968907449e0dc
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95a6e52442bc4acb07e05935c9feca96632a2857ef6de3dff886aeef1f10d068
962f1c6674d3611778079bf6feb1d98016213f53665e990efa33cb81553f6d28
9c472cc8b0d581072a9d9067bf18b88006357f37f3018fd45dc33c8978426acd
9ef36b84a87aaddbc529b08d743b65bf7eeeb58bec2cc771b563a30f071169d7
a14f1f78fbef4eb9f2cc0a6adbd6e41f29772d8c4892e724165263ad0bd0a499
a28fb561a844eef4ae5e8f048ff585f8cfe8aea12b8f12d33959c27c0bf1dc03
a2f388377ae43ef4d60aee5c3652deaa9c1fd16280e0ef3e714e46771067085b
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a502624853ea4a283c94ed4e4b2773a9d0f55a0267ea673b6bb0155555ee0525
a843a89cbe1dace12d74733084ac62b3cfdcb07c6c16a4633adcc6e588b30cea
ac667e48d3f386a514b354f3929d66628e9fc1833c134510fb5638a78b5ba579
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1e0b5d32bc509c1a343b1f431bb6a1e915661fcc3a69dec5d31d1267ed7ddab
b50a52dd94adb488c9ded60600c4c05a37c2234596afee3595473fa5258e5df5
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bb21b23fffdcf24c815beb65f04a447b9fdb3d341b7ffc8ce90303a91c35624c
bb6b8dae231d8372af5858b70bfebe465c9958574f72d51aeba3d5c5ea9326ad
bba05df4dc016bcf23a114d0a4b4c354bbcaa3f2b5e28d8bb9696cec83522b04
be1623a67a4283f717776b9d76e027a0fd8cc4111ea86f8fbed210d0b61fba0b
ca28a6dd37e69036a915f13530d224a2d57b896910236d99eee05f1bd0ab2c31
cc1137b4143789c83c44b10760ea3c053e52c58dcc1ff0cb065c0384a1dd131c
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d099b34701fb032d6ee01032360b7d3a660361e5c335824a25aea3cd5b64a345
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
d848900e5ba0a253af315927116d66de0a46ce0746a05bd91e60119a9922e6fe
d9f777b496c500e33f96a886d9bfc61026c65321813a427cca8bf7f81994f362
dc9cb8e7ca45d76bd5ce59a68c0b0e94cf0ec1c5c1a26d6f3da6a88725b1a991
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5264ff2e5f577600364b18e62e7a83813cd74d94754e9509f4154cf7fe3250c
e63d27e2af214bb208b95e93695623571035be9571354de209f3ede3bb828e72
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0182d6185686a8a60c0a2b32c5de094b92eb704989b69bb2c7c8a44a4afe4f3
f20d279f1e46c0448ecc53a754dcd785fb0b77109a92664975340397d26e6cb6
f4e318237380451b4bd3b0848410ad33df7c494194da17ee8caefbe2b8d123d7
f684ec1c765c2e9ae4d383bb727daa9a9f76f282d35eb993e52610d485f04ee2
fa9db05fd66776a934f665e39d92f918d1a300d7f782d6329702e91037856dd2
fb9016cc35eb03df9332547292f18f762cf821de1577fa8296bf22387d939d36
fcc153e401924fe1c174a33e09e034ae6910e82bfcc0ee3b390efbaa2896ce36