URL: https://rockyriverrun24.grassrootz.com/ruok
Submission: On May 13 via manual from AU — Scanned from AU

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 63 HTTP transactions. The main IP is 20.42.228.161, located in Melbourne, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rockyriverrun24.grassrootz.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 31st 2023. Valid for: a year.
This is the only time rockyriverrun24.grassrootz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 20.42.228.161 8075 (MICROSOFT...)
1 108.158.32.65 16509 (AMAZON-02)
2 142.251.221.74 15169 (GOOGLE)
7 104.18.72.113 13335 (CLOUDFLAR...)
4 142.250.67.14 15169 (GOOGLE)
2 157.240.8.23 32934 (FACEBOOK)
4 142.250.204.8 15169 (GOOGLE)
2 13.107.246.31 8075 (MICROSOFT...)
2 172.217.167.78 15169 (GOOGLE)
4 18.67.111.121 16509 (AMAZON-02)
1 172.217.167.67 15169 (GOOGLE)
1 104.16.51.111 13335 (CLOUDFLAR...)
1 172.217.167.110 15169 (GOOGLE)
1 157.240.8.35 32934 (FACEBOOK)
3 20.231.53.73 8075 (MICROSOFT...)
1 142.250.66.194 15169 (GOOGLE)
2 64.233.170.156 15169 (GOOGLE)
1 1 142.251.221.66 15169 (GOOGLE)
1 1 172.217.167.68 15169 (GOOGLE)
2 142.250.71.67 15169 (GOOGLE)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
1 216.239.32.181 15169 (GOOGLE)
63 20
Apex Domain
Subdomains
Transfer
25 grassrootz.com
rockyriverrun24.grassrootz.com
cdn.grassrootz.com
api.grassrootz.com
1 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
q.clarity.ms — Cisco Umbrella Rank: 771555
c.clarity.ms — Cisco Umbrella Rank: 1385
28 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2248
ekr.zdassets.com — Cisco Umbrella Rank: 2556
361 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
379 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
22 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
437 B
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
69 KB
2 google.com.au
www.google.com.au — Cisco Umbrella Rank: 30059
127 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
289 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
763 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
273 B
1 zendesk.com
grassrootz.zendesk.com
1 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 raygun.io
cdn.raygun.io — Cisco Umbrella Rank: 12908
22 KB
63 17
Domain Requested by
12 api.grassrootz.com rockyriverrun24.grassrootz.com
9 rockyriverrun24.grassrootz.com rockyriverrun24.grassrootz.com
6 static.zdassets.com rockyriverrun24.grassrootz.com
static.zdassets.com
4 cdn.grassrootz.com rockyriverrun24.grassrootz.com
4 www.googletagmanager.com rockyriverrun24.grassrootz.com
www.googletagmanager.com
4 www.google-analytics.com rockyriverrun24.grassrootz.com
www.googletagmanager.com
www.google-analytics.com
cdn.raygun.io
3 q.clarity.ms cdn.raygun.io
3 www.youtube.com rockyriverrun24.grassrootz.com
www.youtube.com
2 c.clarity.ms 1 redirects
2 www.google.com.au rockyriverrun24.grassrootz.com
2 stats.g.doubleclick.net cdn.raygun.io
www.googletagmanager.com
2 www.clarity.ms rockyriverrun24.grassrootz.com
www.clarity.ms
2 connect.facebook.net rockyriverrun24.grassrootz.com
connect.facebook.net
2 fonts.googleapis.com rockyriverrun24.grassrootz.com
1 analytics.google.com www.googletagmanager.com
1 c.bing.com 1 redirects
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 www.facebook.com rockyriverrun24.grassrootz.com
1 grassrootz.zendesk.com static.zdassets.com
1 ekr.zdassets.com cdn.raygun.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.raygun.io rockyriverrun24.grassrootz.com
63 24

This site contains links to these domains. Also see Links.

Domain
endurancecui.active.com
www.ruok.org.au
grassrootz.com
grassrootz.zendesk.com
Subject Issuer Validity Valid
*.grassrootz.com
Go Daddy Secure Certificate Authority - G2
2023-05-31 -
2024-07-01
a year crt.sh
*.raygun.io
Amazon RSA 2048 M03
2023-09-11 -
2024-10-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
zdassets.com
E1
2024-05-01 -
2024-07-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-20 -
2024-05-20
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
api.grassrootz.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-02-07 -
2024-08-07
6 months crt.sh
grassrootz.zendesk.com
E1
2024-04-28 -
2024-07-27
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01
2024-01-14 -
2024-06-27
5 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.com.au
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh

This page contains 3 frames:

Primary Page: https://rockyriverrun24.grassrootz.com/ruok
Frame ID: 0F2B17AF873FABD820A814164C26858B
Requests: 50 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1220b2e.js
Frame ID: 8DA4E432B3D55D3A463A74011C12B91E
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Oprdjz_0SYk?autoplay=1&mute=1&loop=1&disablekb=1&controls=0&modestbranding=1&fs=0&iv_load_policy=3&enablejsapi=1&showinfo=0&rel=0&playsinline=1&origin=https%3A%2F%2Frockyriverrun24.grassrootz.com&widgetid=1
Frame ID: F0B9C8A786CBD15CFEF4318BE6A0AF51
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

7Rocky River Run 2024 | R U OK?

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

63
Requests

97 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

20
IPs

4
Countries

2470 kB
Transfer

9490 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&label=-91vCNba9YoBEI6RyMMD&hn=www.googleadservices.com&frm=0&tiba=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&value=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&npa=0&pscdl=noapi&auid=1453686506.1715577362&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDzfg-Cg5m7W5L-hIyVVZa8N5vK7qaq09vw&pscrd=IhMI5-K22u-JhgMVeb5LBR3_QgiqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vcm9ja3lyaXZlcnJ1bjI0LmdyYXNzcm9vdHouY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&label=-91vCNba9YoBEI6RyMMD&hn=www.googleadservices.com&frm=0&tiba=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&value=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&npa=0&pscdl=noapi&auid=1453686506.1715577362&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5-K22u-JhgMVeb5LBR3_QgiqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vcm9ja3lyaXZlcnJ1bjI0LmdyYXNzcm9vdHouY29tLw&is_vtc=1&cid=CAQSGwB7FLtqpVTEBcsWraFMWihZMaTgIxO74owRLQ&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDzX0-U6g8U0XC30ijhOn1a2D8iK9oqvsSE&random=1438919557 HTTP 302
  • https://www.google.com.au/pagead/1p-conversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&label=-91vCNba9YoBEI6RyMMD&hn=www.googleadservices.com&frm=0&tiba=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&value=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&npa=0&pscdl=noapi&auid=1453686506.1715577362&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5-K22u-JhgMVeb5LBR3_QgiqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vcm9ja3lyaXZlcnJ1bjI0LmdyYXNzcm9vdHouY29tLw&is_vtc=1&cid=CAQSGwB7FLtqpVTEBcsWraFMWihZMaTgIxO74owRLQ&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDzX0-U6g8U0XC30ijhOn1a2D8iK9oqvsSE&random=1438919557&ipr=y
Request Chain 56
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D949087C37B54584B2C18377161D32E2&RedC=c.clarity.ms&MXFR=0E8D9DF0A35D671703A2898EA75D6991 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D949087C37B54584B2C18377161D32E2&MUID=2C49446A0ECA6E4B31B850140F306F1B

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ruok
rockyriverrun24.grassrootz.com/
26 KB
11 KB
Document
General
Full URL
https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
414ce9e054d1d04f6905815d2060913a15a94b21a9a1769ce1aca7c5e8719576
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 05:15:56 GMT
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-powered-by
ASP.NET
runtime.bundle.js.gz
rockyriverrun24.grassrootz.com/js/
1 KB
792 B
Script
General
Full URL
https://rockyriverrun24.grassrootz.com/js/runtime.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a84aa9cec404ec955b0b7497897c57488f21ec9c7224ba9a5009fa40915c45e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:56 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc49917dca"
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
714
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
vendor.bundle.js.gz
rockyriverrun24.grassrootz.com/js/
3 MB
745 KB
Script
General
Full URL
https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16e1f577bcf1d59c37a85a2410fad25ecc836818610c4bba777d2eda93b272bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:56 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc499adc38"
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
762680
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
client.bundle.js.gz
rockyriverrun24.grassrootz.com/js/
2 MB
425 KB
Script
General
Full URL
https://rockyriverrun24.grassrootz.com/js/client.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
07d5804e48c035c25d1790601977a9fd09cfa90e45a283388de11d67939c8e84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:56 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2024 06:44:04 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc4866f60b"
x-powered-by
ASP.NET
content-type
text/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
435211
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
vendor.css.gz
rockyriverrun24.grassrootz.com/css/
55 KB
8 KB
Stylesheet
General
Full URL
https://rockyriverrun24.grassrootz.com/css/vendor.css.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e81122a03a8bef5d3bf61001dbab8675058fced85a4cbb35a34a8c589f70b3c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:56 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc499160d8"
x-powered-by
ASP.NET
content-type
text/css
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
8152
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
server.css.gz
rockyriverrun24.grassrootz.com/css/
852 KB
135 KB
Stylesheet
General
Full URL
https://rockyriverrun24.grassrootz.com/css/server.css.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
636433279c72d6d254b9f50d1bb4c85471754118f71276d89a59293bb21681b7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:56 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc499366f4"
x-powered-by
ASP.NET
content-type
text/css
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
137716
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
raygun.min.js
cdn.raygun.io/raygun4js/
71 KB
22 KB
Script
General
Full URL
https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-65.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d522099e4a628802af6cb3a58cc79d0f8bebaf52ddff686610ac1e569560605f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 15:05:10 GMT
content-encoding
gzip
via
1.1 e80732d7ef726bed77c3f67a8339cc96.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 22:09:38 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
51049
x-amz-server-side-encryption
AES256
etag
W/"7c782602fc8026eb2c28223a04bac51f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1nOnS9u0VYMKQ10FhoIKGX8hO5WUQ0zPH34noYbnYiYCkxPfBsLY4Q==
css
fonts.googleapis.com/
1 KB
471 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Jost
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/css/server.css.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
64f4462363aad215af624fb7da5bcae8e22e278f1b3e4652ada25d58a599d0d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 05:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 May 2024 05:15:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 May 2024 05:15:57 GMT
css
fonts.googleapis.com/
4 KB
899 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Jost:400,700,400italic,700italic&subset=latin
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/css/server.css.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
09b8febd33fe63485dae2eef94d37f058c33b3fa5c9c08597e5a6bc2811823d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 05:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 May 2024 05:15:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 May 2024 05:15:57 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=6cc2d5ad-a0f5-42f5-bfab-dd49be5fade4
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/client.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9X4B0G1GWNB25PJG
age
4
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hRjYGUi4IbdtYshA7PgTP3or5ERwhXkygbs01fElDWPxpqRxjm7%2BIS2sQIE0t2cVO70u5aLudLdqjF6fuite8%2FGx0rMTnJLa0bGrHGQUoTqaP%2FKrootaUPujGb09Zo4rDJ5HPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
88302c78f9b3a93d-SYD
access-control-allow-headers
*
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 May 2024 04:00:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4507
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 13 May 2024 06:00:55 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 05:16:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1314, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
LRyz1MfkLDNWF++Lm4CyfJmOUB7uMcrMxFDrozrfFiynI+hV/vjrvKygzYL0HYpkTpIF53keBzIAiHwBDPnE0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/
191 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLG6VGP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8fc8a94ec611d1adabf41cf3fbac81defb5b32035bedf397a099cdbde2f8247b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69472
x-xss-protection
0
last-modified
Mon, 13 May 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 05:16:02 GMT
gtm.js
www.googletagmanager.com/
291 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RXKX7&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e37666d5fdc05c54ef7f0529825a4f2063e9e9d3ec7ddfb60e16f7ac7ffe1156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95626
x-xss-protection
0
last-modified
Mon, 13 May 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 05:16:02 GMT
ij04ubjam2
www.clarity.ms/tag/
667 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/ij04ubjam2
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
784d2078bdb12c8926f0bb0d8ccd9bde3ebc6608a64a4c623956e7c6ad07e21a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Mon, 13 May 2024 05:16:02 GMT
x-azure-ref
20240513T051602Z-17888c76bbc6fnkwva7ezestkc0000000da0000000011zcp
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
667
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
ESF /
Resource Hash
866b0dff742f52c8ce72fb6793882fdc9cc16fa9dca416168e8ee33acac4199d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 13 May 2024 05:16:02 GMT
3FfVNeMxgrZ6eJkPkSMgI9uj.jpg
cdn.grassrootz.com/organization/logo/
12 KB
12 KB
Image
General
Full URL
https://cdn.grassrootz.com/organization/logo/3FfVNeMxgrZ6eJkPkSMgI9uj.jpg?w=400
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-121.syd62.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8426d070e2d7f11f6bb618b543cdeaabf9056864bf848ad9f6b1b4d54ceb7cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 02:40:16 GMT
via
1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-amz-cf-pop
SYD62-P2
age
9633
x-powered-by
ASP.NET
etag
0x8D91C0C2832DEF7
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age: 172800
content-length
11790
x-amz-cf-id
kRKutcxOFbbdJlaijt_kQsj8KbKIkOIfNZAM8e3hxyCMJ9sDVdssBg==
jFy94g5RFzxWGDenKrIgBf2A.png
cdn.grassrootz.com/campaign/asset/
45 KB
46 KB
Image
General
Full URL
https://cdn.grassrootz.com/campaign/asset/jFy94g5RFzxWGDenKrIgBf2A.png?w=850
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-121.syd62.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7853b65aeeaad90750e1be365eb77cbdeb93a2e53b42890a189fbbc6cdd9aca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 00:35:03 GMT
via
1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-amz-cf-pop
SYD62-P2
age
16858
etag
0x8DC30E2CA217B2F
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age: 172800
content-length
46211
x-amz-cf-id
-DMUs-0NbEMa1qOtFGfXGIK6g-qHmQ3-rCROzEAfQ0u1OSwy88O6Dg==
Powered_by_Grassrootz.png
rockyriverrun24.grassrootz.com/images/
11 KB
11 KB
Image
General
Full URL
https://rockyriverrun24.grassrootz.com/images/Powered_by_Grassrootz.png
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
869ebecaad575143b60339cf7e1a080c49e139fb8200893cdae26a5be963224b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc49915391"
x-powered-by
ASP.NET
content-type
image/png
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
11409
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://rockyriverrun24.grassrootz.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 16:43:08 GMT
x-content-type-options
nosniff
age
131574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26620
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:39:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 16:43:08 GMT
icons.woff2
rockyriverrun24.grassrootz.com/fonts/
39 KB
39 KB
Font
General
Full URL
https://rockyriverrun24.grassrootz.com/fonts/icons.woff2
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/css/server.css.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/css/server.css.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Origin
https://rockyriverrun24.grassrootz.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc4991e3d4"
x-powered-by
ASP.NET
content-type
font/woff2
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
40148
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
public
api.grassrootz.com/api/v2/donation/search/ Frame
0
0
Preflight
General
Full URL
https://api.grassrootz.com/api/v2/donation/search/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,content-type,customcampaignurl,pragma
Access-Control-Request-Method
POST
Origin
https://rockyriverrun24.grassrootz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
apikey,content-type,customcampaignurl,pragma
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 13 May 2024 05:15:58 GMT
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
public
api.grassrootz.com/api/v3/timeline/search/ Frame
0
0
Preflight
General
Full URL
https://api.grassrootz.com/api/v3/timeline/search/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,content-type,customcampaignurl,pragma
Access-Control-Request-Method
POST
Origin
https://rockyriverrun24.grassrootz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
apikey,content-type,customcampaignurl,pragma
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 13 May 2024 05:15:58 GMT
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
public
api.grassrootz.com/api/v2/donation/search/
6 KB
6 KB
XHR
General
Full URL
https://api.grassrootz.com/api/v2/donation/search/public
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66c1d7949c86d9c23e1d9db31f6d0b7ce6735bd28c16bcc1e5e13a85243e0b5e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
CustomCampaignUrl
rockyriverrun24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://rockyriverrun24.grassrootz.com/
ApiKey
15G55N5XKYCRBJA289TZS3FSMMGD76
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
server
Microsoft-IIS/10.0
api-supported-versions
2, 3.0, 4.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
6218
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
public
api.grassrootz.com/api/v3/timeline/search/
86 B
133 B
XHR
General
Full URL
https://api.grassrootz.com/api/v3/timeline/search/public
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0fe14a92128dec480adf14e2434cf07eedb1ef994ebdfd63bf4f47be07ae4344

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
CustomCampaignUrl
rockyriverrun24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://rockyriverrun24.grassrootz.com/
ApiKey
15G55N5XKYCRBJA289TZS3FSMMGD76
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
server
Microsoft-IIS/10.0
api-supported-versions
2, 3.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
86
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
public
api.grassrootz.com/api/v3/leaderboard/amount/search/
11 KB
11 KB
XHR
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0dd1f4e5527fce8a9db220403af6ba4e15632461cf5ba57011756d0f77ae80c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
CustomCampaignUrl
rockyriverrun24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://rockyriverrun24.grassrootz.com/
ApiKey
15G55N5XKYCRBJA289TZS3FSMMGD76
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
server
Microsoft-IIS/10.0
api-supported-versions
2, 3.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
11193
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
public
api.grassrootz.com/api/v3/leaderboard/amount/search/ Frame
0
0
Preflight
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,content-type,customcampaignurl,pragma
Access-Control-Request-Method
POST
Origin
https://rockyriverrun24.grassrootz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
apikey,content-type,customcampaignurl,pragma
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 13 May 2024 05:15:58 GMT
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
public
api.grassrootz.com/api/v3/leaderboard/amount/search/ Frame
0
0
Preflight
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,content-type,customcampaignurl,pragma
Access-Control-Request-Method
POST
Origin
https://rockyriverrun24.grassrootz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
apikey,content-type,customcampaignurl,pragma
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 13 May 2024 05:15:58 GMT
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
public
api.grassrootz.com/api/v3/leaderboard/amount/search/ Frame
0
0
Preflight
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,content-type,customcampaignurl,pragma
Access-Control-Request-Method
POST
Origin
https://rockyriverrun24.grassrootz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
apikey,content-type,customcampaignurl,pragma
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 13 May 2024 05:15:58 GMT
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
public
api.grassrootz.com/api/v3/leaderboard/amount/search/
11 KB
11 KB
XHR
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0dd1f4e5527fce8a9db220403af6ba4e15632461cf5ba57011756d0f77ae80c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
CustomCampaignUrl
rockyriverrun24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://rockyriverrun24.grassrootz.com/
ApiKey
15G55N5XKYCRBJA289TZS3FSMMGD76
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
server
Microsoft-IIS/10.0
api-supported-versions
2, 3.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
11193
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
public
api.grassrootz.com/api/v3/leaderboard/amount/search/
11 KB
11 KB
XHR
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0dd1f4e5527fce8a9db220403af6ba4e15632461cf5ba57011756d0f77ae80c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
CustomCampaignUrl
rockyriverrun24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://rockyriverrun24.grassrootz.com/
ApiKey
15G55N5XKYCRBJA289TZS3FSMMGD76
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
server
Microsoft-IIS/10.0
api-supported-versions
2, 3.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
11193
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
public
api.grassrootz.com/api/v3/leaderboard/amount/search/
86 B
126 B
XHR
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/js/vendor.bundle.js.gz?v=8456afa6a5a545749e4e0c609b1bbb3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a6893a41e65000a796c1b7c429f8127cb04eb9f92c2974891f3849ff3072de8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
CustomCampaignUrl
rockyriverrun24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://rockyriverrun24.grassrootz.com/
ApiKey
15G55N5XKYCRBJA289TZS3FSMMGD76
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
server
Microsoft-IIS/10.0
api-supported-versions
2, 3.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
86
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
public
api.grassrootz.com/api/v3/leaderboard/amount/search/ Frame
0
0
Preflight
General
Full URL
https://api.grassrootz.com/api/v3/leaderboard/amount/search/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,content-type,customcampaignurl,pragma
Access-Control-Request-Method
POST
Origin
https://rockyriverrun24.grassrootz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
apikey,content-type,customcampaignurl,pragma
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 13 May 2024 05:15:58 GMT
request-context
appId=cid-v1:155d7ee0-0cce-49fc-95f0-15258c735194
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
6cc2d5ad-a0f5-42f5-bfab-dd49be5fade4
ekr.zdassets.com/compose/
920 B
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/6cc2d5ad-a0f5-42f5-bfab-dd49be5fade4
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb47c56b07d4d165f20a8eeab9c043b5dd87d4568ccce6f84d52b90ec54dcae
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:15:58 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8814f9b02ed0487f-SEA, 8814f9b02ed0487f-SEA
x-runtime
0.005489
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3bb47c56b07d4d165f20a8eeab9c043b"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Bp59%2BsmX7Ncwziak1ZY1IXO%2FH9KI7Eaod4zraq1pa43tK1jbEgrpqnCL2BY7RZXo2t%2BD1z8hD6W8z65VM0TGOLhZW2T%2F9thhn9MyoEP8WgMTLIUXxcIc7TAA21hl5N8NYM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
88302c79b81bab05-SYD
web-widget-main-1220b2e.js
static.zdassets.com/web_widget/classic/latest/ Frame 8DA4
972 KB
278 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1220b2e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=6cc2d5ad-a0f5-42f5-bfab-dd49be5fade4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ed746ba11175e661e72c76e0b948deec27a391b793a52904016a084b6359b7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
x-amz-version-id
SlC9xTAY2YIwN7.6X4wCtNf670Vu5_jO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
2TWMYWV9FKZ8MQ6P
age
82
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
3AbN3v7OA1FXLB8w/dTdNl7Ont4yGUA69PT18aPHEcGchAKvFy99Lg56YQn/Lt2Y4xMny85QsIo=
last-modified
Mon, 06 May 2024 20:36:57 GMT
server
cloudflare
etag
W/"b4a428eba038e94cf613969bb9bdc78d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFaCrYZPNE1fZ2gzt2PA0oIJTZ4izBwHWQAP9d%2F5DGjzw9cfFfIWv%2BGKimgzpm5l%2Ff1pHAutddbAUmEvqDcG%2FaHcEQofA00ELmb2fBigFTyuMGL%2FO5ExLEDbpBNpMtry9FyNZA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88302c90bea3a93d-SYD
access-control-allow-headers
*
expires
Tue, 06 May 2025 20:36:55 GMT
wNsKPWJeaebXr5kz4iUhJizH.png
cdn.grassrootz.com/fundraiser/avatar/
9 KB
9 KB
Image
General
Full URL
https://cdn.grassrootz.com/fundraiser/avatar/wNsKPWJeaebXr5kz4iUhJizH.png?w=56
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-121.syd62.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70b90eaa03f7133f2098b00f4fc983bd419b2fee21a661d543907ed89e1ca4ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 00:35:07 GMT
via
1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-amz-cf-pop
SYD62-P2
age
16855
etag
0x8DC72E48A43DCA4
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age: 172800
content-length
9110
x-amz-cf-id
apGIDyis2NzD6u8sFlIdeUC6XU9A6FRvjUkxi9h1PyNXxS7dEOnlJg==
3FfVNeMxgrZ6eJkPkSMgI9uj.jpg
cdn.grassrootz.com/organization/logo/
2 KB
2 KB
Image
General
Full URL
https://cdn.grassrootz.com/organization/logo/3FfVNeMxgrZ6eJkPkSMgI9uj.jpg?w=56
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-121.syd62.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e1693d01b3436f87968218033b080436b1a67ea901530350eed1c33c6ce3655

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 20:20:19 GMT
via
1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-amz-cf-pop
SYD62-P2
age
32142
x-powered-by
ASP.NET
etag
0x8D83A8CD710E6D2
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age: 172800
content-length
1687
x-amz-cf-id
BsO-tXbHkqRl2SyThcpVrd4J5lijycrIbfqEK6uIrsR91xSJx5W1EQ==
1929830787258043
connect.facebook.net/signals/config/
65 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1929830787258043?v=2.9.156&r=stable&domain=rockyriverrun24.grassrootz.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
a2b45e85030510ab099c9a80d34e01bc42d8ab418175622fe856705542c1ee42
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 05:16:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=64, mss=1314, tbw=63309, tp=-1, tpl=-1, uplat=257, ullat=0
pragma
public
x-fb-debug
9b47ooqOo6uCBUPBOnwmKsqG8coiNYxbga3Kh+uZ4ObSJmmHx6Xv/zbz9IWmwyLIs+aJN/oA/gasUFK2rT1tjQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/
215 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 07:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
423205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68217
x-xss-protection
0
last-modified
Wed, 08 May 2024 04:20:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 08 May 2025 07:42:37 GMT
en-us-json-1220b2e.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 8DA4
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1220b2e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1220b2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
x-amz-version-id
vAzFSohenz_e22Rp8lNkv2BTGPuGS.8c
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
BVNQXG9GPSV2EAK6
age
320033
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4CAuRB1EffmnJlzBNn7SnikOhu6PppPQeyN+kV/1kUEEbmXpWlEAfujjfOAtpENniqqiR+9oBVY=
last-modified
Mon, 06 May 2024 20:36:58 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wi7sj3DwO8vGYQt%2BF3PRQ8Q9C%2Bd4qb%2FdojA7LNbgTQlS4G7fLA3zp8ZqqkUMj7dzyfHMJOoGN1CtJgkqR%2F3rx1x9vsPfpPJYdkg%2FfAVIN8Ce1OTNepecE9ewAnhmzYhGb30QWvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88302c92389ea93d-SYD
access-control-allow-headers
*
expires
Tue, 06 May 2025 20:36:57 GMT
config
grassrootz.zendesk.com/embeddable/ Frame 8DA4
528 B
1 KB
Fetch
General
Full URL
https://grassrootz.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1220b2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c7b1930fe9f27e16f12d7c8bd665f54457bd6f4c742f65203e8040e660307

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17
x-zendesk-origin-server
embeddable-app-server-d76bd8449-dclck
x-cached
MISS
x-runtime
0.001956
last-modified
Mon, 13 May 2024 05:15:45 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P429hWySxxkSrCvucPxt%2BxDnS2B%2B67hPvngXlEu4mNXlvpzOcyPcpDlxXe4pGqxvGFOVyKj%2Beo12OjLqZTusUx%2FHyhIrQRY%2FR%2F4DNXmqahC%2FwVGbO98zCTK%2BhtGV2E9I2EEG4VzZCuM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
88302c9249d1a96d-SYD
Oprdjz_0SYk
www.youtube.com/embed/ Frame F0B9
0
0
Document
General
Full URL
https://www.youtube.com/embed/Oprdjz_0SYk?autoplay=1&mute=1&loop=1&disablekb=1&controls=0&modestbranding=1&fs=0&iv_load_policy=3&enablejsapi=1&showinfo=0&rel=0&playsinline=1&origin=https%3A%2F%2Frockyriverrun24.grassrootz.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://rockyriverrun24.grassrootz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 05:16:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
clarity.js
www.clarity.ms/s/0.7.32/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ij04ubjam2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240513T051602Z-17888c76bbc6fnkwva7ezestkc0000000da0000000011zey
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4d8a7965-101e-0065-6e1f-a3809f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2PEE0Y2WKP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLG6VGP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
71b51c3ddc99b561a2b308b14d56e33ef4cc1ac0970872aeb5f4d71893a99038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104485
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 05:16:02 GMT
web-widget-chat-sdk-1220b2e.js
static.zdassets.com/web_widget/classic/latest/ Frame 8DA4
202 KB
51 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1220b2e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1220b2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
x-amz-version-id
vQxExfzodtghL4OtCIgkSot6TaNjuL0m
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
BVNJGE599EKXR6MY
age
320033
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Zp/i/90lmYBjQpnCcK7kMHIdLopyG9DyKRIvyf3bxXvbW138z04FPS3rENmFkHKyO37aQwv5s3k/ivp0jADdLA==
last-modified
Mon, 06 May 2024 20:36:56 GMT
server
cloudflare
etag
W/"b8284a4b45e40625c2b90a641ebe4a68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wKMJjuJ7Hs1wkOIxn6sTEKE6PiC7f1Uzi7qr2mUj%2Bye4nBB%2FtO%2B7nnCSpp0IIVFGQfS2Zd8ODH1oBrOhI7BgYQlboLkcucVavSBsDg%2FjDNNVHxtLvG5aK6MroGNbK%2FaKUmazMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88302c929925a93d-SYD
access-control-allow-headers
*
expires
Tue, 06 May 2025 20:36:55 GMT
destination
www.googletagmanager.com/gtag/
348 KB
115 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-946997390&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RXKX7&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fd9f6550d893f5035fafd63f7f8176ccaa4ccc3913585c60ee2d1f4fa7270c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 05:16:02 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1929830787258043&ev=PageView&dl=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&rl=&if=false&ts=1715577362486&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715577362484.52412051&cs_est=true&ler=empty&cdl=API_unavailable&it=1715577362143&coo=false&rqm=GET
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1314, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 05:16:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
q.clarity.ms/
0
310 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://rockyriverrun24.grassrootz.com
Date
Mon, 13 May 2024 05:16:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
www.google-analytics.com/g/
0
182 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2PEE0Y2WKP&gtm=45je4580v898612146z8892425128za200&_p=1715577358214&gcd=13l3l3l3l1&npa=0&dma=0&cid=427476329.1715577363&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715577362&sct=1&seg=0&dl=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&dt=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5350
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PEE0Y2WKP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rockyriverrun24.grassrootz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/946997390/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/946997390/?random=1715577362781&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&label=-91vCNba9YoBEI6RyMMD&hn=www.googleadservices.com&frm=0&tiba=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&value=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&bttype=purchase&npa=0&pscdl=noapi&auid=1453686506.1715577362&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-946997390&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
36d57a5ef67ff0b77517db92a2da3003be6d26c0354ed904d0e3a85e314396da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1625
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
655 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 04:48:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
1678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 13 May 2024 05:48:04 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1353441666&t=pageview&_s=1&dl=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&dp=%2Fruok&ul=en-au&de=UTF-8&dt=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KCDAAAIRAAAAAC~&jid=1123438478&gjid=936173387&cid=427476329.1715577363&tid=UA-124281063-1&_gid=1496809512.1715577363&_r=1&_slc=1&z=753731657
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rockyriverrun24.grassrootz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
357 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-124281063-1&cid=427476329.1715577363&jid=1123438478&gjid=936173387&_gid=1496809512.1715577363&_u=KCDAAAIQAAAAAC~&z=362220993
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 13 May 2024 05:16:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rockyriverrun24.grassrootz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-conversion/946997390/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=...
  • https://www.google.com/pagead/1p-conversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=htt...
  • https://www.google.com.au/pagead/1p-conversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=...
42 B
64 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-conversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&label=-91vCNba9YoBEI6RyMMD&hn=www.googleadservices.com&frm=0&tiba=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&value=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&npa=0&pscdl=noapi&auid=1453686506.1715577362&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5-K22u-JhgMVeb5LBR3_QgiqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vcm9ja3lyaXZlcnJ1bjI0LmdyYXNzcm9vdHouY29tLw&is_vtc=1&cid=CAQSGwB7FLtqpVTEBcsWraFMWihZMaTgIxO74owRLQ&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDzX0-U6g8U0XC30ijhOn1a2D8iK9oqvsSE&random=1438919557&ipr=y
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H3
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://rockyriverrun24.grassrootz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.com.au/pagead/1p-conversion/946997390/?random=1656335110&cv=11&fst=1715577362781&bg=ffffff&guid=ON&async=1&gtm=45be4580v893827707za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&label=-91vCNba9YoBEI6RyMMD&hn=www.googleadservices.com&frm=0&tiba=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&value=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&npa=0&pscdl=noapi&auid=1453686506.1715577362&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5-K22u-JhgMVeb5LBR3_QgiqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vcm9ja3lyaXZlcnJ1bjI0LmdyYXNzcm9vdHouY29tLw&is_vtc=1&cid=CAQSGwB7FLtqpVTEBcsWraFMWihZMaTgIxO74owRLQ&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDzX0-U6g8U0XC30ijhOn1a2D8iK9oqvsSE&random=1438919557&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-widget-chat-incoming-message-notification-1220b2e.js
static.zdassets.com/web_widget/classic/latest/ Frame 8DA4
236 B
818 B
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1220b2e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1220b2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:03 GMT
x-amz-version-id
YnVbnvsPI6yxK4Yma2Fxs.OyXj1LwPNg
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CPDCYVRYC76HB5V6
age
320033
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
EtTiXRAUGpNuSy2PTejRgEynw5/MXjpKdByLt+sPcoBqGbmeGJxrO6Lk2eJerfYaJj8hVwgZQnQNoh2xZvWNMw==
last-modified
Mon, 06 May 2024 20:36:56 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECnTDcsA2Z9Uore55EwsmG9M9HqtU%2FdqxNd6kJ23Vh5QTY5GUjzIn73BzvCnstEEV8COblRyPwW0lF9EOfyqBlV7WIIcsZG9sNy%2F4iHlmDu2xlsOplNkkFv%2Fr4pLNtnVNXlt9lc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88302c99a99fa93d-SYD
access-control-allow-headers
*
expires
Tue, 06 May 2025 20:36:55 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 8DA4
19 KB
20 KB
Media
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Requested by
Host: rockyriverrun24.grassrootz.com
URL: https://rockyriverrun24.grassrootz.com/ruok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:03 GMT
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KH5VE2Z70ZGQ75A2
age
7538129
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMK2bUv%2Ba3eXwabFgUQMtG%2Br4QNX%2B%2Bwy7sdT5CR%2FChVagFSJJ5Bcz%2BU1RPb5mOaX0Kgp0K3EMOUuLSQUonbvZe45OblutFATLjPuQ9OWh5nAHyALkpB8vOTNKDCCBLBTZOhk8%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88302c99d9daa93d-SYD
access-control-allow-headers
*
expires
Thu, 28 Nov 2024 08:06:42 GMT
collect
q.clarity.ms/
0
310 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://rockyriverrun24.grassrootz.com
Date
Mon, 13 May 2024 05:16:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D949087C37B54584B2C18377161D32E2&RedC=c.clarity.ms&MXFR=0E8D9DF0A35D671703A2898EA75D6991
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D949087C37B54584B2C18377161D32E2&MUID=2C49446A0ECA6E4B31B850140F306F1B
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D949087C37B54584B2C18377161D32E2&MUID=2C49446A0ECA6E4B31B850140F306F1B
Protocol
H2
Server
20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://rockyriverrun24.grassrootz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:03 GMT
last-modified
Fri, 01 Mar 2024 20:23:14 GMT
server
Microsoft-IIS/10.0
etag
"4113e049166cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77641FB54EE3421897052CCCB9DBF23B Ref B: SYD03EDGE1716 Ref C: 2024-05-13T05:16:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D949087C37B54584B2C18377161D32E2&MUID=2C49446A0ECA6E4B31B850140F306F1B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
rockyriverrun24.grassrootz.com/
1 KB
1 KB
Other
General
Full URL
https://rockyriverrun24.grassrootz.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.228.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
697aff08e314a217d5829f9239b73d106bba43c5d7d26ac4145526726dc33743

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/ruok
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:16:02 GMT
last-modified
Thu, 09 May 2024 06:44:06 GMT
server
Microsoft-IIS/10.0
etag
"1daa1dc49917b7e"
x-powered-by
ASP.NET
content-type
image/x-icon
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
1150
request-context
appId=cid-v1:73d1fe9d-d501-4f56-9bf3-234fa12acd2c
collect
analytics.google.com/g/
0
265 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-ZQFYBT7FTK&gtm=45be4580v893827707za201&_p=1715577358214&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=427476329.1715577363&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1715577364&sct=1&seg=0&dl=https%3A%2F%2Frockyriverrun24.grassrootz.com%2Fruok&dt=7Rocky%20River%20Run%202024%20%7C%20R%20U%20OK%3F&en=video_start&_fv=1&_ss=1&epn.video_current_time=0&epn.video_duration=15&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=7Rocky%20River%20Run%202024%20-%20Ready%2C%20Set%2C%20Register&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DOprdjz_0SYk&ep.visible=true&tfd=7606
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-946997390&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rockyriverrun24.grassrootz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZQFYBT7FTK&cid=427476329.1715577363&gtm=45be4580v893827707za201&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-946997390&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rockyriverrun24.grassrootz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZQFYBT7FTK&cid=427476329.1715577363&gtm=45be4580v893827707za201&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=569181036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 05:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
q.clarity.ms/
0
310 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://rockyriverrun24.grassrootz.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://rockyriverrun24.grassrootz.com
Date
Mon, 13 May 2024 05:16:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| RaygunObject function| rg4js object| webpackJsonp function| ReactJsAsyncInit object| core object| __core-js_shared__ object| React object| ReactDOM object| ReactDOMServer object| IntlPolyfill function| _ object| device function| setImmediate function| clearImmediate object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill function| ReduxWrapper string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| dataLayer function| clarity function| onYouTubeIframeAPIReady string| raygunUserAgent object| raygunUserAgentData number| raygunUserAgentDataStatus object| TraceKit function| raygunUtilityFactory function| raygunErrorUtilitiesFactory function| raygunNetworkTrackingFactory function| raygunViewportFactory function| raygunBreadcrumbsFactory function| raygunCoreWebVitalFactory object| Raygun object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| $zopim object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| google_tag_manager object| google_tag_data object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData boolean| RaygunInitialized

26 Cookies

Domain/Path Name / Value
.rockyriverrun24.grassrootz.com/ Name: ARRAffinity
Value: c72ce40d6bdc277de9f7aefc1dbf5d0d56231ff5fc239c6dfef98e61cafd45d3
.rockyriverrun24.grassrootz.com/ Name: ARRAffinitySameSite
Value: c72ce40d6bdc277de9f7aefc1dbf5d0d56231ff5fc239c6dfef98e61cafd45d3
.youtube.com/ Name: YSC
Value: -PTWIX6mzb8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1PvZN-dN4MY
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJBVRIEGgAgWA%3D%3D
www.clarity.ms/ Name: CLID
Value: de99b84963b04cab94402e709c140a2e.20240513.20250513
.grassrootz.com/ Name: _gcl_au
Value: 1.1.1453686506.1715577362
.grassrootz.com/ Name: _clck
Value: 4vx72p%7C2%7Cflq%7C0%7C1594
.grassrootz.com/ Name: _fbp
Value: fb.1.1715577362484.52412051
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: e2w/mznLA8AAAnXptoJWwLLLvkWRZr5dUSHuazkSPlBISqVAEB8GhVLU7fojJNH78DkExH7doESVcP5VwB1sKoIAa3sUWvxk8VQ5z0sx2MLv1WgGkLxOparMv9w2
.grassrootz.com/ Name: _ga
Value: GA1.1.427476329.1715577363
.rockyriverrun24.grassrootz.com/ Name: _ga
Value: GA1.3.427476329.1715577363
.rockyriverrun24.grassrootz.com/ Name: _gid
Value: GA1.3.1496809512.1715577363
.rockyriverrun24.grassrootz.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.grassrootz.com/ Name: _clsk
Value: i0d91w%7C1715577363329%7C1%7C1%7Cq.clarity.ms%2Fcollect
.grassrootz.com/ Name: __zlcmid
Value: 1LkmiMws2s29f8o
.bing.com/ Name: MUID
Value: 2C49446A0ECA6E4B31B850140F306F1B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2C49446A0ECA6E4B31B850140F306F1B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2C49446A0ECA6E4B31B850140F306F1B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.grassrootz.com/ Name: _ga_2PEE0Y2WKP
Value: GS1.1.1715577362.1.0.1715577366.0.0.0
.grassrootz.com/ Name: _ga_ZQFYBT7FTK
Value: GS1.1.1715577364.1.0.1715577366.58.0.0

21 Console Messages

Source Level URL
Text
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/www-widgetapi.js(Line 1252)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1929830787258043?v=2.9.156&r=stable&domain=rockyriverrun24.grassrootz.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/www-widgetapi.js(Line 1260)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://rockyriverrun24.grassrootz.com').
security warning URL: https://www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/www-widgetapi.js(Line 1260)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://rockyriverrun24.grassrootz.com').
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rockyriverrun24.grassrootz.com/ruok
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.grassrootz.com
c.bing.com
c.clarity.ms
cdn.grassrootz.com
cdn.raygun.io
connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grassrootz.zendesk.com
q.clarity.ms
rockyriverrun24.grassrootz.com
static.zdassets.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.16.51.111
104.18.72.113
108.158.32.65
13.107.246.31
142.250.204.8
142.250.66.194
142.250.67.14
142.250.71.67
142.251.221.66
142.251.221.74
157.240.8.23
157.240.8.35
172.217.167.110
172.217.167.67
172.217.167.68
172.217.167.78
18.67.111.121
20.205.115.81
20.231.53.73
20.42.228.161
204.79.197.237
216.239.32.181
64.233.170.156
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
07d5804e48c035c25d1790601977a9fd09cfa90e45a283388de11d67939c8e84
09b8febd33fe63485dae2eef94d37f058c33b3fa5c9c08597e5a6bc2811823d7
0fe14a92128dec480adf14e2434cf07eedb1ef994ebdfd63bf4f47be07ae4344
16e1f577bcf1d59c37a85a2410fad25ecc836818610c4bba777d2eda93b272bb
1a84aa9cec404ec955b0b7497897c57488f21ec9c7224ba9a5009fa40915c45e
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
36d57a5ef67ff0b77517db92a2da3003be6d26c0354ed904d0e3a85e314396da
3bb47c56b07d4d165f20a8eeab9c043b5dd87d4568ccce6f84d52b90ec54dcae
414ce9e054d1d04f6905815d2060913a15a94b21a9a1769ce1aca7c5e8719576
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
52ed746ba11175e661e72c76e0b948deec27a391b793a52904016a084b6359b7
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5e1693d01b3436f87968218033b080436b1a67ea901530350eed1c33c6ce3655
636433279c72d6d254b9f50d1bb4c85471754118f71276d89a59293bb21681b7
64f4462363aad215af624fb7da5bcae8e22e278f1b3e4652ada25d58a599d0d0
66c1d7949c86d9c23e1d9db31f6d0b7ce6735bd28c16bcc1e5e13a85243e0b5e
697aff08e314a217d5829f9239b73d106bba43c5d7d26ac4145526726dc33743
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70b90eaa03f7133f2098b00f4fc983bd419b2fee21a661d543907ed89e1ca4ea
71b51c3ddc99b561a2b308b14d56e33ef4cc1ac0970872aeb5f4d71893a99038
784d2078bdb12c8926f0bb0d8ccd9bde3ebc6608a64a4c623956e7c6ad07e21a
7a6893a41e65000a796c1b7c429f8127cb04eb9f92c2974891f3849ff3072de8
866b0dff742f52c8ce72fb6793882fdc9cc16fa9dca416168e8ee33acac4199d
869ebecaad575143b60339cf7e1a080c49e139fb8200893cdae26a5be963224b
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e81122a03a8bef5d3bf61001dbab8675058fced85a4cbb35a34a8c589f70b3c
8fc8a94ec611d1adabf41cf3fbac81defb5b32035bedf397a099cdbde2f8247b
916c7b1930fe9f27e16f12d7c8bd665f54457bd6f4c742f65203e8040e660307
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2b45e85030510ab099c9a80d34e01bc42d8ab418175622fe856705542c1ee42
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a7853b65aeeaad90750e1be365eb77cbdeb93a2e53b42890a189fbbc6cdd9aca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8426d070e2d7f11f6bb618b543cdeaabf9056864bf848ad9f6b1b4d54ceb7cd
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d0dd1f4e5527fce8a9db220403af6ba4e15632461cf5ba57011756d0f77ae80c
d522099e4a628802af6cb3a58cc79d0f8bebaf52ddff686610ac1e569560605f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e37666d5fdc05c54ef7f0529825a4f2063e9e9d3ec7ddfb60e16f7ac7ffe1156
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd9f6550d893f5035fafd63f7f8176ccaa4ccc3913585c60ee2d1f4fa7270c28