tipping.nrl.com Open in urlscan Pro
2600:9000:20e8:1600:3:e154:5bc0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tipping.nrl.com/
Submission: On March 08 via manual (March 8th 2022, 10:33:33 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 49 HTTP transactions. The main IP is 2600:9000:20e8:1600:3:e154:5bc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is tipping.nrl.com.
TLS certificate: Issued by Amazon on October 16th 2021. Valid for: a year.

This is the only time tipping.nrl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2600:9000:20e... 2600:9000:20e8:1600:3:e154:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4007:810::2003	15169 (GOOGLE) (GOOGLE)
49	14

29 2600:9000:20e8:1600:3:e154:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tipping.nrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4007:810::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	nrl.com tipping.nrl.com	833 KB
6	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 ad.doubleclick.net — Cisco Umbrella Rank: 181 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	147 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	82 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	149 KB
1	gstatic.com csi.gstatic.com	327 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	442 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	408 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
49	12

	Domain	Requested by
29	tipping.nrl.com	tipping.nrl.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	connect.facebook.net	tipping.nrl.com connect.facebook.net
2	www.googletagmanager.com	tipping.nrl.com www.googletagmanager.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com
1	www.google.de	tipping.nrl.com
1	www.google.com	tipping.nrl.com
1	www.facebook.com	tipping.nrl.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	tipping.nrl.com
1	adservice.google.com	1 redirects
1	www.googletagservices.com	tipping.nrl.com
1	fonts.googleapis.com	tipping.nrl.com
49	16

This site contains links to these domains. Also see Links.

Domain
fantasy.nrl.com
www.nrl.com
ladderpredictor.nrl.com
apps.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com
fanhubmedia.com

Subject Issuer	Validity	Valid
*.nrl.com Amazon	`2021-10-16` - `2022-11-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tipping.nrl.com/
Frame ID: 56C7C951FB7BEC2773E2A3EEE63C2775
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NRL Tipping

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

49
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

1262 kB
Transfer

3708 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://fantasy.nrl.com/
Title: Fantasy

Search URL Search Domain Scan URL

URL: https://www.nrl.com/news/topic/fantasy/
Title: Fantasy News

Search URL Search Domain Scan URL

URL: https://fantasy.nrl.com/draft
Title: Draft

Search URL Search Domain Scan URL

URL: https://www.nrl.com/
Title: NRL Home

Search URL Search Domain Scan URL

URL: http://ladderpredictor.nrl.com/?source=tipping
Title: Ladder Predictor

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/nrl-tipping/id1377998603

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=au.com.nrl.tipping&hl=en_AU&gl=US

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nrl

Search URL Search Domain Scan URL

URL: https://twitter.com/nrl

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nrl

Search URL Search Domain Scan URL

URL: http://fanhubmedia.com/
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808 HTTP 302
https://adservice.google.com/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tipping.nrl.com/ 4 KB
2 KB 656ms
579ms Document
text/html 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed6c5d649ac3011f570a27bb7783c10982892cfac4a289222026fb49b6db69aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Sun, 06 Mar 2022 22:35:17 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Mar 2022 22:33:29 GMT
cache-control: max-age=300, must-revalidate
etag: W/"0ba866de974b1460698638f882e91611"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: dGuOrzoHz-TnvVvV3aaSQUMz-ymfv-BH1GIF2Abp926BVZXq9TiWTw==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 41ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800|Titillium+Web:400,600,700,800

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d250364a50298450b790c4095e0947b4a2798a880073a1fe9a08dad287c0c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 22:33:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 22:33:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 22:33:28 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56829f1e573332420e722f269796ff684fbaf25ca63630f98f44b47e185357db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27797
x-xss-protection: 0
server: sffe
etag: "1154 / 736 of 1000 / last-modified: 1646741416"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Mar 2022 22:33:28 GMT

GET
H2 200 app.css
tipping.nrl.com/ 207 KB
30 KB 103ms
102ms Stylesheet
text/css 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c432474eea16627fec18947cfb27b632452f26b8079a7cacf6da92a43a3dc2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:06 GMT
content-encoding: gzip
last-modified: Sun, 06 Mar 2022 22:35:01 GMT
server: AmazonS3
age: 25703
etag: W/"494d396cf31810168f22c69e99167b7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: iD8pYfhRJW4FpMAmRRL04JUfTdd42ZTCSURM0EukjmQp7JGX1QoxXw==

GET
H2 200 app.js Show response
tipping.nrl.com/ 2 MB
343 KB 42ms
42ms Script
application/javascript 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/app.js?5083d2345e7a7c47d49b
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96bf10cfc38fc0852ebf892b5960e8d2bccc54989adf55a3c86d56ca7c268129

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:06 GMT
content-encoding: gzip
last-modified: Sun, 06 Mar 2022 22:35:01 GMT
server: AmazonS3
age: 25703
etag: W/"fb0739e4d870970eede21e4129940098"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: DhAcOtD0RcFLIg_K5eHP5XQNRgTEGq--De1mZImgyvfPWSsxD2t4MQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
85 KB 59ms
37ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b31a59563a259c19447fa087514e280c8b4c1bb122f55bb5029bba864d998795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86794
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 21:48:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Mar 2022 22:33:28 GMT

GET
H2 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 28ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:34:42 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 169 B
751 B 36ms
15ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tipping.nrl.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f6383ec4ca42a6284cd67dc07295bd20b003d536ec037fe52288633309ea72c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 22:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
expires: Tue, 08 Mar 2022 22:33:28 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 60 KB
23 KB 6ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

71b30029ed40e00b949f3375bab7201bccd383857910cd9487ff69038a18c340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 702
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23153
x-xss-protection: 0
server: cafe
etag: 16700586579744414185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 23:21:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.js?5083d2345e7a7c47d49b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12e4631ca6d51991e090a50b5a47b5e1cdf5d42b720d23d6ba24c03ef09b9af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AsCp+/5Bhyba71dXjUqNEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Mar 2022 22:46:39 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: j3VqeOplySOgFu9/A2DVaRhfNf13MC4BUFegTjUHzYESRbdeDP9hEWsJdkV8a5F3Yuqq9CiIDz7281lN7RfJqw==
x-fb-trip-id: 917726464
x-fb-content-md5: 513bd0e4484a9d3434c31b06193f9184
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 08 Mar 2022 22:33:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "69ed0270565f96be61775c09c9d91e7c"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 RLFontRegular.woff2
tipping.nrl.com/assets/fonts/rl/ 13 KB
13 KB 34ms
34ms Font
binary/octet-stream 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/assets/fonts/rl/RLFontRegular.woff2
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bba05df4dc016bcf23a114d0a4b4c354bbcaa3f2b5e28d8bb9696cec83522b04

Request headers

Referer: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Origin: https://tipping.nrl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:24 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:03 GMT
server: AmazonS3
age: 25684
etag: "d7de6b8af08206ddbdac3d6eee866249"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://tipping.nrl.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL52-C1
content-length: 13300
x-amz-cf-id: RtMwRuhXH7JpSOqtiFF9ipSmQ393JEAd-JKO0PFG7ZZe5SwoWWLWVA==

GET
H2 200 checksums.json Show response
tipping.nrl.com/data/nrl/ 756 B
678 B 1133ms
1133ms XHR
application/json 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/data/nrl/checksums.json?_=1646778808462
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.js?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5dbb17bd1b86923677b779ef873873a8f60d7aa005c93f061302f8abbf6c36c

Request headers

Accept: */*
Referer: https://tipping.nrl.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 22:30:03 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "fef54c6da075a4c8d5e79e1d25c970c9"
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
accept-ranges: bytes
content-type: application/json
content-length: 322
x-amz-cf-id: tuwReOrAUEbgrcJdW_yHejSX-I2fZ9D5ztsrJcTgaYr8KLWMTXNWNA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 38ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y6Q0FG9CF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d22aaece490a309474b793f8dd2df9bc837f1f13da333e434e87640b5f5a9ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64907
x-xss-protection: 0
expires: Tue, 08 Mar 2022 22:33:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3515
date: Tue, 08 Mar 2022 21:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 08 Mar 2022 23:34:53 GMT

GET
H2 200 logo_menu.webp
tipping.nrl.com/assets/images/ 9 KB
9 KB 593ms
586ms Image
image/webp 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/logo_menu.webp
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb5db00c861f35ea163567cf1da86a35555fc70dcc18091c9c20293558dc3136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:29 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 02:11:50 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "c06bc9f73ad5c053b1d76d06510ae827"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=300, must-revalidate
content-length: 8984
x-amz-cf-id: 7ybSwg3nb4CjMDojB2oG1ZB4_FNHjf_N63HQS6oGwTalww2UbH0Ohg==

GET
H2 200 NRLTippingLogo.png
tipping.nrl.com/assets/images/ 1 KB
2 KB 46ms
37ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/NRLTippingLogo.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 655c6b35f51eec671ead10d0d2d7793b76ea594712d22e08c1a9485ada81ca7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:27 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:04 GMT
server: AmazonS3
age: 25682
etag: "12d12e3e4e53c4f41583494bfe927929"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 1462
x-amz-cf-id: T_S3ak6Gduhoqv5tqaRUKAjCORAdosvSkPUvEJUszZV2SZNjgdyDzg==

GET
H2 200 sports-bet-logo-header.png
tipping.nrl.com/assets/images/ 30 KB
30 KB 45ms
37ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/sports-bet-logo-header.png?v=1
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d307a93f77b3b4f8eaf708b0c1c14bdb120d275f198daf4d56610156f1e8e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:27 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:10 GMT
server: AmazonS3
age: 25681
etag: "2ecffcea19f21ec4c5319584c5e43f54"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 30563
x-amz-cf-id: uYKF_6SNx1gWIDIGVHio61cI9p7B8BrkJHXffJ-E1x20jzutq_9Hmw==

GET
H2 200 sports-bet-logo-header.png
tipping.nrl.com/assets/images/ 30 KB
30 KB 48ms
40ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/sports-bet-logo-header.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d307a93f77b3b4f8eaf708b0c1c14bdb120d275f198daf4d56610156f1e8e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:30 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:10 GMT
server: AmazonS3
age: 25679
etag: "2ecffcea19f21ec4c5319584c5e43f54"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 30563
x-amz-cf-id: XwwgvEohnkeBBs7E9LYf5RO4mh6JelcKSqY4VC3P2Zs8X_lxKwZ3Hw==

GET
H2 200 fb.webp
tipping.nrl.com/assets/images/footer/ 116 B
458 B 331ms
323ms Image
image/webp 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/footer/fb.webp
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2f388377ae43ef4d60aee5c3652deaa9c1fd16280e0ef3e714e46771067085b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:29 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 02:11:53 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "39b48de2b0814cf41700f98424b34b0f"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=300, must-revalidate
content-length: 116
x-amz-cf-id: K2qVQFNXLRHrFh4kjw7ObQZ2LQSpPRf8LXZIPFXRwn8UrdZyN2FEXA==

GET
H2 200 tw.webp
tipping.nrl.com/assets/images/footer/ 202 B
539 B 336ms
328ms Image
image/webp 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/footer/tw.webp
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11f8e74475f9ed0a82574a5348d75fdf715a2a109078757c5d8b02a8022a7ff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:29 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 02:11:52 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "795a062c1a442e5e06d540c738715edc"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=300, must-revalidate
content-length: 202
x-amz-cf-id: pUtD0K7wKksf3vOe5FmWHeXen5_4zG4wsE_m_6hXQ5L6q68c-ctmKw==

GET
H2 200 Insta.webp
tipping.nrl.com/assets/images/footer/ 314 B
653 B 651ms
643ms Image
image/webp 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/footer/Insta.webp
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d848900e5ba0a253af315927116d66de0a46ce0746a05bd91e60119a9922e6fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:29 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 02:11:52 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "5532914f7c317b4d52d264545ad10eaa"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=300, must-revalidate
content-length: 314
x-amz-cf-id: UqYGzGAH3bJlbF3L4FY_vtFQVrrXynr2nvDjzdo6jX-1WDrKSQNCBg==

GET
H2 200 FanHub.webp
tipping.nrl.com/assets/images/footer/ 724 B
1 KB 592ms
585ms Image
image/webp 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/footer/FanHub.webp
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 735d9614439350570b718116ea8db7bd384e54cc782af3856e80a2a2ff0db45b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:29 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 02:11:53 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "400b17a6bf995f0bb36a9dd07c359853"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=300, must-revalidate
content-length: 724
x-amz-cf-id: zOrImMlgP_JebngtFw0c5Q69iYgOVSEiHMN3iLq054a69p6CTUTxrw==

GET
H2 200 nrl-logo-white.png
tipping.nrl.com/assets/images/ 2 KB
2 KB 49ms
46ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/nrl-logo-white.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:27 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:09 GMT
server: AmazonS3
age: 25682
etag: "724ba7934133c15cfac1430064673891"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 1751
x-amz-cf-id: PEcyorBXQvHQgHzffjOs0FgCivBH3UUsJsT7lGDizWPd0tGuTryRDw==

GET
H2 200 NRLTippingWhite.png
tipping.nrl.com/assets/images/ 2 KB
2 KB 41ms
39ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/NRLTippingWhite.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a62f8011c1169cf89a74627eefbc80e14687880247d66398fbf0e816b44fcd64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:27 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:05 GMT
server: AmazonS3
age: 25681
etag: "045b2a138650a5d73373b57d929c024f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 1674
x-amz-cf-id: bpgbDnwjebmnBgA_S_1FlkGYK3W2ybz2riUpw4kZqJ-wIVKcYvsNbA==

GET
H2 200 NRLTippingStreak.png
tipping.nrl.com/assets/images/ 2 KB
2 KB 54ms
51ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/NRLTippingStreak.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f60e4a1bbca29733dc51b938120369dc6d82871d44af3b71e91f82dedf7f082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:28 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:05 GMT
server: AmazonS3
age: 25681
etag: "548ea93a55b2ead71a241ca90d0576a3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 2158
x-amz-cf-id: h3RSHw3YW_fFCsqIiUGmJZCqjPZ8b5vSSQ4GL2qhdlLgYd2f5urlVw==

GET
H2 200 or.png
tipping.nrl.com/assets/images/home/ 509 B
819 B 52ms
50ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/or.png?v=1
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12ad45da83e61fedbc42ab277fab9b372c59ec23a9efcfe028bf99ba466ee1a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:36 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:08 GMT
server: AmazonS3
age: 25672
etag: "63e62ff63cca50789e894c9b05c3cbba"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 509
x-amz-cf-id: jJBZAkJR2UMSD--azt_w08YElKcD-T5GwziM2WQJZzza178UXMBsww==

GET
H2 200 free-to-play.png
tipping.nrl.com/assets/images/home/ 5 KB
5 KB 51ms
49ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/free-to-play.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72ede7ebca008bcf84c3774242a46abccfa40b0f7308f4aa54e3b2e883aef21e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:37 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:08 GMT
server: AmazonS3
age: 25672
etag: "2e2805f251f1e3468f81739f7e68146c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 5249
x-amz-cf-id: 4b8svK4H_LU2txJkJ71POP9j1MsIj1mPUBOeFIyc93cdiNMa8DZmig==

GET
H2 200 promo-info.png
tipping.nrl.com/assets/images/home/ 26 KB
26 KB 55ms
53ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/promo-info.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99d557baf5b62fea2cfc90f5d0b660db096dff82b48a1912aa15891ec4ce8e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:38 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:08 GMT
server: AmazonS3
age: 25671
etag: "33cdd46c08c4e7e4772b70bdf38bf8bc"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 26640
x-amz-cf-id: KQZaKomqoR_O_RGf7ulnU5aLV34zg7pz68ZnuapinHV1pXHNyWguxg==

GET
H2 200 promo-prizes.png
tipping.nrl.com/assets/images/home/ 31 KB
31 KB 98ms
96ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/promo-prizes.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ceb33c6d8d0c856c7adef393af2698daf3c74ff28ecc70a9bc34c16b57616961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:38 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:08 GMT
server: AmazonS3
age: 25670
etag: "5553b6552f6eec348bfbf2124d5ca410"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 31306
x-amz-cf-id: 27J9eXqyo6b42zN6As4kCWZNP65Wt0s_9TaAGUDLHGXxZTWRxIK7UQ==

GET
H2 200 appstore-icon.png
tipping.nrl.com/assets/images/home/ 7 KB
7 KB 93ms
92ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/appstore-icon.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a8eb27bcb72058c70b8e17d44e67294a6af3a22d0fec455034a8fb9f2ba3c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:39 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:07 GMT
server: AmazonS3
age: 25670
etag: "f4e8d0f65fdfc0346fcfe5e438d1ca8b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 7031
x-amz-cf-id: AIC_K_8cT0oQ9wNAI7o_TXDm31l4KRtAgMhpY4clK3qOu2uBg8x19w==

GET
H2 200 googleplay-icon.png
tipping.nrl.com/assets/images/home/ 12 KB
13 KB 59ms
57ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/googleplay-icon.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e426a3dd3eaf4e7c8e30886289cab2e824cf0ac2438e9f00df17cad871f650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:39 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:08 GMT
server: AmazonS3
age: 25669
etag: "64d59cd4858a390e60bbd8ff161e2167"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 12695
x-amz-cf-id: xiNL5aeT7gA8Z6sRM0aVb1yXpPwz39GDzIT-C6a1R1rxx0EUB3AwIA==

GET
H2

200

/
adservice.google.de/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/
Redirect Chain

https://ad.doubleclick.net/activity;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808?
https://ad.doubleclick.net/activity;dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808?
https://adservice.google.com/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/
https://adservice.google.de/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/

42 B
737 B

65ms
43ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/dc_pre=CPbPoo_Jt_YCFUtAkQUdrXgH0g;src=4375528;type=nrlve0;cat=nrl-t001;ord=1850918014607;gtm=2wg370;auiddc=1996598825.1646778808;~oref=https://tipping.nrl.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 account_icon.png
tipping.nrl.com/assets/images/ 1 KB
1 KB 94ms
93ms Image
image/png 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/account_icon.png
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7426c35344c898c4b7aeecf7db89dcf72bb547b393e37783b4b7a9013b33718d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:39 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:05 GMT
server: AmazonS3
age: 25670
etag: "696d75ec437ae1bd7d86b9598155a96e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
content-length: 1125
x-amz-cf-id: to-oqRHazo-10G9ni9nkHIGTBRY0uziOsgcmDLhz_CbNuwO_XOx6iA==

GET
H2 200 bg-2022-desktop.jpg
tipping.nrl.com/assets/images/home/ 50 KB
51 KB 63ms
62ms Image
image/jpeg 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/home/bg-2022-desktop.jpg
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddd9c6a80ea248e5b5427d3ba50f940dc24022373a7dc012d155a9336ad1e78c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:26 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:07 GMT
server: AmazonS3
age: 25683
etag: "bed7b6e84626c574178822bf7928997b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: TXL52-C1
content-length: 51574
x-amz-cf-id: 27Hf9M38wYFSD5NGyL-RsPVHEgMDbL5GLqXpYPgtz4BGYohM-nFkDg==

GET
H2 200 ionicons.ttf
tipping.nrl.com/assets/fonts/Ionicons/ 184 KB
185 KB 51ms
50ms Font
binary/octet-stream 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/assets/fonts/Ionicons/ionicons.ttf?v=2.0.0
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Origin: https://tipping.nrl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:25 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:01 GMT
server: AmazonS3
age: 25684
etag: "24712f6c47821394fba7942fbb52c3b2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://tipping.nrl.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL52-C1
content-length: 188508
x-amz-cf-id: k15-cTt55CjRbdUAnucxS7YXHljDX-5_uUDgLjJxW6_nH_f9LzvEbQ==

GET
H2 200 RLFontBoldItalic.woff2
tipping.nrl.com/assets/fonts/rl/ 15 KB
15 KB 57ms
56ms Font
binary/octet-stream 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/assets/fonts/rl/RLFontBoldItalic.woff2
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e09beca6d0029cf68f76c9e56600f1c65c3a1d73ac3772dbb06ed00b801184d

Request headers

Referer: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Origin: https://tipping.nrl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:25 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:02 GMT
server: AmazonS3
age: 25684
etag: "68b0b6118d5848c1b64f54d509bf7a75"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://tipping.nrl.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL52-C1
content-length: 15020
x-amz-cf-id: MXR5BVPq8dCyODfDRsSNaSst9nlVp_TU8BLcy1hSGSVOfjYEbxXp6A==

GET
H2 200 RLFontBold.woff2
tipping.nrl.com/assets/fonts/rl/ 13 KB
13 KB 59ms
58ms Font
binary/octet-stream 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/assets/fonts/rl/RLFontBold.woff2
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d099b34701fb032d6ee01032360b7d3a660361e5c335824a25aea3cd5b64a345

Request headers

Referer: https://tipping.nrl.com/app.css?5083d2345e7a7c47d49b
Origin: https://tipping.nrl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:25:25 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Sun, 06 Mar 2022 22:35:02 GMT
server: AmazonS3
age: 25684
etag: "b807acd63711c482b168c0edf53bacb3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://tipping.nrl.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL52-C1
content-length: 13044
x-amz-cf-id: t7Z3IymCMkjrQDxinMUDbeoWZZqotcxigIUFEzQRuSkvFsvh2Is0uQ==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ad454e5cab1876bb6e9c2df802836149

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a196f281b8197307f6237bfb513db07b4cde717bca074cc4c952b33088ea81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tipping.nrl.com/
Origin: https://tipping.nrl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2MAMOV9DiWF0zFymw6S+Dg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Mar 2023 22:06:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81493
x-fb-rlafr: 0
x-fb-debug: dYZ2dVICHguj4TuZhpdq7TsJmLFcQw6zCasxUyxpQKJQihF8C2tc2Iop2WDF2/C29jZU6MIHj7UqWMjcfUMbRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 97fcecaab907d2c0c11d3c18213cb60d
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 22:33:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "507ae5c0f1b5ab1ac11e12d7d7fe7e0e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1289309277&t=pageview&_s=1&dl=https%3A%2F%2Ftipping.nrl.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NRL%20Tipping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1341604077&gjid=559838277&cid=132007013.1646778809&tid=UA-98403742-21&_gid=1709898386.1646778809&_r=1&gtm=2wg370PV42QSK&cd2=-&cd3=-&cd4=-&cd5=-&cd6=-&cd7=-&cd8=-&cd9=-&cd10=-&cd11=-&cd13=-&cd14=-&cd15=-&cd16=-&cd19=No&cd24=Web&cd25=tipping.nrl.com&cd26=-&cd32=CONTAINER%20ID%3A%20GTM-PV42QSK%20%7C%20CONTAINER%20VERSION%3A%20150&cd34=False&cd35=-&cd36=-&cd59=%2F&cd27=132007013.1646778809&z=618851159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tipping.nrl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tipping.nrl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2Y6Q0FG9CF&gtm=2oe370&_p=1289309277&_z=ccd.JD&cid=132007013.1646778809&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Ftipping.nrl.com%2F&sid=1646778808&sct=1&seg=0&dt=NRL%20Tipping&en=page_view&_fv=1&_ss=1&ep.platform=Web&up.loggedin=No&up.has_adblocker=-&up.age=-
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y6Q0FG9CF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tipping.nrl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98403742-21&cid=132007013.1646778809&jid=1341604077&gjid=559838277&_gid=1709898386.1646778809&_u=YGBACEAABAAAAC~&z=849008312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tipping.nrl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 08 Mar 2022 22:33:28 GMT
content-type: text/plain
access-control-allow-origin: https://tipping.nrl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 25ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=641702585894218&ev=fb_page_view&dl=https%3A%2F%2Ftipping.nrl.com%2F&rl=&if=false&ts=1646778808679&sw=1600&sh=1200&at=

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 08 Mar 2022 22:33:28 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98403742-21&cid=132007013.1646778809&jid=1341604077&_u=YGBACEAABAAAAC~&z=557644134

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 41ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98403742-21&cid=132007013.1646778809&jid=1341604077&_u=YGBACEAABAAAAC~&z=557644134

Requested by

Host: tipping.nrl.com
URL: https://tipping.nrl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 61ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=tipping.nrl.com&doc=complete&pg_h=1536&pg_w=1600&pg_hs=1536&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rounds.json Show response
tipping.nrl.com/data/nrl/ 92 KB
6 KB 1064ms
1063ms XHR
application/json 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tipping.nrl.com/data/nrl/rounds.json
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.js?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32543f982ea08ef08cb0255bab9822ac651a40d5d9a163449bac0aaeeed553f3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tipping.nrl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 19:30:02 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "6ca50178421d3953bb6f4f8ba733fd52"
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
date: Tue, 08 Mar 2022 22:33:31 GMT
accept-ranges: bytes
content-length: 5621
x-amz-cf-id: NnF5Ykx99wmXnHoEi88XJrjWq2PwgkVUCILwBJvj2J7Y-0RoXqQRlQ==

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 524ms
179ms Ping
image/gif 2607:f8b0:4007:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l0ipl0vy&c=2513511459447124&e=31061691%2C31061693&ctx=1&met.9=1.kb~13.lf~2.m5&met.3=827.m9~947.ma~7.ma~947.ma~14.ma~947.ma~9.ma~947.ma~6.ma~91.ma~77.ma_1~917.md~75.qo~76.qo~334.rm~112.rr_1~94.19q~243.19w~947.19w~573.19w~113.19v_3&met.7=CBsQCMABtYaLuw8~CBIQBxgBIKQFKKQFMM4FOCpApQVIpgVQpgVYuwVgqwVouwVwzgV4_QiAAdEGiAG2Y6oBOgoZT3BlbitTYW5zOjQwMCw2MDAsNzAwLDgwMAodVGl0aWxsaXVtK1dlYjo0MDAsNjAwLDcwMCw4MDCwAQG4AQPAAdbHu8gK~CA0QChgBIKUFKKUFMM8FOCtApgVIpgVQpgVYugVgqwVouwVwygV4wdsBgAGV2QGIAeqGBbABAbgBA8AB4dvm3Qs~CBsQByClBThpwAH56IGbAg~CBsQCiClBThmwAHYn7XYBQ~CBsQChgBINEFKNEFMJkGOEjAAdWe06YM~CA4QChgBINwFKNwFMIUGOClA3AVI3QVQ3QVY8QVg4gVo8gVw-AV4iNAHgAHczQeIAebhFrABAbgBA8AB-4bUkQM~CDwQDRgBIN0FKN0FMIEGOCRQ3QVY8QVg4gVo8gVwgQZ4nwOAAXOIAakBsAEBuAEDwAHo1K_NCQ~CCgQChgBIKQGKKQGMKwGOAdopQZwqgZ4nbcBgAHxtAGIAbXgA7ABAbgBA8ABm-H6cA~CBsQCiCHBzgfwAHdntqpCg~CBsQAiCtBzgjwAGqu-WxBg~CBsQBiDfBzgwwAGnhvXFCg~CBsQBiDgBzguwAGG4azcCw~CBsQBiDgBzgxwAGG4azcCw~CBsQBiDgBzgwwAGI9NegAQ~CBsQCiDdBzghwAHZ67DzCg~CBsQChgBIM0HKM0HMP4HODHAAYzV2OsE~CBsQBiDgBzg3wAHJlcWTBw~CBsQBiDgBzhBwAHcmcmcBQ~CBsQBiDgBzg8wAG7grDuAg~CBsQBiDhBzg6wAGLrPyxDQ~CBsQBiDhBzg-wAH3hbqTDw~CBsQBiDhBzhBwAGBjYiLCw~CBsQAiDjBzhFwAGo05zkDw~CBsQAiDkBzg-wAGojb2-DA~CBsQAiDlBzg9wAHy7_m5Dw~CBsQAiDlBzg-wAGNhM2FAg~CBsQBiDhBzhpwAH865uEDA~CBsQBiDhBzhkwAGPzdq-AQ~CBsQAiDjBzhjwAGM-93ABg~CBsQCiCJCDgiwAHdntqpCg~CBsQDSCoCDgcwAGAkfKHCA~~CBsQBiCRCTgawAGy5M_6Cw~CCgQDRgBIIAJKIAJML0JOD7AAeKygLkD~CBsQBhgBIL4JKL4JMOkJOCpAvwlIvwlQvwlY1AlgxAlo1Qlw6Al41gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQBhgBIL8JKL8JMOgJOCpAvwlIvwlQvwlY1QlgxQlo1Qlw6Al41gKAASqIASqwAQG4AQPAAf23jOYB~CBsQBiDgBzjNAsAB6vKSxQY~CBsQBiDgBzjRAsABkraUmg4~CBsQBhgBIOEHKPoJMLsKONoCQPoJSPoJUPoJWJAKYIAKaJAKcLsKeNYCgAEqiAEqkAHhB5gB-QmwAQG4AQPAAdi5xZ8F~CBsQBiDfBzjSBMAB-Zyijg0~CBsQBiDgBzjSBMAB66Xplwk~CBsQBiDgBziMBcABjM3BLg~CBsQCDjwDMABtYaLuw8~CBwQBhgBIPYMKPYMMLMNOD1A9gxI9gxQ9gxYiw1g_Axoiw1wsg14rAKwAQG4AQPAAZSE4rUO~CBsQDSC5BzjuCMAB7JWzqgk&met.1=1.l0ipl047~6.0~7.1~8.x~9.x~10.26~11.1e~12.26~13.i9~14.i9~15.ic~16.q2~17.q2~18.rl~19.19p~20.19p~21.19s~22.m0~23.t5
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:810::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_menu.webp
tipping.nrl.com/assets/images/ 9 KB
9 KB 20ms
19ms Image
image/webp 2600:9000:20e8:1600:3:e154:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tipping.nrl.com/assets/images/logo_menu.webp
Requested by: Host: tipping.nrl.com
URL: https://tipping.nrl.com/app.js?5083d2345e7a7c47d49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:1600:3:e154:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb5db00c861f35ea163567cf1da86a35555fc70dcc18091c9c20293558dc3136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:33:29 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 02:11:50 GMT
server: AmazonS3
age: 1
etag: "c06bc9f73ad5c053b1d76d06510ae827"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=300, must-revalidate
x-amz-cf-pop: TXL52-C1
content-length: 8984
x-amz-cf-id: txYYz3r3v7WGciTipPBBvuunLExB7ZlIBvQqI_S_S54OVpnurdI0ew==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2Y6Q0FG9CF&gtm=2oe370&_p=1289309277&_z=ccd.JD&cid=132007013.1646778809&ul=en-us&sr=1600x1200&_s=2&dl=https%3A%2F%2Ftipping.nrl.com%2F&sid=1646778808&sct=1&seg=1&dt=NRL%20Tipping&en=page_view&_et=2&ep.content_id=-&ep.content_type=-&ep.content_name=-&ep.publish_date=-&ep.content_topic=-&ep.content_subtype=-&ep.content_sponsor=-&ep.content_teams=-&ep.content_team_1=-&ep.competition=-&ep.season=-&ep.round=-&ep.match=-&ep.platform=Web&ep.syndicate_content=False&ep.syndicate_original_creator=-&ep.syndicate_original_url=-&ep.content_author=-&ep.players=-&ep.content_additionalTopics=-
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y6Q0FG9CF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tipping.nrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 22:33:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tipping.nrl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nrl.com/	1970-01-20 03:35:54	Name: _gcl_au Value: 1.1.1996598825.1646778808
.nrl.com/	1970-01-20 01:27:45	Name: _gid Value: GA1.2.1709898386.1646778809
.nrl.com/	1970-01-20 01:26:18	Name: _gat_UA-98403742-21 Value: 1
.nrl.com/	1970-01-20 18:57:30	Name: _ga Value: GA1.1.132007013.1646778809
.nrl.com/	1970-01-20 18:57:30	Name: _ga_2Y6Q0FG9CF Value: GS1.1.1646778808.1.1.1646778808.0
.facebook.com/	1970-01-20 03:35:54	Name: fr Value: 0RQDth6jF3UUaIiEV..BiJ9m4...1.0.BiJ9m4.
.doubleclick.net/	1970-01-20 01:26:19	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://tipping.nrl.com/(Line 5) Message: The key "target-densitydpi" is not supported.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV42QSK(Line 50) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tipping.nrl.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
142.250.185.130
142.250.185.166
2600:9000:20e8:1600:3:e154:5bc0:93a1
2607:f8b0:4007:810::2003
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c01::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f8e74475f9ed0a82574a5348d75fdf715a2a109078757c5d8b02a8022a7ff2
12ad45da83e61fedbc42ab277fab9b372c59ec23a9efcfe028bf99ba466ee1a0
12e4631ca6d51991e090a50b5a47b5e1cdf5d42b720d23d6ba24c03ef09b9af3
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
32543f982ea08ef08cb0255bab9822ac651a40d5d9a163449bac0aaeeed553f3
327ed5cafb52b5d0696784ef6893045a7054d03f31c389f75771eb95934dad4f
4a8eb27bcb72058c70b8e17d44e67294a6af3a22d0fec455034a8fb9f2ba3c94
4e426a3dd3eaf4e7c8e30886289cab2e824cf0ac2438e9f00df17cad871f650d
56829f1e573332420e722f269796ff684fbaf25ca63630f98f44b47e185357db
5c432474eea16627fec18947cfb27b632452f26b8079a7cacf6da92a43a3dc2f
655c6b35f51eec671ead10d0d2d7793b76ea594712d22e08c1a9485ada81ca7b
6e09beca6d0029cf68f76c9e56600f1c65c3a1d73ac3772dbb06ed00b801184d
71b30029ed40e00b949f3375bab7201bccd383857910cd9487ff69038a18c340
72ede7ebca008bcf84c3774242a46abccfa40b0f7308f4aa54e3b2e883aef21e
735d9614439350570b718116ea8db7bd384e54cc782af3856e80a2a2ff0db45b
7426c35344c898c4b7aeecf7db89dcf72bb547b393e37783b4b7a9013b33718d
7d307a93f77b3b4f8eaf708b0c1c14bdb120d275f198daf4d56610156f1e8e8a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f60e4a1bbca29733dc51b938120369dc6d82871d44af3b71e91f82dedf7f082
96bf10cfc38fc0852ebf892b5960e8d2bccc54989adf55a3c86d56ca7c268129
99d557baf5b62fea2cfc90f5d0b660db096dff82b48a1912aa15891ec4ce8e79
9a196f281b8197307f6237bfb513db07b4cde717bca074cc4c952b33088ea81b
9d250364a50298450b790c4095e0947b4a2798a880073a1fe9a08dad287c0c1a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f388377ae43ef4d60aee5c3652deaa9c1fd16280e0ef3e714e46771067085b
a62f8011c1169cf89a74627eefbc80e14687880247d66398fbf0e816b44fcd64
b31a59563a259c19447fa087514e280c8b4c1bb122f55bb5029bba864d998795
bb5db00c861f35ea163567cf1da86a35555fc70dcc18091c9c20293558dc3136
bba05df4dc016bcf23a114d0a4b4c354bbcaa3f2b5e28d8bb9696cec83522b04
c5dbb17bd1b86923677b779ef873873a8f60d7aa005c93f061302f8abbf6c36c
ceb33c6d8d0c856c7adef393af2698daf3c74ff28ecc70a9bc34c16b57616961
d099b34701fb032d6ee01032360b7d3a660361e5c335824a25aea3cd5b64a345
d22aaece490a309474b793f8dd2df9bc837f1f13da333e434e87640b5f5a9ad9
d848900e5ba0a253af315927116d66de0a46ce0746a05bd91e60119a9922e6fe
ddd9c6a80ea248e5b5427d3ba50f940dc24022373a7dc012d155a9336ad1e78c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
ed6c5d649ac3011f570a27bb7783c10982892cfac4a289222026fb49b6db69aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6383ec4ca42a6284cd67dc07295bd20b003d536ec037fe52288633309ea72c0

tipping.nrl.com Open in urlscan Pro 2600:9000:20e8:1600:3:e154:5bc0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

88 %IPv6

12 Domains

16 Subdomains

14 IPs

3 Countries

1262 kBTransfer

3708 kBSize

7 Cookies

11 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tipping.nrl.com Open in urlscan Pro
2600:9000:20e8:1600:3:e154:5bc0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

1262 kB
Transfer

3708 kB
Size

7
Cookies

49 HTTP transactions
0 data transactions