benuredhawks.com Open in urlscan Pro
67.192.28.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://benuredhawks.com/
Effective URL:
https://benuredhawks.com/
Submission: On January 31 via api (January 31st 2024, 12:41:33 am UTC) from US — Scanned from DE

Summary HTTP 153 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 22 domains to perform 153 HTTP transactions. The main IP is 67.192.28.16, located in United States and belongs to RMH-14, US. The main domain is benuredhawks.com.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time benuredhawks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15 31	67.192.28.16 67.192.28.16	33070 (RMH-14) (RMH-14)
4	2600:9000:26d... 2600:9000:26da:8400:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.173.154.32 18.173.154.32	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:225b:5800:4:cc99:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	99.84.90.89 99.84.90.89	16509 (AMAZON-02) (AMAZON-02)
14	18.173.187.84 18.173.187.84	16509 (AMAZON-02) (AMAZON-02)
2	99.84.88.85 99.84.88.85	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	174.143.40.29 174.143.40.29	33070 (RMH-14) (RMH-14)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f23... 2a03:2880:f234:1c5:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	54.231.170.9 54.231.170.9	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
6 8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
153	32

31 67.192.28.16 (United States) 15 redirects

ASN33070 (RMH-14, US)

benuredhawks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26da:8400:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.154.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-32.muc50.r.cloudfront.net

dbukjj6eu5tsf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225b:5800:4:cc99:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

fonts.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.84.90.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-90-89.muc50.r.cloudfront.net

dxbhsrqyrr690.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.173.187.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-84.muc50.r.cloudfront.net

images.sidearmdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-85.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.143.40.29 (United States)

ASN33070 (RMH-14, US)

statcollector.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f234:1c5:face:b00c:0:43fe (Dallas, United States)

ASN32934 (FACEBOOK, US)

scontent-dfw5-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.170.9 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sidearm-syndication.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.149 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	benuredhawks.com 15 redirects benuredhawks.com	74 KB
29	googlesyndication.com cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	175 KB
22	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	287 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	199 KB
14	sidearmdev.com images.sidearmdev.com — Cisco Umbrella Rank: 22920	13 MB
10	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	82 KB
10	cloudfront.net dbukjj6eu5tsf.cloudfront.net dxbhsrqyrr690.cloudfront.net	212 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	5 KB
7	sidearmsports.com fonts.sidearmsports.com — Cisco Umbrella Rank: 24449 statcollector.sidearmsports.com — Cisco Umbrella Rank: 25962	61 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	cdninstagram.com scontent-dfw5-2.cdninstagram.com — Cisco Umbrella Rank: 5417	1 MB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	309 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5511	143 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	gstatic.com fonts.gstatic.com	71 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	3 KB
1	amazonaws.com sidearm-syndication.s3.amazonaws.com — Cisco Umbrella Rank: 35852	2 KB
1	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 4034	438 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
153	22

	Domain	Requested by
31	benuredhawks.com	15 redirects benuredhawks.com cdn.transcend.io
15	pagead2.googlesyndication.com	benuredhawks.com cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.transcend.io www.googletagservices.com
14	s0.2mdn.net	benuredhawks.com s0.2mdn.net
14	images.sidearmdev.com	benuredhawks.com
11	tpc.googlesyndication.com	benuredhawks.com cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.transcend.io
10	cdnjs.cloudflare.com	benuredhawks.com cdn.transcend.io
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	cdn.transcend.io
6	dxbhsrqyrr690.cloudfront.net	benuredhawks.com
4	ad.doubleclick.net	benuredhawks.com
4	scontent-dfw5-2.cdninstagram.com	benuredhawks.com
4	statcollector.sidearmsports.com	cdn.transcend.io statcollector.sidearmsports.com
4	www.googletagmanager.com	benuredhawks.com cdn.transcend.io
4	dbukjj6eu5tsf.cloudfront.net	benuredhawks.com cdn.transcend.io
4	cdn.transcend.io	benuredhawks.com cdn.transcend.io
3	cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com	cdn.transcend.io
3	www.google-analytics.com	cdn.transcend.io
3	fonts.sidearmsports.com	benuredhawks.com fonts.sidearmsports.com
2	www.googletagservices.com	cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
2	www.google.de	benuredhawks.com
2	www.google.com	benuredhawks.com cdn.transcend.io
2	stats.g.doubleclick.net	cdn.transcend.io
2	region1.google-analytics.com	cdn.transcend.io
2	fonts.gstatic.com	fonts.googleapis.com
2	sb.scorecardresearch.com	cdn.transcend.io benuredhawks.com
1	region1.analytics.google.com	cdn.transcend.io
1	sidearm-syndication.s3.amazonaws.com	cdn.transcend.io
1	cdn.krxd.net	cdn.transcend.io
1	fonts.googleapis.com	benuredhawks.com
153	32

This site contains links to these domains. Also see Links.

Domain
www.benustore.com
portal.stretchinternet.com
www.instagram.com
ben.edu
www.naia.org
play.mynaia.org
www.calpacathletics.com
sidearmsports.com
www.sidearmsports.com

Subject Issuer	Validity	Valid
benuredhawks.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.sidearmsports.com Amazon RSA 2048 M02	`2023-11-06` - `2024-12-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
statcollector.sidearmsports.com R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://benuredhawks.com/
Frame ID: B681CB60402D9C184024ADD086FBEDBB
Requests: 92 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.pageview%7Call.pageview&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686095
Frame ID: 35BCA6C5F65CDC8A1D4EF0E3D0BB4A00
Requests: 2 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.active%7Call.active&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686104
Frame ID: A912097ADD8FA581EC0ABD5F2E05E8F6
Requests: 2 HTTP requests in this frame

Frame: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 162BE9746B0669A9DD3C02E9DA70716D
Requests: 1 HTTP requests in this frame

Frame: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10A9669D6E6EAC4135F485A7BA179630
Requests: 13 HTTP requests in this frame

Frame: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8202BB87E5D1B2E1070ED2EA8AFAB13A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNUVUPvUdH7nBNlHGgpS8_vgv2LrQ3kwf5GP6e1wM5RyK0a5uxPy3ljw4CuMVb5Pw-3KrXby2DXvqSQL1heqeOqpEfFoYHTYRTVTalvc9USrwYCWM-Vb_VxHs1vw7lfYvBqGqjFabSLHyOhyN-2BRCkR3B4IM44rbEEh6GX7XIX8ZEn4ITY
Frame ID: 030CA6686122A93A5D9037D166A9FF4C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNVQkg0BsjLFXNO6jezMm5-RHha2SLkoiN9-4KifbDp6dmZ2nwjVVNpJEOG7VstDxeKVOKmS98ALONPwEuDW9pQBeN8PXjvH5hgqfOSJtBE94n_OILnzV3mmCW0j373JFzsl_nt5__Vab_yaIiSrGYpNINwTOhpruqJ_dd8gKbRiSgTtqM0
Frame ID: 06B866AF287AD8F457288FC8BC081D59
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BDBFAF4683DAF6D522E71EEFE21A9D00
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
Frame ID: 96A72CF70137F4877B29F1E985D91818
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A12AFAAA5C59A611829CB95BDE7C5860
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
Frame ID: BC768DFC26DC3EA45C5267AADF814D12
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D79F572B45F7489CB5B126C2FB3CE406
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7123A637D6AD63DBE5CC33CDB4C1FEA1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benedictine University Mesa - Official Athletics Website Sidearm Sports, opens a new window

Page URL History Show full URLs

http://benuredhawks.com/ HTTP 301
https://benuredhawks.com/ Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

86 %
HTTPS

61 %
IPv6

22
Domains

32
Subdomains

32
IPs

4
Countries

16032 kB
Transfer

19799 kB
Size

18
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.benustore.com/
Title: Spirit Store

Search URL Search Domain Scan URL

URL: https://portal.stretchinternet.com/benumesa/
Title: Watch Live

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C2urt4wrcwC/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/benu_redhawks
Title: @benu_redhawks

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C2oTjuPLs2D/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C2oOQobLZXD/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C2oKMWVLEFi/

Search URL Search Domain Scan URL

URL: https://ben.edu/

Search URL Search Domain Scan URL

URL: https://www.naia.org/

Search URL Search Domain Scan URL

URL: https://play.mynaia.org/

Search URL Search Domain Scan URL

URL: https://www.calpacathletics.com/

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/terms-of-service
Title: Terms of Service, opens in new window

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/privacypolicy
Title: Privacy Policy, opens in new window

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.sidearmsports.com/
Title: Sidearm Sports, opens a new window

Search URL Search Domain Scan URL

URL: http://www.sidearmsports.com/blockers
Title: Learn More About Ad Blockers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://benuredhawks.com/ HTTP 301
https://benuredhawks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://benuredhawks.com/images/logos/site/site.png?width=48 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png

Request Chain 62

https://benuredhawks.com/images/2024/1/27/Untitled_design-3.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-3.png&height=1080&width=1920&type=png&gravity=centre

Request Chain 63

https://benuredhawks.com/images/2024/1/21/Untitled_design.png?width=540&height=304&mode=crop&scale=both&format=jpg&quality=80 HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f21%2fUntitled_design.png&height=304&width=540&type=png&gravity=smart

Request Chain 64

https://benuredhawks.com/images/logos/Gilbert_AZ.png?width=42 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fGilbert_AZ.png&width=42&type=png

Request Chain 65

https://benuredhawks.com/images/logos/STU%20Gameday.png?width=42 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSTU%2520Gameday.png&width=42&type=png

Request Chain 66

https://benuredhawks.com/images/logos/Antelope-Valley-Pioneers.png?width=42 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fAntelope-Valley-Pioneers.png&width=42&type=png

Request Chain 67

https://benuredhawks.com/images/logos/Southeastern-University-in-Florida.png?width=42 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSoutheastern-University-in-Florida.png&width=42&type=png

Request Chain 68

https://benuredhawks.com/images/logos/bushnell.png?width=42 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fbushnell.png&width=42&type=png

Request Chain 76

https://benuredhawks.com/images/2024/1/19/dirtybirdz.png?width=540&height=304&mode=crop&scale=both&format=jpg&quality=80 HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f19%2fdirtybirdz.png&height=304&width=540&type=png&gravity=smart

Request Chain 77

https://benuredhawks.com/images/2024/1/18/Untitled_design.png?width=540&height=304&mode=crop&scale=both&format=jpg&quality=80 HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f18%2fUntitled_design.png&height=304&width=540&type=png&gravity=smart

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmXOImh1Bhy5Ec3ogS0lAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1

Request Chain 113

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmXOImh1Bhy5Ec3ogS0lAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1

Request Chain 117

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D

Request Chain 141

https://benuredhawks.com/images/2024/1/27/Untitled_design.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design.png&height=1080&width=1920&type=png&gravity=centre

Request Chain 142

https://benuredhawks.com/images/2024/1/27/Untitled_design-2.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-2.png&height=1080&width=1920&type=png&gravity=centre

Request Chain 143

https://benuredhawks.com/images/2024/1/25/Untitled_design-2.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design-2.png&height=1080&width=1920&type=png&gravity=centre

Request Chain 150

https://benuredhawks.com/images/2024/1/25/Untitled_design.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter HTTP 302
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design.png&height=1080&width=1920&type=png&gravity=centre

153 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
benuredhawks.com/
Redirect Chain

http://benuredhawks.com/
https://benuredhawks.com/

418 KB
33 KB

518ms
264ms

Document
text/html

67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

23f763a1799cadd6852205791c46ebcfc70c5e24ca8bb6c5aacf4b0b245d94a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=850
content-encoding: br
content-length: 33004
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 00:41:24 GMT
expires: Wed, 31 Jan 2024 00:55:35 GMT
last-modified: Wed, 31 Jan 2024 00:25:35 GMT
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
strict-transport-security: max-age=0;
vary: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Date: Wed, 31 Jan 2024 00:41:23 GMT
Location: https://benuredhawks.com/
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=0;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 149 KB
49 KB 55ms
21ms Script
application/javascript 2600:9000:26da:8400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

69d9ebd4b1206e258357a002b50b22899a35c3814276efadc143a20322c2e2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:25 GMT
content-encoding: br
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: X24a9vlUxQAOhr_EHbyhRCeS2dY_A9ZG9vbw8FeBrkcxM183oSf8Ag==
x-xss-protection: 1; mode=block

GET
H2 200 main.1701117076018.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 115 KB
25 KB 74ms
16ms Script
application/javascript 18.173.154.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/main.1701117076018.js
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-32.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c370963c13366d93cfd050f98bc5ddb1e436d17d9218394b25d92e2e0e906f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:37:55 GMT
content-encoding: gzip
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-version-id: GTozyr_EY7dbNWsXI52FSZmwnegG_qW_
x-amz-cf-pop: MUC50-P3
age: 2531011
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24963
last-modified: Mon, 27 Nov 2023 20:31:53 GMT
server: AmazonS3
etag: "66df130c83cebff99becdefc49555a94"
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: VKLy7qPr2RP4zppYgenr8J9uFsnbYLoOoiK7F4ZApLi0My8mrZtAFQ==
expires: Thu, 27 Nov 2025 20:31:16 GMT

GET
H2 200 sidearm_font_v2.css
fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/ 14 KB
14 KB 98ms
17ms Stylesheet
text/css 2600:9000:225b:5800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/sidearm_font_v2.css
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:5800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4ef7ec47986932b8fa1d84cc6aa4a202d47e0c18775901831b161101a9c8ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:50:43 GMT
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 18:04:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 62353
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 24 Oct 2023 18:04:01 GMT
etag: "5af3f5d324d47a8fea3943de78fd5ffb"
content-type: text/css
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13842
x-amz-cf-id: oPh3nvAkLbOg56NUTcVu2YtJTCW4PDW9CYQaMAsTA6qzq3cxokoFsw==

GET
H2 200 sidearm_font.css
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 11 KB
3 KB 627ms
546ms Stylesheet
text/css 2600:9000:225b:5800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:5800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: gzip
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "1ad82ee377693ace7a947b0c66052a4d"
x-cache: RefreshHit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2670
x-amz-cf-id: 1xa5H87YabsgY13TtbpllrMM8Ddl7y7nHhkpc7NzzSMe7JXpefITug==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 30ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3556212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29363
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A646opwRf%2F%2FqweKDlJUDiWMqWFWcDiMZ3YniJnyH5r5WG2JtpXFr7siUh82h%2B2cXcOsu7TkmQK4G59AbEwYCQBJIpdf22qA1WMaepd%2FLcRlaOlZCQdcwL5GmywiyyXjQ12%2B51%2Fj4NKXd0d%2B1qJ5xisM%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8adf9b968f7-FRA
expires: Mon, 20 Jan 2025 00:41:25 GMT

GET
H2 200 require.min.js Show response
cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/ 25 KB
7 KB 32ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2175530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7122
last-modified: Mon, 04 May 2020 16:15:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbf-653e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbIhu%2FVCP09UEDcD5QS%2BvocJbRwOZoSKXk4RxVky0JGk2eN%2BUn0shUC4N2xurdgTgIwTMGXIUjQhYDcjQYGNWxANtitug1U4OD%2BMoIDd5BUWSHLoKMDqmbg5LCrRBFU899UfkDjGndfCy9EN4u%2F95xYd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8adf9ba68f7-FRA
expires: Mon, 20 Jan 2025 00:41:25 GMT

GET
H2 200 bundle.1693919720915.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 471 KB
135 KB 86ms
27ms Script
application/javascript 18.173.154.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1693919720915.js
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-32.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f1950abc6e6c61b21446666705924af293529ca8f79655c6f1fb57d3331e898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:46:08 GMT
content-encoding: gzip
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-version-id: U2Kzy7BCoe6VZI8BI8D8wTyJM6awSn..
x-amz-cf-pop: MUC50-P3
age: 1904118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 138102
last-modified: Tue, 05 Sep 2023 13:15:26 GMT
server: AmazonS3
etag: "fa28b7d158d986a5ea574e4bb2a30773"
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: kRK6DW4nb8t05viLaMMMAphz_OHjQbYyyL4zCP9mSTc4bAvFCDxy7g==
expires: Fri, 05 Sep 2025 13:15:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 53ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,700;0,900;1,400;1,700;1,800&display=swap

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32889d251fc20f7aa1e8aaabb6affd79bee7ed63a0be17f4234f0bab30508388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 00:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 00:41:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 00:41:25 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/ 1 KB
1017 B 29ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/slick.min.css

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6070984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 347
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-4fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XdxE85sEXahyYXLiRdLmum2jdGP7DhlyM0Zi%2BE16Hj%2FrxFFAHpttFvGM3z8zdsl58alnCh%2B0VuhKKvYqujI2omxTvtC1luS7L%2FJfqh4fSzVs2%2FJ16rVwTEUbBThZ26jZwp4uRuD5i2NVjfgDC%2BM%2BBmp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8adf9b868f7-FRA
expires: Mon, 20 Jan 2025 00:41:25 GMT

GET
H2 200 sidearm-responsive-grid.less
benuredhawks.com/less/ 240 KB
19 KB 139ms
139ms Stylesheet
text/css 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/less/sidearm-responsive-grid.less?_=638422074245118107

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6bcd093acfb6706f4db36f75feedfa76a0111b682bd83337f75b0aa50316d2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:24 GMT
vary: *
content-type: text/css; charset=utf-8
cache-control: public
content-length: 19128
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 00:41:25 GMT

GET
H2 200 site.less
benuredhawks.com/site/ 74 KB
8 KB 136ms
135ms Stylesheet
text/css 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/site/site.less?_=638182205412596634

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b3112af82ae0d4d86cc13b8b08c7ef9938cf3a401df7f53d82c413edae6cdca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:24 GMT
vary: *
content-type: text/css; charset=utf-8
cache-control: public
content-length: 8308
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 00:41:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 70ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MCY99C2VY5

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecd83f94aff9e4af22f9faf6c254a1821d0f29b227b68da4fdb17a497319df6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 00:41:25 GMT

GET
H2 200 logo_main.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/ 3 KB
3 KB 118ms
47ms Image
image/svg+xml 99.84.90.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/logo_main.svg
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c9f81fc576e217cb26321fa2217ea162a5c7bcd1a0f2cf10b1c03efea0a6e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 12:52:50 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 02 May 2023 04:06:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 42516
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Sat, 08 Apr 2023 14:28:34 GMT
vary: Origin
etag: "9c312ef53fc88c4632667aaccf8a583c"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3091
x-amz-cf-id: crJ1gLUYdW8EZGPoSUGskj2WUW4olvy3LjXYmXBuEjCHygKF7yVREA==

GET
H2 200 footer-edu.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/ 9 KB
10 KB 102ms
32ms Image
image/svg+xml 99.84.90.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/footer-edu.svg
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de4e94440163688cf0639ebe2ebe062f17aebd76a6dc2b51722a327ce5656221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 12:52:50 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 14:30:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 42516
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Thu, 14 Sep 2023 14:28:22 GMT
vary: Origin
etag: "cf7300330aa8242cbaf222aa4fb2c912"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 9614
x-amz-cf-id: AGKslolMkNvRyE1gLaFDpaWqM5hmHP8tDP8ANYjGVRiEXGwd8JHz4A==

GET
H2 200 footer_logo_NAIA.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/ 4 KB
4 KB 36ms
32ms Image
image/svg+xml 99.84.90.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/footer_logo_NAIA.svg
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e0768124016fb73f556af1d0f2018436c3410aec803e4c8c11ad7143efbbf79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 10:38:26 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 02 May 2023 04:06:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 50580
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Thu, 13 Apr 2023 15:51:36 GMT
vary: Origin
etag: "74c37452a775098362390b32f2a7d896"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3613
x-amz-cf-id: HBEA1Bz1FG52Cop5x4XBNvHWvrcCNEt2YriHlVfWiKsqfkz3GxIrLA==

GET
H2 200 footer_logo_playnaia.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/ 15 KB
16 KB 27ms
26ms Image
image/svg+xml 99.84.90.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/footer_logo_playnaia.svg
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67f4d5060b6a97dad094f90313ea00d99a47163efc199d44d9340fa6f89d2629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 10:38:26 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 02 May 2023 04:06:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 50580
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Thu, 13 Apr 2023 15:51:39 GMT
vary: Origin
etag: "97e608ab0f997b7a183dfad71c99733c"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 15461
x-amz-cf-id: lYVDvd0D1qkXYSX-UGLynb_k6KFjQtGsptEC1ZmkPScXH0mU02PPqw==

GET
H2 200 footer_logo_CALPAC.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/ 11 KB
12 KB 33ms
32ms Image
image/svg+xml 99.84.90.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/footer_logo_CALPAC.svg
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbbba5c4021a34d362532f2f07e274de6de9f6b271db3d066ade009276a8013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 14:53:50 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 02 May 2023 04:06:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 35256
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Sat, 08 Apr 2023 14:28:33 GMT
vary: Origin
etag: "22b79faa6f5a2a31c9d782aa9674d91a"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11542
x-amz-cf-id: -5DaxxLQ5TxvdUo28nFiDn4pNCzOuDD9UFmCxmDPWWLWsvazePF7tg==

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/logos/site/site.png?width=48
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png

5 KB
5 KB

71ms
24ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

0c6b1f5d45343375287b4f792169622df4102b92bc3bf60ce1c57fa411b30914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 12:26:14 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 994511
x-cache: Hit from cloudfront
content-length: 4751
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: AFD8COW9ehQz1fJAQriREJUvIu5rp9ZboPesTxzX3CpZK5sRCYoG9g==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:24 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png
content-length: 313
x-xss-protection: 1; mode=block

GET
H2 200 ui.js Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 312 KB
87 KB 43ms
15ms Script
text/javascript 2600:9000:26da:8400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d12d3fe0ad2d9dca4f5e4ab1e44eecaaeca212b2dd6ade5786c6231478c1933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benuredhawks.com/
Origin: https://benuredhawks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: WVtFsaE_7_eX8WWCyBpKNMbY7Aws.Gq2
content-encoding: gzip
via: 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 03:29:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 76345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Jan 2024 20:45:51 GMT
server: AmazonS3
etag: W/"7d28317c827dda7c50f7af4f63d12cb6-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: hb07pedp28hnthwcR95YPZhswq3ivfRViM40SdYPUwkgknAnrL97SA==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 61ms
15ms Script
application/javascript 99.84.88.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-85.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 06:19:40 GMT
content-encoding: gzip
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 66111
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: F_UaQK-rKcZSooXPvvhM-S2eLpnWoFsButlWdrKbW2DZDIFQBdnzug==

GET
H2 200 cm.css
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 17 KB
4 KB 14ms
14ms Stylesheet
text/css 2600:9000:26da:8400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20da7195227c6b983133610b35fe4e1d7f00bbdcd49363b52c16fb37fe0f6bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: lXpzfPdWryEMR.K5GxjTuZRsjnULNiBH
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 03:29:07 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 76344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Jan 2024 20:45:51 GMT
server: AmazonS3
etag: W/"fde9742aeeaf36d9202bef8e2f1197d7-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: muFYmTkPQU8IH5tg47k5aCkjSc_3LWpE9AdZbhfeNyzS-57f0RQ9DA==

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 23ms
22ms Image
text/plain 99.84.88.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661686021&ns_c=UTF-8&c7=https%3A%2F%2Fbenuredhawks.com%2F&c8=&c9=
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-85.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: -z-Tb-CqjE-F5-vYJka3Qj5rxuX467PukBwPm8T6-5dYclpLGlUX2g==
x-cache: Miss from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
76 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c936b0a7bc7ae16efa96271a08a276374fbdf6c79817d19b6b912689b12e4085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77346
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jan 2024 00:41:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
53 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6R675

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8569fe154e6d536fcc234c5caf5dde8a47563c51c0dfdb9b14d12752bd013f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54350
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jan 2024 00:41:26 GMT

GET
H2 200 logo_main.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/ 3 KB
3 KB 15ms
15ms Image
image/svg+xml 99.84.90.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/benmesa.sidearmsports.com/images/responsive_2023/logo_main.svg
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c9f81fc576e217cb26321fa2217ea162a5c7bcd1a0f2cf10b1c03efea0a6e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 12:52:50 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 02 May 2023 04:06:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 42517
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Sat, 08 Apr 2023 14:28:34 GMT
vary: Origin
etag: "9c312ef53fc88c4632667aaccf8a583c"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3091
x-amz-cf-id: KndUoZc9TWn9bgdBSWnjfTf0KA_JH7zXlcVqQMJbF3--1SbPOQG59A==

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 40ms
15ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,700;0,900;1,400;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benuredhawks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:05:02 GMT
x-content-type-options: nosniff
age: 20184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:05:02 GMT

GET
H2 200 iJWEBXyIfDnIV7nEnX661A.woff2
fonts.gstatic.com/s/rubik/v28/ 36 KB
36 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,700;0,900;1,400;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36791c7ed0c7ae2e4246246fcc002f0db8f238e8c53795bc305c32e2973b190e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benuredhawks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:01:26 GMT
x-content-type-options: nosniff
age: 20400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36408
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:01:26 GMT

GET
H2 200 so4l4yxm2.js Show response
cdn.krxd.net/controltag/ 2 B
438 B 43ms
7ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 188
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 22
x-served-by: config-service-a003-ash-prod.krxd.net, cache-iad-kiad7000020-IAD, cache-fra-eddf8230044-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1706661686.111705,VS0,VE1
etag: "bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 569281, 1

GET
H2 200 en.json Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/ 11 KB
3 KB 14ms
14ms Fetch
application/json 2600:9000:26da:8400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

378ead8d61543d7cae599eb64a5d678ddcd5e4c8e9accdff0c91c29a7f68e59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: NsqfRFbqoNx7PIDAH3Ce0cvVES2TJOyK
content-encoding: br
via: 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 06:05:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 67071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Jan 2024 20:45:51 GMT
server: AmazonS3
etag: W/"dab04ca012191d9d91d7023f86b44f19-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: wVxVYBBxVDZfwN-c4TdfhgJCQv49dE5Ou6_eYOxxjVeB8aRDcdSNyA==

GET
H2 200 knockout-fast-foreach.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 7 KB
3 KB 226ms
225ms Script
application/x-javascript 18.173.154.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/knockout-fast-foreach.min.js?bust=638396439353986773
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-32.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
x-amz-version-id: lKr3ANDj088p2nhHUmVOIYlNf8.eSZsC
content-encoding: br
last-modified: Tue, 27 Nov 2018 22:42:47 GMT
server: AmazonS3
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"7d4c22c0f7e7c7eff721fadb17e18645"
x-amz-meta-cb-modifiedtime: Tue, 16 May 2017 21:35:03 GMT
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/x-javascript
x-amz-cf-id: rEkQE64z9iel0L_vGQyZDEf8kc6mPv6QVX2fvUWQgMfq1GHRR71oGA==
expires: Thu Nov 11 2021 00:00:00 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 16ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5345558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5303
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM%2Bivg1PBMZWb2BrP21bAYmTh5klnNcepfJov1J7b6%2BINeprShDeDmYNpB6rqUrvkv3JWbcdyScBE%2FqYGWbckvU7dRZZ5lcj7BQy98oFKF4eJHJDu45ykBCbi80bhoaNb6giKKZv4z9J9ldwCOn8DcXw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b1fba468f7-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

GET
H2 200 headroom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/ 4 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/headroom.min.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7159b1e57dc6cfa8abd3a69a3ae0c6de500aad6566d820b9c2588ee653333cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7838398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1339
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-10dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W54MROuJf%2FZ%2BLmprhXstvfQ%2BAsX75otp%2FDZkzUDBoMcd8NgPxCM8t68QhgmMaBTq6GLymilaYwZFIMSpDHXpV01ocDf1mPgmPvGTjsQEJxlICMN8j0qfhNR9EgxWywKi0FGjmtGvNY1fu7bO7qbXH%2FzC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b20ba568f7-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 51ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MCY99C2VY5&gtm=45je41t0v9129253275&_p=1706661686048&gcs=G111&gcd=11t1t1l1l5&npa=0&dma_cps=sypham&dma=1&cid=2063913798.1706661686&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706661686&sct=1&seg=0&dl=https%3A%2F%2Fbenuredhawks.com%2F&dt=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1521
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame 35BC 7 KB
2 KB 420ms
125ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.pageview%7Call.pageview&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686095
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-length: 1782
content-type: text/html
date: Wed, 31 Jan 2024 00:41:26 GMT
etag: "0568a3ac67d41:0"
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame A912 7 KB
2 KB 420ms
127ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.active%7Call.active&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686104
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-length: 1782
content-type: text/html
date: Wed, 31 Jan 2024 00:41:26 GMT
etag: "0568a3ac67d41:0"
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 14ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4327699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29363
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFNn1D1caK3%2FFR3k3ZbaTdMl3mKjaSwmb9KV01Gk6ygt3YX5hyOq0gdZUxhPdxYZTuQVwetAJq%2BEru%2Fm9iP2Vi6jyRJdymYl8HQu3N1TrcIF2u%2BcJ7yVvAH%2FJsM%2B8I9fNJbuBnQb7o3zUl7cVeJ5sqkz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b248c58fe8-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3197
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 31 Jan 2024 01:48:09 GMT

GET
H3 200 lazysizes-umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/ 7 KB
3 KB 13ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/lazysizes-umd.min.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4158605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2847
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1aa5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bR%2FKSu37b%2FPYNP9iwJdEIAThahsRKM0MIDkzJJSfqCWbS6OQu7da3lfJfuJVEL32duvBcKMP3PRscm2iLZilZVc4O3SPoFGYeR4JZv75JqhL4YuykXCFfuc3z8fkwOwiwVS58f%2BtGYZ1qx5PaVsUh2U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b278de8fe8-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

GET
H3 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 966906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fl5%2B3DH99PR%2Bp4AZBOTUZY4xe9vc1o1NO72RFHNro57rsLUYv6CXmSo8rSfYsGXhhSprpndIkFuM4Sc9MjoMps%2FOVQvFpOyVUABPuHMc9JdLpu2zwIngb7S7IP9Dg6ueOdxqFVDix9eaXK52U8FxXerU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b278df8fe8-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

GET
H2 200 sidearm.showcaseplayerembed.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 927 B
861 B 238ms
237ms Script
application/javascript 18.173.154.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/sidearm.showcaseplayerembed.min.js?bust=638396439353986773
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-32.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: gzip
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-version-id: 0Xdf3vz0Gb9nfHFZTni0S4qUG5cVpsyc
last-modified: Fri, 19 Jul 2019 14:48:11 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "888c63df665817774a9931f08fcde5ef"
vary: Origin
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 465
x-amz-cf-id: irbHuKeSCblZZ8j1plMimtGBAuLanW411gIIw1GOOt0h_gaXxv3jmQ==

GET
H3 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
3 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 428909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2101
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nIclDrqAqcMeowP7k5CE7hbfsQdqdGgh6EJpHwaTQdQ58hsrQsVBH4XF2WxcsiKjHX4J2aUh1kK3frD6vv%2FvFGqlc3iRl2EW7FlAjiefX8RyAzsu7GS4wv47QECG1TfPbF6NOs9oZLVnQ5eMQjR71DX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b278e08fe8-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

GET
H3 200 jQuery.headroom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/ 547 B
884 B 14ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/jQuery.headroom.min.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c602b6dc9a9a0796f3301b161df700920336416bef6c5f01e6f3fbfa02f2b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5346305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 279
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErCoyw5t5G2PtnfUwtUw8hU68g4BvWgh4F6MTErHAVx2D8d3MKAeNxK6qShKufNtOPyPule9nf1NCl%2F8tb6owo8Qi7C7Fc5uYEYVq7c8byEHXyruoEjBoRCy24kFTH6YOenDS%2BZEA22OP5q2eygCJd2t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dde8b278e28fe8-FRA
expires: Mon, 20 Jan 2025 00:41:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 17ms
16ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1096261231&t=pageview&_s=1&dl=https%3A%2F%2Fbenuredhawks.com%2F&ul=en-us&de=UTF-8&dt=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1907527379&gjid=644989997&cid=2063913798.1706661686&tid=UA-195106495-5&_gid=1429229501.1706661686&_r=1&_slc=1&gtm=45He41t0n81TW6R675&cd1=2024-01-31T01%3A41%3A26%2B01%3A00&cd20=Benedictine%20University%20at%20Mesa&cd21=NAIA&cd22=California%20Pacific%20Athletic%20Conference&cd23=2334&cd24=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&cd25=home&cd26=0&cd28=0&cd29=0&cd35=0&cd37=0&cd49=UA-195106495-5&cd50=benmesa&cd53=frontpage&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cd5=2063913798.1706661686&z=17904787

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benuredhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 16ms
16ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1096261231&t=pageview&_s=1&dl=https%3A%2F%2Fbenuredhawks.com%2F&ul=en-us&de=UTF-8&dt=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1096400465&gjid=992206659&cid=2063913798.1706661686&tid=UA-180696617-1&_gid=1429229501.1706661686&_r=1&_slc=1&gtm=45He41t0n81K3TH4CCv833217870&cd1=2024-01-31T01%3A41%3A26%2B01%3A00&cd20=Benedictine%20University%20at%20Mesa&cd21=NAIA&cd22=California%20Pacific%20Athletic%20Conference&cd23=2334&cd24=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&cd25=home&cd26=0&cd28=0&cd29=0&cd35=0&cd37=0&cd49=UA-195106495-5&cd50=benmesa&cd53=frontpage&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cd5=2063913798.1706661686&cd56=SIDEARM&z=2060163008

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benuredhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 60ms
17ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-180696617-1&cid=2063913798.1706661686&jid=1096400465&gjid=992206659&_gid=1429229501.1706661686&_u=YADAAEABAAAAACAEK~&z=999005315

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benuredhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 66ms
19ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180696617-1&cid=2063913798.1706661686&jid=1096400465&_u=YADAAEABAAAAACAEK~&z=1995280108

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180696617-1&cid=2063913798.1706661686&jid=1096400465&_u=YADAAEABAAAAACAEK~&z=1995280108

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ Frame 35BC 42 B
259 B 126ms
125ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&content_id=null&sect=frontpage&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686095&user_id=e0069d6f-1782-4ccd-9d56-ca66204cfb08&session_id=68b4cf92-becc-4089-af17-fc0b77022c0e&pv_id=&traits=&count=benuredhawks_com.pageview%7Call.pageview&_=1706661686534
Requested by: Host: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.pageview%7Call.pageview&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686095
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.pageview%7Call.pageview&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
x-invalid-metric: benuredhawks_com.pageview, all.pageview
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: 68b4cf92-becc-4089-af17-fc0b77022c0e
content-length: 42
x-user-id: e0069d6f-1782-4ccd-9d56-ca66204cfb08
expires: -1

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ Frame A912 42 B
111 B 126ms
125ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&content_id=null&sect=frontpage&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686104&user_id=e0069d6f-1782-4ccd-9d56-ca66204cfb08&session_id=68b4cf92-becc-4089-af17-fc0b77022c0e&pv_id=&traits=&count=benuredhawks_com.active%7Call.active&_=1706661686538
Requested by: Host: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.active%7Call.active&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686104
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=benmesa&cbs_site_code=&content_id=null&sect=frontpage&sid=68b4cf92-becc-4089-af17-fc0b77022c0e&uid=e0069d6f-1782-4ccd-9d56-ca66204cfb08&count=benuredhawks_com.active%7Call.active&events=&traits=&r=benuredhawks.com&server_name=1063029-APP75&path_and_query=%2F&_=1706661686104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:26 GMT
x-invalid-metric: benuredhawks_com.active, all.active
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: 68b4cf92-becc-4089-af17-fc0b77022c0e
content-length: 42
x-user-id: e0069d6f-1782-4ccd-9d56-ca66204cfb08
expires: -1

GET
H2 200 adaptive_components.ashx Show response
benuredhawks.com/services/ 2 KB
639 B 127ms
127ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=header-social-80f487

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9401f74cd127dc713e19bd045e7197559defbb88b6fd1800244ba478be3da0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 532
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
benuredhawks.com/services/ 901 B
377 B 127ms
127ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=sidearm-dfp-1

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

79d2e140dc637915bd7f383df56a527522ddaa4cde060bcfe9d7ddccf1e95021

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 334
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
benuredhawks.com/services/ 1 KB
603 B 127ms
127ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=promo-slider-under-stories-ede8be

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

bdfe708dce9d1cf33fb6de825086e51a22e1779bf0ff5aadcec1d46d3eab217d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 560
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
benuredhawks.com/services/ 919 B
397 B 127ms
126ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=sidearm-dfp-2

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

947e6358cb5cea6a8b04aa2194a651e81b6fd4f2ccaae44b6e1abda44e67aaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 354
x-xss-protection: 1; mode=block

GET
H2 200 sidearm_font_v2.woff2
fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/ 39 KB
40 KB 62ms
32ms Font
application/octet-stream 2600:9000:225b:5800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/sidearm_font_v2.woff2?43241630
Requested by: Host: fonts.sidearmsports.com
URL: https://fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/sidearm_font_v2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:5800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e25c749372929780f21d96f20259212517f3446ba6d522122c49092aa748fb1

Request headers

Referer: https://fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/sidearm_font_v2.css
Origin: https://benuredhawks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 23:59:31 GMT
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 2516
x-amz-meta-cb-modifiedtime: Wed, 18 Oct 2023 20:53:54 GMT
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40128
last-modified: Tue, 24 Oct 2023 17:51:02 GMT
server: AmazonS3
etag: "84585ee4bdafc9ea21f6b607a0c20884"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: o8n8n4NKqI2Qyhbk5DVWrNHy67GlnsVQdyoczNk2oMBmPXAyeL8SWw==

GET
H2 200 livestats.ashx Show response
benuredhawks.com/services/ 12 B
66 B 127ms
126ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/livestats.ashx

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:25 GMT
etag: F24602A3
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 16
x-xss-protection: 1; mode=block

GET
H2 200 sportnames.ashx Show response
benuredhawks.com/services/ 8 KB
996 B 127ms
126ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/sportnames.ashx

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a702cce055e0a624c899ebdd1dac27516aa46e7fce36283ecf939f203c3b2bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 953
x-xss-protection: 1; mode=block

GET
H2 200 sportnames.ashx Show response
benuredhawks.com/services/ 8 KB
1015 B 127ms
127ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/sportnames.ashx

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a702cce055e0a624c899ebdd1dac27516aa46e7fce36283ecf939f203c3b2bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 953
x-xss-protection: 1; mode=block

GET
H2 200 sportnames.ashx Show response
benuredhawks.com/services/ 8 KB
992 B 126ms
126ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/sportnames.ashx

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a702cce055e0a624c899ebdd1dac27516aa46e7fce36283ecf939f203c3b2bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 953
x-xss-protection: 1; mode=block

GET
H2 200 423471634_759816309390582_6284181385389983975_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/ 202 KB
202 KB 420ms
133ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/423471634_759816309390582_6284181385389983975_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=18de74&_nc_ohc=ED9OU0iYHukAX96PzaD&_nc_ht=scontent-dfw5-2.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfBlix1X69yWTHHugZI93IrKsb00vu371bl2hGfObMr59g&oe=65BF3CEC
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b9cb4cbee988579c15e25d156aa8ede468f382522881da40994c684f37b7a1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 30 Jan 2024 15:27:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4288259736
thrift_fmhk: GBD6MGR98qgdY//CK+qOO/lPFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4288259736
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 206840

GET
H2 200 422802050_1049161106162945_6785888596400303134_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/ 207 KB
207 KB 420ms
134ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/422802050_1049161106162945_6785888596400303134_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=W64wSOg8lbIAX8sYktf&_nc_ht=scontent-dfw5-2.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfA_9Hy-MzDVVHlt_Uis6yZLzL4_32y86OOEXMxCejcCag&oe=65BD90A2
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c0c9d36daecb13c492421fe898ddb96e1e7a463af9244de5fa2d265ef6fb9339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 28 Jan 2024 04:01:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3642461834
thrift_fmhk: GBBpAhbQ6ZYgOvsu8SzZ4pi7Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3642461834
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 211827

GET
H2 200 422619698_265871613193491_254068262330522873_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/ 533 KB
533 KB 419ms
133ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/422619698_265871613193491_254068262330522873_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=oE4Qba-yyV0AX9zTKdp&_nc_ht=scontent-dfw5-2.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCG28jt8dyq0ktFYisT1MJSh3LlBeYAG54VbuNP_VP7VA&oe=65BE5CED
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ee19be6670c509e02005b5ac7b0d895eaa5f26276c8b224f6376c33764db72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 28 Jan 2024 03:13:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3666552262
thrift_fmhk: GBBInRbA+cdNsqvJkRJ+qM1HFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3666552262
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 545656

GET
H2 200 423211719_1072369580547109_7683322919920336714_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/ 270 KB
271 KB 420ms
134ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.29350-15/423211719_1072369580547109_7683322919920336714_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=18de74&_nc_ohc=GY0dmdQcAuwAX_YFFS7&_nc_ht=scontent-dfw5-2.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfAsechm9Wu8jt93Frnw4SatsPuAR5zYceYWjsB0j3Pf_A&oe=65BE4A7B
Requested by: Host: benuredhawks.com
URL: https://benuredhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 563d7dc30af548669450340faf6a97f534cad505c2dc1755aeb019ea3d4f2f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 28 Jan 2024 02:39:15 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3557390747
thrift_fmhk: GBDTKFRwp5gVziIap140vD2YFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3557390747
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 276982

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/27/Untitled_design-3.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-3.png&height=1080&wi...

2 MB
2 MB

22ms
22ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-3.png&height=1080&width=1920&type=png&gravity=centre

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

572852a48e9e6943b844539bcceaae144b13ac0c8b07269c2afb6c85e5c09169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 07:21:39 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 235188
x-cache: Hit from cloudfront
content-length: 1957794
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: F_NkBRYQh3gkYxhu89NfJz9HY65vIscjcV3q_tUtK6n4OY6BkpLsaQ==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-3.png&height=1080&width=1920&type=png&gravity=centre
content-length: 362
x-xss-protection: 1; mode=block

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/21/Untitled_design.png?width=540&height=304&mode=crop&scale=both&format=jpg&quality=80
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f21%2fUntitled_design.png&height=304&width...

200 KB
201 KB

55ms
55ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f21%2fUntitled_design.png&height=304&width=540&type=png&gravity=smart

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

b434966f6747dcdaa3b452c4b034b779832377bed4a2220eebc0f24fd0f821b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 07:13:57 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 235650
x-cache: Hit from cloudfront
content-length: 204639
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 3Cchy8ONE9v6O2RkLXIKpMV1sNIDhbOajwkxt5LAe2RJQ3M9AWWvsA==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f21%2fUntitled_design.png&height=304&width=540&type=png&gravity=smart
content-length: 357
x-xss-protection: 1; mode=block

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/logos/Gilbert_AZ.png?width=42
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fGilbert_AZ.png&width=42&type=png

3 KB
4 KB

40ms
39ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fGilbert_AZ.png&width=42&type=png

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

55aa125ae189f4e809f9075ca2646510560ffee5bfd97db2308501cb17efe4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 19:21:35 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 364792
x-cache: Hit from cloudfront
content-length: 3432
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: yINTpdLPtg8fSugzZHH8xkaNYNycfGq7oRnp-Owg2Ui1xvmzGZT09Q==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fGilbert_AZ.png&width=42&type=png
content-length: 312
x-xss-protection: 1; mode=block

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/logos/STU%20Gameday.png?width=42
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSTU%2520Gameday.png&width=42&type=png

4 KB
4 KB

39ms
38ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSTU%2520Gameday.png&width=42&type=png

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

7206c69616e018803e154f99b42fec06040cccacdcbb62851eafa824b6980122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 16:17:44 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 375823
x-cache: Hit from cloudfront
content-length: 3775
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 1CiuPYBDNNH6UDERiipeWRissh8iiMTAS9-lvRDrU_fQNFiB_ZGN1A==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSTU%2520Gameday.png&width=42&type=png
content-length: 317
x-xss-protection: 1; mode=block

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/logos/Antelope-Valley-Pioneers.png?width=42
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fAntelope-Valley-Pioneers.png&width=42&type...

4 KB
4 KB

45ms
45ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fAntelope-Valley-Pioneers.png&width=42&type=png

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

83b7dfe20f25c16176291d2012035d1989606fa6ec22b0924fe355a5e6a8b668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 16:17:45 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 375822
x-cache: Hit from cloudfront
content-length: 3877
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: pPu-RSMLpvb1aITnbn3hoguwIp8kCpM2sny5w3DHMewEcMHyqY4NwA==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fAntelope-Valley-Pioneers.png&width=42&type=png
content-length: 326
x-xss-protection: 1; mode=block

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/logos/Southeastern-University-in-Florida.png?width=42
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSoutheastern-University-in-Florida.png&wid...

3 KB
3 KB

24ms
24ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

3c3cd1b77209cd37befb59e821aee90c9880c142edd310772578ade9b1c57922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 22:42:40 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 1475927
x-cache: Hit from cloudfront
content-length: 2756
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: e6NHietueSeJ2OAMnbDHHynW4V8p6AWJCzuZhwx2WDZyf3mYIggPhg==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fSoutheastern-University-in-Florida.png&width=42&type=png
content-length: 336
x-xss-protection: 1; mode=block

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/logos/bushnell.png?width=42
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fbushnell.png&width=42&type=png

3 KB
4 KB

41ms
40ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fbushnell.png&width=42&type=png

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

e9de569ff2320d66bb18d05de2c67c6fb9191f928cfed2f78b928c3ceaead870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:40:51 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 511236
x-cache: Hit from cloudfront
content-length: 3450
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: IsZcLJEhLBHmNgcALe6KBc3gJ5aslYg3dtv1xtbLuEX09YW2l32-lQ==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2flogos%2fbushnell.png&width=42&type=png
content-length: 310
x-xss-protection: 1; mode=block

GET
H2 200 evergreen.js Show response
benuredhawks.com/components/js/components/ 11 KB
3 KB 127ms
125ms Script
application/javascript 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/components/js/components/evergreen.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7e69d105cb0e7119238aeafae1416ea52065a799c507adc9ae953b2463a30812

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Jan 2024 10:30:23 GMT
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:26 GMT
etag: "8049c8546753da1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 2990
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
benuredhawks.com/services/ 9 KB
2 KB 127ms
127ms XHR
application/json 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/services/adaptive_components.ashx?type=content-stream&start=0&count=4&sport_id=0&name=all&extra=%7B%7D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

fda054e85d4e006fc732fac25ec91210c593642b66e22c0a2292e7f44665c435

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 1636
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 72ms
47ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aedb4e52310d3b06a3dfef9165d7aa67aca638e02f0755bafaac96a43f33c964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29440
x-xss-protection: 0
server: cafe
etag: 592 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:41:27 GMT

GET
H2 200 cbs-surround.js Show response
benuredhawks.com/common/ts/dist/ 9 KB
2 KB 125ms
125ms Script
application/javascript 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/common/ts/dist/cbs-surround.js?bust=638396439353986773

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9f5d7bce0a86cc04ccb01c003d85143585236f8ebf761ea74a4b986a039eaf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Jan 2024 10:30:23 GMT
server: Microsoft-IIS/10.0
date: Wed, 31 Jan 2024 00:41:26 GMT
etag: "8049c8546753da1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 2289
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK header-bidding-wrapper.bundle.js Show response
sidearm-syndication.s3.amazonaws.com/prod/ 4 KB
2 KB 339ms
112ms Script
application/javascript 54.231.170.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sidearm-syndication.s3.amazonaws.com/prod/header-bidding-wrapper.bundle.js?bust=638396439353986773
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.170.9 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00c3154f069d899f00bf44b191222e979d09d0620850336181f9c48b30bf3440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 00:41:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 14:56:12 GMT
Server: AmazonS3
x-amz-request-id: Q8HTC3SF9GYTP8MV
ETag: "dd4cb39376d9c0687d8a66de6ca90ded"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1815
x-amz-id-2: 2DPbtRXo1UibBj2CvrfYBITemSUwyumm2pJZ0Ey5qXu58orG8osPuhyKxOlJgTO4B+BUDMDAbFg=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 436 KB
136 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 14:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37742
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139565
x-xss-protection: 0
server: cafe
etag: 12534472742743793976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 29 Jan 2025 14:12:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
86 B 67ms
41ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=benuredhawks.com

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867b1b25fb47d28d49d6fd9d14b529c63342eb83beac0f2f562af728be786676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Wed, 31 Jan 2024 00:41:27 GMT

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/19/dirtybirdz.png?width=540&height=304&mode=crop&scale=both&format=jpg&quality=80
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f19%2fdirtybirdz.png&height=304&width=540&...

297 KB
297 KB

41ms
40ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f19%2fdirtybirdz.png&height=304&width=540&type=png&gravity=smart

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

75bac12fe7187d68cad89bc6b1b5e97beda73815f2a7ad6b9b4133eaea623442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:55:43 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 240344
x-cache: Hit from cloudfront
content-length: 303708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: KMirhfTuOhu3_hj36WBuFLHM_a-ZjBDSOpybWgGMJcG1iuh9clfsEQ==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f19%2fdirtybirdz.png&height=304&width=540&type=png&gravity=smart
content-length: 352
x-xss-protection: 1; mode=block

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/18/Untitled_design.png?width=540&height=304&mode=crop&scale=both&format=jpg&quality=80
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f18%2fUntitled_design.png&height=304&width...

266 KB
267 KB

24ms
24ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f18%2fUntitled_design.png&height=304&width=540&type=png&gravity=smart

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

dcb5353581b6cf517d722cfb0840473f184597e6e10e4913c0fe1d54e70fa0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:18:40 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 242566
x-cache: Hit from cloudfront
content-length: 272450
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: ac1JgGlGV-FBsHSg0r9sJQH3Ey15qirpUw4fgVjc9HdUWAktY_XD-A==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f18%2fUntitled_design.png&height=304&width=540&type=png&gravity=smart
content-length: 357
x-xss-protection: 1; mode=block

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be04cd730f3e44dc45853dfd436f7333404a255dbb779c664f779c6aedfc7a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29445
x-xss-protection: 0
server: cafe
etag: 295 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:41:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
44 KB 431ms
431ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4390989755428161&correlator=754652398572832&eid=31079956%2C31079958%2C31079527%2C31080116&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&iu_parts=21708449227&enc_prev_ius=%2F0%2F&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661687422&lmt=1706660735&adxs=201&adys=833&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbenuredhawks.com%2F&vis=1&psz=970x90&msz=728x-1&fws=512&ohw=0&ga_vid=2063913798.1706661686&ga_sid=1706661687&ga_hid=1096261231&ga_fc=true&dlt=1706661685411&idt=1779&prev_scp=pos%3Dtop&cust_params=env%3Dprod%26firstpg%3D0%26ptype%3Dhome%26session%3Db%26subses%3D2%26sport%3D0%26vguid%3D6c3380b4-e5a2-4b5d-a9ad-bf3749749135%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dbenmesa%26cbs_site_code%3D%26sect%3Dfrontpage&adks=4273403911&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbfa614f0aca78401f767da068fc0f27d7d7c69b95d48f3d54a9b0058602614d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45331
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 162B 6 KB
3 KB 79ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 00:41:27 GMT
expires: Thu, 30 Jan 2025 00:41:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
45 KB 434ms
434ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4390989755428161&correlator=3961330471981054&eid=31079956%2C31079958%2C31079527%2C31080116&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&iu_parts=21708449227&enc_prev_ius=%2F0%2F&prev_iu_szs=970x66%7C970x90%7C728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661687438&lmt=1706660735&adxs=315&adys=3081&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbenuredhawks.com%2F&vis=1&psz=1600x0&msz=970x0&fws=0&ohw=0&ga_vid=2063913798.1706661686&ga_sid=1706661687&ga_hid=1096261231&ga_fc=true&dlt=1706661685411&idt=1779&prev_scp=pos%3Dbottom&cust_params=env%3Dprod%26firstpg%3D0%26ptype%3Dhome%26session%3Db%26subses%3D2%26sport%3D0%26vguid%3D6c3380b4-e5a2-4b5d-a9ad-bf3749749135%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dbenmesa%26cbs_site_code%3D%26sect%3Dfrontpage&adks=215969446&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd073d84ed76956a05493dc2eebaa375535cfafa3b79c00576c475104cfb3a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45671
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10A9 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 00:41:27 GMT
expires: Thu, 30 Jan 2025 00:41:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8202 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 00:41:27 GMT
expires: Thu, 30 Jan 2025 00:41:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 030C 624 B
507 B 71ms
47ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNUVUPvUdH7nBNlHGgpS8_vgv2LrQ3kwf5GP6e1wM5RyK0a5uxPy3ljw4CuMVb5Pw-3KrXby2DXvqSQL1heqeOqpEfFoYHTYRTVTalvc9USrwYCWM-Vb_VxHs1vw7lfYvBqGqjFabSLHyOhyN-2BRCkR3B4IM44rbEEh6GX7XIX8ZEn4ITY

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 00:41:27 GMT
expires: Wed, 31 Jan 2024 00:41:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 10A9 111 KB
39 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Origin: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 18:55:44 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 10A9 8 KB
4 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 16:24:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 10A9 23 KB
9 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 10:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 10:23:48 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 10A9 41 KB
14 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 10A9 3 KB
1 KB 35ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 19:12:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 10A9 20 KB
9 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 23:41:57 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10A9 42 B
173 B 59ms
39ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgkRBAdx4rP4xWYEoDCFdLBE3cbvk7oQNVVHMNtUGZIKmcOc2EnYTu-GNq7dq0brZqFpf1urpMAAO7o9Au15RSHXR-rfE6EUZxbNFUAN6cYblfboI

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10A9 205 KB
65 KB 71ms
47ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706532320618808"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:41:27 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 06B8 624 B
826 B 60ms
44ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNVQkg0BsjLFXNO6jezMm5-RHha2SLkoiN9-4KifbDp6dmZ2nwjVVNpJEOG7VstDxeKVOKmS98ALONPwEuDW9pQBeN8PXjvH5hgqfOSJtBE94n_OILnzV3mmCW0j373JFzsl_nt5__Vab_yaIiSrGYpNINwTOhpruqJ_dd8gKbRiSgTtqM0

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 00:41:27 GMT
expires: Wed, 31 Jan 2024 00:41:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8202 111 KB
39 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Origin: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 18:55:44 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 8202 8 KB
3 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 16:24:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8202 23 KB
9 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 10:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 10:23:48 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8202 41 KB
14 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8202 3 KB
1 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 19:12:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8202 20 KB
8 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 23:41:57 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8202 42 B
107 B 53ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLSR5-BaX1NANEk8WgrNH6M8gIEufqF2JgChr78n3ivkvBmY80KtLoKQfWKJb0kjYt-oslUh4O_BoFdVfNVt6opDf2NF6NZ-hcS60Z6ysUYb7HsMc

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8202 205 KB
65 KB 125ms
109ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
URL: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706532320618808"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:41:28 GMT

GET
DATA 200
OK truncated
/ Frame 10A9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef2f08165b0e2a50f8f61677d2966ba3431d37b648fd20b00357ee010fa141b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BDBF 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:08:18 GMT
expires: Wed, 29 Jan 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7618722404499858222/ Frame 96A7 101 KB
22 KB 28ms
11ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b93ec179a269de5b18e8abe2d1ad542e276c37821a117792f2f5318bdf6d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21053
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22138
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 18:50:35 GMT
expires: Wed, 29 Jan 2025 18:50:35 GMT
last-modified: Tue, 23 Jan 2024 11:32:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 10A9 0
0 90ms
50ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss7dBMiXtmysZB9TFCTt_XZtRN3wlwy6YZz1nQIH7pkVACJxidjZEh614z1ET0EyE4b8SnJbThx24eF6CvQf3sbs2UWxrswEndEJu71cEYD7JwG7THDMXQr-q-RqZ7ULQiSJBqrhJ3xRGI2xAfaPhV8XkDhxw0WJIYSoxflgBYaMObQ-7eFwNECRJh9trFVOBULPDzPr3AyM8oankzshK3gNlnYU0hesGeQqGoutxnnAXYwO1Xr6BSYZkbDiz5-3nnOUpYDhUaKBTkJfsslpN6mZ3HHHudbaYfzJRgo5sNmGdjcyUfiAWv3ds96d--jjw5kctM0Pneo9jkU-qzv8SrKxMtZQe2__4_Y9tlhyWclLuu_a2iz7LYEmsOAelg1yuiiA0fbWbywznC-Xq0mW0QTQolzilbSHAtda-tZLscCGlR6mdm3eknv5gz3kNnjbPXEZaVYr2-ad_QpPZph-OF1WoEEDy024AaayL0a55lVnt0PRZqOmSPQPiRoMiMazH6yW-ehESwNxaCTd5e1IF6RvJFXEh7q47k00PB2LFHUBWsZPGKBYVNUkpo7AnZoJBLlU6kOVOPxE3-uYfXFGMzF7NN9EtnJmp-yfbU3Y0S47toC0qthXSVukkgfZXhSmcfDsmObs2TYV6Smp5hDpxWlGcAAdx0Ebb7nTIGvAHjGcL_ry46RjJ9H3s-OUhWb3vrEoFzjqpQ0Hdmx0-L0ajhYaYoyLZrZgxXU1q7crCVV_wthd_W80HPjcSclSIEmb3fHKgotmnHnPXAhauLzuMLFF6XiwfxGcxAhKUf-wnEocV68jYED57hvFFMlH5xLyy5WyGBB_btk8uKKED3xO8NuOJY60vfL6ugNmc6vKYppIndmVcEubHKTTW_fSC-Gamfb0TDmQmZWF9LABSKjFrY8P3L5RHRkch_YBVZ5RgzLI0b34GdRgmMmgJcvsjzURe6i-8oOVqN7tvZ74ycpsTpozcIDs-BAWd3SBWPRXpe2j6W-KgX863okXaRsSQsqyVP1_MtIgShuXqcFLJoDbtOXHycVW7XKYoDuS_o1M7CkoInfJYjeZ9Q4QQUmajWneDKPJ6vf1g-mBSYaM08pEK_juFdQGFVsJWslZXUNbiSRvIUbqNnqOOy7vlPghiBuQkK-XjZ3jjwZlv0fbfivL3_mSi4RFJ_yIUErCN_iRi1NxtbeLVwZQdjo5Ld7GNT5pIRsm1O8EDX7SPLTbUuVV04puhC0Z67hbBwlFp0dhUKPIVncA8XnxTPs43a-bTVpulbClsqh0C9N2XOeH4TUWcyz-V5icyOAimzoR9iF_YDAk528VYbcbyHTVm_CJOTK44V1-sfeEXPVZgpw4MvqWnSZ6VSgZckRE_5mS4mbaWic-Aet6CVuPBF71fuqnsuUgxLkkfAmu-0DNprbHZd8NPVvJO10B1zwZRT0bJjqUVmukuHIGk8iMIH4wVgG_zAyjI9Nkj6cKVpXHUzDIBIkTxF0zHI&sai=AMfl-YRgs6CaPkMlKxVnKFccemTY_WlCT6sGOG6M3elqQZT4tu0Lq2ZZhW6ZIwi-cWVe1njPoKHBmIGMNZcu8OfzJYf0jGJt8W025usyYSG4zsuB3QSjSnnh28Xvb_DtN-9q6wF1Ws68D7bA34Jr9SUbpzwjUcdlDl8TtgVKarrMbj5ji-I7PbBnXYzPyRNZZaL6aWJwLcAn9TpGbWxBaJ-tqjOR3ku7BJm7D_l9dbS0ruBvWO_8uIaTWcfsDXXddUgpfpuzbhkZU6GyZO91acShbvf85bMCjehoU2i8H7raDGQD19eCWKnHKfDE-nl58BGQfVI9qi2w4SgWuZItucS6IOzvmKhTMjjQ_4vvaYzZQZYHLIvyUdLB-Yvi2K1sR506DqEFz23ULHv3cAmHbVLEez1O0_h6g--p9ZlTe8TeSTlrAobHYQsqy9KSxooyaTx2pfXnLR-oX0Lc9Za04hIfUimHc-nl9UcjMfxfk7AqOgvLC4n6AmQ49vvSTsREYKc0jq_seA0p2To&sig=Cg0ArKJSzNB9P_vtKo3LEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=54&cbvp=1&cstd=52&cisv=r20240122.27825&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:41:28 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A12A 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:08:18 GMT
expires: Wed, 29 Jan 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7618722404499858222/ Frame BC76 101 KB
22 KB 20ms
8ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b93ec179a269de5b18e8abe2d1ad542e276c37821a117792f2f5318bdf6d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21053
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22138
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 18:50:35 GMT
expires: Wed, 29 Jan 2025 18:50:35 GMT
last-modified: Tue, 23 Jan 2024 11:32:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8202 0
0 86ms
51ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst6UrKulUBeEOgvEOXoXd-85-TvM88xJLRrvthzm7v_AS_DICesFuzcmj5kkYg1C1qSbNRAc4Qls7hs2Y8LgZKH3JM1vD-Kwl8ZX_uAPHizQmHqhq_-x5uresd2Q-XmJeIUUH95FX08SLQ42A0jGFmy0nl8NXOhNupiowOnzKmJoEAtBubNsNFdFovShmiFNvr39GKimKI87N_4hHaK4xReooj_vZzhsWW2_KxMNQaWfCJLpo0JqQ7ny3hy0A5hBD0BCjrNVUo5l4lp9EZ8oYFGucpSkvhkFtgacewAge4JZ08RJyou6NqsiiIN70M9DiPabBjZHeCUwXAbTuLX-9gGTrZNGujDzGxaOHnZNqsixUGlL6ZirIlL3cGoEGGRs6W1_EB9poszLwXvAs3kGq3IkxWSQAtbqYglIPoCkTZ1WTV8QqqclEk-LLBIGYR83kzntCte8UuwsHakdZlWG3YomBHLO_DaRvfFldOIJsm8YWpFPOC5brtTXuog66GmHEu0VrxyZXIilpy5B-0FqeQhMGQMoIaBYZz7fCY82yBjiB_qBGUHHTIgbhBXWIRNt3aeOMccZHW5yjmrpH2xu0u5UsR9rwDlEeovjiMLL02FkqzByo7UkR2iD2CEMBvAMDNLZUTtNlT8KFgeSPDtU9Z70Cu1Qvv5YWNErH7ikXKmKUXxeASCm2FEWMPva5AqUgnkQ7OkYlSoLbFslXipgBIW4Xo3lJk683Ap-L03-MElasecSZiWlt2LePG2SRYjtYnbNqsSOVc891ItdtcqHyoR25EzhPHmQz1KuLA9uEYM9fXZZgwWUnfq7mY_paHaY73yJglvWqv_ubjXQbHqDX7eC05GdZx5INB8MEGdM1fcAWGi6pNN7KLn5EMjCH8onZE_jxRTsoETIqXJg7G3ISdkMi2GJxdqJ70nn2kjUB4LH9VkYukByS3CaUVTVm57OLT9NEgyOGo-YPn384ezw29ERm46McTQH2hrreP5iyUHmyrs5DDiGu5UUzJv3AQOqadWkoqfEZJBAfDPnm-tUJoMI2-gDzYjf6gptCz4iu2vCXl6miV_w2mxPuiut3Q7Or5yLFTCf8o68nIVOzMslWubpbdjuugBNPP0CUQuJZrE59ZJkXmYdqh8aCU0awf4rqEzn-2p8Wu3TlouGrVtyTYRJE-ml4KLSG6PtX6XyWawmU09ISi5FOZE6WQRXunDVIEb14uOuE7lujHVCRfA9AkepRqHNkO4CmNbjVvG3haLDYglOyIn8_CZ-b4bQ1ETHo4MS6F-ioA5qii6qUtHSlvlsshO7NiPMxiRg7EV6WujLWkvlMFA6hqINVAmNl2DGT5bn5WeImY1U9vsppwoMynFOwD-IOTC8bzHI9K078tIfhSreIgvlZVZ4CHHBAyAb9illRv_6efOIGGckqQuhTJ08A4vRrqa_G4cM-iCVSBehx0eElH9reMviAVHBOIrVJ2LYJJmxuYTUcAEt-2wVNOZtvdlKg&sai=AMfl-YS7b9wtYBuo_M3qk1wrQ3vWo4vRfuEybizdn7vY2Q7hjQkEPh2Kk0yCbK6mjhdjCEgR3lMrSdrYo6kgHGJremdb6AEGjms2k6OgNcvy8X_6_l738R2T7I4x6WZYEi-Iy5O46l2qOahHQO47Fauc5Y96N7EOjLvul5CM50ErFdvUY7Hs6H41l1TRWqnAJKNulN6p6W3sz7C_Ocr8CQd0_ZfsJrtOMlbwK3LnIeFPQFF3YZSRXA52OVrvxXfVleVkX0q5DdMWxxRA4fUHu-Gk4-fqzpR2ZThL5VXbSBVkBs0kGK5vHZFamJWY6TNS4kA9GW8dwPsrD9ZZQUzXcz2IRAbccWZl6oQdrQkexhIPBoqmQkjLQa5kMYIZMRJ2rwqCSCfK-NUorZ8N8ta3XAFilR1a_2M-NCdA_6q3-NWNo1kofUcnK1XIN-7QPvC2zgKJMPp7iCa6IZOOO3-8-bxQ-EwDWz-OPjGcOrnp89bhVFKgc4ffUe7MEBiR67K2hTmJ&sig=Cg0ArKJSzDBEBwd_CPLfEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=51&cbvp=1&cstd=50&cisv=r20240122.52219&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:41:28 GMT

GET
DATA 200
OK truncated
/ Frame 8202 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73ff28f9c3721f64ff5101795d680193fb9e6067ff6f27f4c5aaf88de78008f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 06B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1

43 B
736 B

31ms
31ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNVQkg0BsjLFXNO6jezMm5-RHha2SLkoiN9-4KifbDp6dmZ2nwjVVNpJEOG7VstDxeKVOKmS98ALONPwEuDW9pQBeN8PXjvH5hgqfOSJtBE94n_OILnzV3mmCW0j373JFzsl_nt5__Vab_yaIiSrGYpNINwTOhpruqJ_dd8gKbRiSgTtqM0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T37t0Yei7IUs6%2F0fMXL8lep93LTj8iCURnH0frxQ5GhSRwXq7yqW03bIRO2T5dBrOsg05fa8yu9%2BA8w1HdnWbOIuXQntPkCQzinl%2BYKOmr%2FFPv%2FnxcyQG5zdjd%2BO0xClfW7w30p%2BsN6f5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dde8be98844d7c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 06B8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmXOImh1Bhy5Ec3ogS0lAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1

43 B
726 B

25ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNVQkg0BsjLFXNO6jezMm5-RHha2SLkoiN9-4KifbDp6dmZ2nwjVVNpJEOG7VstDxeKVOKmS98ALONPwEuDW9pQBeN8PXjvH5hgqfOSJtBE94n_OILnzV3mmCW0j373JFzsl_nt5__Vab_yaIiSrGYpNINwTOhpruqJ_dd8gKbRiSgTtqM0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwkDDNyOfFNX8IeAU1sYhTN3qMFWzeIUJksQLXqK252f3MtY2QVu9Efo0ibR947W3FjRrE01kLDcfvEmLo4OIQPYlTuDn5jGqXc9iaOz2tixO7yY0yhdnMgaKcItsJNUYbcMP2lHfil0JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dde8bec8a74d7c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 06B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1

43 B
1 KB

9ms
9ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNVQkg0BsjLFXNO6jezMm5-RHha2SLkoiN9-4KifbDp6dmZ2nwjVVNpJEOG7VstDxeKVOKmS98ALONPwEuDW9pQBeN8PXjvH5hgqfOSJtBE94n_OILnzV3mmCW0j373JFzsl_nt5__Vab_yaIiSrGYpNINwTOhpruqJ_dd8gKbRiSgTtqM0

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
an-x-request-uuid: 1662cfb6-2ebf-4655-8dce-e4eec5bda159
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.138; 178.162.209.138; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 06B8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D

170 B
243 B

19ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
an-x-request-uuid: c043b613-3c83-4fac-a96b-60453416dacf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D
x-proxy-origin: 178.162.209.138; 178.162.209.138; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1

43 B
766 B

20ms
20ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNUVUPvUdH7nBNlHGgpS8_vgv2LrQ3kwf5GP6e1wM5RyK0a5uxPy3ljw4CuMVb5Pw-3KrXby2DXvqSQL1heqeOqpEfFoYHTYRTVTalvc9USrwYCWM-Vb_VxHs1vw7lfYvBqGqjFabSLHyOhyN-2BRCkR3B4IM44rbEEh6GX7XIX8ZEn4ITY
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9bProdwbDLnjM6V8DmN3NabSnsXuFaUr17c3GpwokG9F9ZMefbz2IHWLnOL0k3HROsPgPWiPP22vbivltNVYpY17p72NvUD3O8r38R4ytXEVlMYhU8ok5M%2Fiy%2FJ9AEUqN7X5vRQaJDraQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dde8be98874d7c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArAVxtqGCODD9SPw7rnjZY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmXOImh1Bhy5Ec3ogS0lAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1

43 B
734 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNUVUPvUdH7nBNlHGgpS8_vgv2LrQ3kwf5GP6e1wM5RyK0a5uxPy3ljw4CuMVb5Pw-3KrXby2DXvqSQL1heqeOqpEfFoYHTYRTVTalvc9USrwYCWM-Vb_VxHs1vw7lfYvBqGqjFabSLHyOhyN-2BRCkR3B4IM44rbEEh6GX7XIX8ZEn4ITY
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FQuC8e5M0KqzdCwZDSoPQy7cs2%2FJEKZdfFAXG5m4znECUCfNHA%2Bo8CBc4FNirGGzW1r3zasTF75u%2FE9acoWEosEsuUInhAsuNTaXmiBDH5pW3GNbYROe%2F52QUIKzTXscr5ty%2FbqiWyo4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dde8bec8a64d7c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENz8-dCO9Lq4l8sUFRHtuEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 030C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgpKfhgIwAQ&v=APEucNUVUPvUdH7nBNlHGgpS8_vgv2LrQ3kwf5GP6e1wM5RyK0a5uxPy3ljw4CuMVb5Pw-3KrXby2DXvqSQL1heqeOqpEfFoYHTYRTVTalvc9USrwYCWM-Vb_VxHs1vw7lfYvBqGqjFabSLHyOhyN-2BRCkR3B4IM44rbEEh6GX7XIX8ZEn4ITY

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
an-x-request-uuid: 8df1acc6-9f0f-4337-af5b-3e7d18fa7831
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.138; 178.162.209.138; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBBVBhvtKbne8tQ1TlXoX5w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 030C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D

170 B
232 B

19ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
an-x-request-uuid: 8b9b5262-07f4-466a-a5fa-241af6d5d85b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExNzIwMjY4MzI0MDU3MzA3NA%3D%3D
x-proxy-origin: 178.162.209.138; 178.162.209.138; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BDBF 39 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 07:47:53 GMT

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame A12A 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 07:47:53 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 96A7 32 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 23:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 23:49:10 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame BC76 32 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 23:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 23:49:10 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 10A9 0
0 43ms
42ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss7dBMiXtmysZB9TFCTt_XZtRN3wlwy6YZz1nQIH7pkVACJxidjZEh614z1ET0EyE4b8SnJbThx24eF6CvQf3sbs2UWxrswEndEJu71cEYD7JwG7THDMXQr-q-RqZ7ULQiSJBqrhJ3xRGI2xAfaPhV8XkDhxw0WJIYSoxflgBYaMObQ-7eFwNECRJh9trFVOBULPDzPr3AyM8oankzshK3gNlnYU0hesGeQqGoutxnnAXYwO1Xr6BSYZkbDiz5-3nnOUpYDhUaKBTkJfsslpN6mZ3HHHudbaYfzJRgo5sNmGdjcyUfiAWv3ds96d--jjw5kctM0Pneo9jkU-qzv8SrKxMtZQe2__4_Y9tlhyWclLuu_a2iz7LYEmsOAelg1yuiiA0fbWbywznC-Xq0mW0QTQolzilbSHAtda-tZLscCGlR6mdm3eknv5gz3kNnjbPXEZaVYr2-ad_QpPZph-OF1WoEEDy024AaayL0a55lVnt0PRZqOmSPQPiRoMiMazH6yW-ehESwNxaCTd5e1IF6RvJFXEh7q47k00PB2LFHUBWsZPGKBYVNUkpo7AnZoJBLlU6kOVOPxE3-uYfXFGMzF7NN9EtnJmp-yfbU3Y0S47toC0qthXSVukkgfZXhSmcfDsmObs2TYV6Smp5hDpxWlGcAAdx0Ebb7nTIGvAHjGcL_ry46RjJ9H3s-OUhWb3vrEoFzjqpQ0Hdmx0-L0ajhYaYoyLZrZgxXU1q7crCVV_wthd_W80HPjcSclSIEmb3fHKgotmnHnPXAhauLzuMLFF6XiwfxGcxAhKUf-wnEocV68jYED57hvFFMlH5xLyy5WyGBB_btk8uKKED3xO8NuOJY60vfL6ugNmc6vKYppIndmVcEubHKTTW_fSC-Gamfb0TDmQmZWF9LABSKjFrY8P3L5RHRkch_YBVZ5RgzLI0b34GdRgmMmgJcvsjzURe6i-8oOVqN7tvZ74ycpsTpozcIDs-BAWd3SBWPRXpe2j6W-KgX863okXaRsSQsqyVP1_MtIgShuXqcFLJoDbtOXHycVW7XKYoDuS_o1M7CkoInfJYjeZ9Q4QQUmajWneDKPJ6vf1g-mBSYaM08pEK_juFdQGFVsJWslZXUNbiSRvIUbqNnqOOy7vlPghiBuQkK-XjZ3jjwZlv0fbfivL3_mSi4RFJ_yIUErCN_iRi1NxtbeLVwZQdjo5Ld7GNT5pIRsm1O8EDX7SPLTbUuVV04puhC0Z67hbBwlFp0dhUKPIVncA8XnxTPs43a-bTVpulbClsqh0C9N2XOeH4TUWcyz-V5icyOAimzoR9iF_YDAk528VYbcbyHTVm_CJOTK44V1-sfeEXPVZgpw4MvqWnSZ6VSgZckRE_5mS4mbaWic-Aet6CVuPBF71fuqnsuUgxLkkfAmu-0DNprbHZd8NPVvJO10B1zwZRT0bJjqUVmukuHIGk8iMIH4wVgG_zAyjI9Nkj6cKVpXHUzDIBIkTxF0zHI&sai=AMfl-YRgs6CaPkMlKxVnKFccemTY_WlCT6sGOG6M3elqQZT4tu0Lq2ZZhW6ZIwi-cWVe1njPoKHBmIGMNZcu8OfzJYf0jGJt8W025usyYSG4zsuB3QSjSnnh28Xvb_DtN-9q6wF1Ws68D7bA34Jr9SUbpzwjUcdlDl8TtgVKarrMbj5ji-I7PbBnXYzPyRNZZaL6aWJwLcAn9TpGbWxBaJ-tqjOR3ku7BJm7D_l9dbS0ruBvWO_8uIaTWcfsDXXddUgpfpuzbhkZU6GyZO91acShbvf85bMCjehoU2i8H7raDGQD19eCWKnHKfDE-nl58BGQfVI9qi2w4SgWuZItucS6IOzvmKhTMjjQ_4vvaYzZQZYHLIvyUdLB-Yvi2K1sR506DqEFz23ULHv3cAmHbVLEez1O0_h6g--p9ZlTe8TeSTlrAobHYQsqy9KSxooyaTx2pfXnLR-oX0Lc9Za04hIfUimHc-nl9UcjMfxfk7AqOgvLC4n6AmQ49vvSTsREYKc0jq_seA0p2To&sig=Cg0ArKJSzNB9P_vtKo3LEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=177&vt=11&dtpt=123&dett=3&cstd=52&cisv=r20240122.27825&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Jan 2024 00:41:28 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8202 0
0 44ms
44ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst6UrKulUBeEOgvEOXoXd-85-TvM88xJLRrvthzm7v_AS_DICesFuzcmj5kkYg1C1qSbNRAc4Qls7hs2Y8LgZKH3JM1vD-Kwl8ZX_uAPHizQmHqhq_-x5uresd2Q-XmJeIUUH95FX08SLQ42A0jGFmy0nl8NXOhNupiowOnzKmJoEAtBubNsNFdFovShmiFNvr39GKimKI87N_4hHaK4xReooj_vZzhsWW2_KxMNQaWfCJLpo0JqQ7ny3hy0A5hBD0BCjrNVUo5l4lp9EZ8oYFGucpSkvhkFtgacewAge4JZ08RJyou6NqsiiIN70M9DiPabBjZHeCUwXAbTuLX-9gGTrZNGujDzGxaOHnZNqsixUGlL6ZirIlL3cGoEGGRs6W1_EB9poszLwXvAs3kGq3IkxWSQAtbqYglIPoCkTZ1WTV8QqqclEk-LLBIGYR83kzntCte8UuwsHakdZlWG3YomBHLO_DaRvfFldOIJsm8YWpFPOC5brtTXuog66GmHEu0VrxyZXIilpy5B-0FqeQhMGQMoIaBYZz7fCY82yBjiB_qBGUHHTIgbhBXWIRNt3aeOMccZHW5yjmrpH2xu0u5UsR9rwDlEeovjiMLL02FkqzByo7UkR2iD2CEMBvAMDNLZUTtNlT8KFgeSPDtU9Z70Cu1Qvv5YWNErH7ikXKmKUXxeASCm2FEWMPva5AqUgnkQ7OkYlSoLbFslXipgBIW4Xo3lJk683Ap-L03-MElasecSZiWlt2LePG2SRYjtYnbNqsSOVc891ItdtcqHyoR25EzhPHmQz1KuLA9uEYM9fXZZgwWUnfq7mY_paHaY73yJglvWqv_ubjXQbHqDX7eC05GdZx5INB8MEGdM1fcAWGi6pNN7KLn5EMjCH8onZE_jxRTsoETIqXJg7G3ISdkMi2GJxdqJ70nn2kjUB4LH9VkYukByS3CaUVTVm57OLT9NEgyOGo-YPn384ezw29ERm46McTQH2hrreP5iyUHmyrs5DDiGu5UUzJv3AQOqadWkoqfEZJBAfDPnm-tUJoMI2-gDzYjf6gptCz4iu2vCXl6miV_w2mxPuiut3Q7Or5yLFTCf8o68nIVOzMslWubpbdjuugBNPP0CUQuJZrE59ZJkXmYdqh8aCU0awf4rqEzn-2p8Wu3TlouGrVtyTYRJE-ml4KLSG6PtX6XyWawmU09ISi5FOZE6WQRXunDVIEb14uOuE7lujHVCRfA9AkepRqHNkO4CmNbjVvG3haLDYglOyIn8_CZ-b4bQ1ETHo4MS6F-ioA5qii6qUtHSlvlsshO7NiPMxiRg7EV6WujLWkvlMFA6hqINVAmNl2DGT5bn5WeImY1U9vsppwoMynFOwD-IOTC8bzHI9K078tIfhSreIgvlZVZ4CHHBAyAb9illRv_6efOIGGckqQuhTJ08A4vRrqa_G4cM-iCVSBehx0eElH9reMviAVHBOIrVJ2LYJJmxuYTUcAEt-2wVNOZtvdlKg&sai=AMfl-YS7b9wtYBuo_M3qk1wrQ3vWo4vRfuEybizdn7vY2Q7hjQkEPh2Kk0yCbK6mjhdjCEgR3lMrSdrYo6kgHGJremdb6AEGjms2k6OgNcvy8X_6_l738R2T7I4x6WZYEi-Iy5O46l2qOahHQO47Fauc5Y96N7EOjLvul5CM50ErFdvUY7Hs6H41l1TRWqnAJKNulN6p6W3sz7C_Ocr8CQd0_ZfsJrtOMlbwK3LnIeFPQFF3YZSRXA52OVrvxXfVleVkX0q5DdMWxxRA4fUHu-Gk4-fqzpR2ZThL5VXbSBVkBs0kGK5vHZFamJWY6TNS4kA9GW8dwPsrD9ZZQUzXcz2IRAbccWZl6oQdrQkexhIPBoqmQkjLQa5kMYIZMRJ2rwqCSCfK-NUorZ8N8ta3XAFilR1a_2M-NCdA_6q3-NWNo1kofUcnK1XIN-7QPvC2zgKJMPp7iCa6IZOOO3-8-bxQ-EwDWz-OPjGcOrnp89bhVFKgc4ffUe7MEBiR67K2hTmJ&sig=Cg0ArKJSzDBEBwd_CPLfEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=172&vt=11&dtpt=121&dett=3&cstd=50&cisv=r20240122.52219&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: benuredhawks.com
URL: https://benuredhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Jan 2024 00:41:28 GMT

HEAD
H2 200 analytics.js Show response
benuredhawks.com/components/js/ 0
95 B 139ms
139ms XHR
application/javascript 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/components/js/analytics.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Jan 2024 10:24:53 GMT
server: Microsoft-IIS/10.0
etag: "f3556e906653da1:0"
content-type: application/javascript
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
59ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981a05d31c203213444731ceff098c4476718d43fadc82da7728b7f0d6e00016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 96A7 6 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:53:20 GMT

GET
H3 200 cta.svg
s0.2mdn.net/creatives/assets/5102052/ Frame 96A7 6 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/5102052/cta.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75c0ee48073a932b0310ac5bb2312cd76a193af773a61917645cac1b0d6eb62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2047
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 14:57:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:50:23 GMT

GET
H3 200 728x90_head2.svg
s0.2mdn.net/creatives/assets/5102052/ Frame 96A7 19 KB
4 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/5102052/728x90_head2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c9936fa22699b3baf8688f1fabd2fdb046fd68bc10c7c434861529855dbaaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4419
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 14:56:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:44:34 GMT

GET
H3 200 728x90_head1.svg
s0.2mdn.net/creatives/assets/5102052/ Frame 96A7 8 KB
3 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/5102052/728x90_head1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca55ea7584d49925adb74ad7b077c78a5802e26d3c2cd90e2b6edaa10f98b2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2753
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 14:56:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:44:57 GMT

GET
H3 200 728x90_radiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 96A7 4 KB
934 B 15ms
15ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/728x90_radiant.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:23:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:50:24 GMT

GET
H3 200 728x90_gradiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 96A7 891 B
505 B 16ms
15ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/728x90_gradiant.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:41:42 GMT

GET
H3 200 728x90_kv_1_2.jpg
s0.2mdn.net/creatives/assets/5102052/ Frame 96A7 18 KB
18 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/5102052/728x90_kv_1_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31083d2dcae34903398087f9cf0c2c16c43239e0b4dd8511ab73368ae1b3b1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:39:48 GMT
x-content-type-options: nosniff
age: 100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18645
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 14:56:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:54:48 GMT

GET
H3 200 728x90_kv_1_1.jpg
s0.2mdn.net/creatives/assets/5102052/ Frame 96A7 24 KB
24 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/5102052/728x90_kv_1_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d05de84bed95b5c19cb87abe06624b5527048efbdaca57e67f4d0ae6bb7bf0ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7618722404499858222/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:35:00 GMT
x-content-type-options: nosniff
age: 388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24068
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 14:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 00:50:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 28ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df3b9f1550bfc9e517852043e81ca65097f944c5aa19bcf3c08399de5a2b6336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 00:41:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BDBF 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMIUlN5e5ZbzPHPTsx_APurGryAUAAAAAOAHgBAI&bg=!CgmlCUbNAAa8BdJLnAU7ADQBe5WfOK8PvFuACxjAy9iW4fwnwosIj5vDPQ4WHCiZQd5404Nyu9-vF3kVBbHY523wmW0JAgAAAK5SAAAAAmgBB5kDCbz6jnFotkvepaVIWFk_jX_MrisaoPo-d6gNnXbLWbjbd8BSlhE-opqAKiLMaDTCqnwolbrVtn-9rhv0Q7s3M4bBvgmwYOIERtAUXpLloENrftvl5pfgrHcDkKq0LxraMzmpl88c7T74pUcCv9JGVjlaEd42KUs-fbrlFok8_2s7C8PXnUOeVwiVJ3D_TlNl4vPtdTJAQSgj1bEKhxXYyJoEH5wy1FttOIL68vg3H3lmpqJpk4vssHIsoc8H-BG5I2o6xuaNs3rRnDnsgOR3VifyFwIWSc5JcTMXY4Cz9Q8thbZJHRxrYUrBshHByhtkoDIN1ZeUbREOGzGU5OZHrOP5Fu6z5uVHthJbob98q1cZ8B5F5PzvCm_4yutluVdCKfZ1Hp0Pmcz7DvVHJywvqeyJZKATsinj3tj2A4NRPapg7iMy5td1Gks7BGnz6ETYBHAcfg9Vbe-Atj8Z38EUkBXubdibN6PVGje8QQBUQ_IkObyn9lEzVRv6Ftuk6o-IL7bgCoCuThQyQJaaOQwPQdkPyT5OzZXi3TVoYjXLTtMSMV_pSGM_YAWIYuTlBRLgY8pMjEGWsAA_uqk8zyvtR_-0uaX_oMq63iXLZ1UXvqk2d6frwCq2FBv0AF1fxfspe6b0fyqhPDH6tCK1r62uommzOLlora4NA75iKlUfCgLi79pVBu2jMjNwlokWI5zwn_bFemm1Q3p2HrKjIX-9VJnpsiHYtrbmhSFJhqLUOHH2TMR2Rt55iN4n2WGF1Fnyf7sICFkcdffEFvgAAAEkFPcp1x7K78A9ugj8chvEZaEh0f1JQMxd9q_LPKlorfC8ZUuPPup6atnU0G3-j5NDJW7E6AV_pT4I_Ci2gY7_49GD--pZFgW6QxpDaFPO9nJaKZcH1oiz5cTJZMnOuFpTo6x3LAbf1yO7ZzWAfjfg0_7b9AZU4rg2IM_Wfp-B1Yr_sv7rRh4cdH9L7ck74HYSbVWIx7M4BxciFUbdZs1badwKRosgG8gLz8GWf_964oHh_7iEXq_qqCsmiA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A12A 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDfApN5e5ZeuBHfeH1PIPl6KDkAgAAAAAOAHgBAI&bg=!FRalFlnNAAa8BdJLnAU7ADQBe5WfOLQ4oW5XzBilEiiM0HKakfcUcd0ohd4tJHRuFTAPaN9jzb80EOF6JeCbuZcYJ9IjAgAAAKVSAAAAAmgBB5kDEDzSTB6jzxcUzzszLVH8rxHNpVPSnF3h85n0Y3jMJ8WTi7BZDpIYAt9NEF8N9Tdg7EKajHWIoR67e7Z_rLroi_JB1y3Bh2YzzSc984iq8rQ_1AWf-zSoJ0k4cwEC7FF1dSuZr3XiPAIeAq4CtWkQVyG9BkPnY1JiIc_Yk_NNlmH4rXnO4P3mX8XgULmQXNhdvF1EhM6YMfh-PcWaXjQlWe3P0Wgv0Yx1ew5eFutrhorCNnHSvwWajrZUl37S6Xzlnlp4xfA7FMilIn-OP1oszMT7NN7M7ddkeqmeAwhdpc-lXDTJF9de-VP7vcVIPEQ-SkgazslcnpZ0mMDvcD0TYONC2uI9ccEynyybYbolL4mDd6opLCkgD0q8jAMie4lKIancEb27aWlr1MGGL918EYPYqvYNKhI2EJc15OMyLQt2XEK3CpXHLfJpN2rLss8Nl7vrLmK8FqT0Znwblh_kNlY5OVN-OllKNZtBsXyVI0AB_m39vnEnVaFhVbre-AYq-8ryMTQPDN97bWy0A0uU_WUDiyfoU77y7GiLPJCOQoEBhndmM72fIj__HD7JyGWJjRnhjY2SGnJOk6S93fYuN-dap0NGnGzhyNMOiKIhJXBbmqEyYMoXc-NpfXzXstAEolCONzJKkhOl8aj48rA4pVgT_X9lQugl8inM6fymtTu39ynzZtTP6tZ62VYlvp7LpIfyD6ODZOQ6PHMRg22mvF6Hv0JRflJnBApxiWWcgmSW2qxhEiAbqrppYiRFbO1dX-4QFqQx46FrNA-_N7HqI5HTw3d3MVxylZP9LjP4Lo5N_InBlywticadrgmdDd-TXhZKCP7XC1cmEjG-S8C64d55A1OO4rjetONJEpa8SbB2E56OKzVlJT8bNCpf2l0LF8hfD8kM5ar-1td6cuNNUaBKC6aqw_GuR5PIGn9lI8baEz-xrrCaZNfNaegiZwpegYPiR7sTvwIgd_HwBjf1gvHbBtMtby4Hig0Xcf0BTjM3-_9CijQ30_jfVVWZPdU4_ukA_HZJqoyFrv16tgqWj1s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=45je41t0v882570456z8833217870&_p=1706661686048&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=2063913798.1706661686&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706661688&sct=1&seg=0&dl=https%3A%2F%2Fbenuredhawks.com%2F&dt=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&en=page_view&_fv=1&_ss=1&ep.division=NAIA&ep.conference=California%20Pacific%20Athletic%20Conference&ep.ss_client_id=2334&ep.school_name=Benedictine%20University%20at%20Mesa&tfd=3683
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 18ms
18ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y29PC3P5S9&cid=2063913798.1706661686&gtm=45je41t0v882570456z8833217870&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y29PC3P5S9&cid=2063913798.1706661686&gtm=45je41t0v882570456z8833217870&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=619849889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 00:41:28 GMT

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/27/Untitled_design.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design.png&height=1080&widt...

3 MB
3 MB

34ms
34ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design.png&height=1080&width=1920&type=png&gravity=centre

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

dc6e11adb38fe087c1a8ad9ce2cb3e8a8ae780be92c9c15d39932ecdcd1edf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:55:45 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 240343
x-cache: Hit from cloudfront
content-length: 3150549
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: jfcQjsB6eq7wQq7GqFf79BL31A2T-jMLZH67t1c6aTRPthpLViHHwA==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design.png&height=1080&width=1920&type=png&gravity=centre
content-length: 360
x-xss-protection: 1; mode=block

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/27/Untitled_design-2.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-2.png&height=1080&wi...

2 MB
2 MB

25ms
25ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-2.png&height=1080&width=1920&type=png&gravity=centre

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

edaa5c6138f7a50853aa68b49bb91be8a432cf77cfa6688023dbff319f6f19f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:26:54 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 242074
x-cache: Hit from cloudfront
content-length: 2185012
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: CWNQ50urKvx1N1F8q8dDreWVcWCcDHoyurbMZOd2wy_D2SOQ8yvH3g==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f27%2fUntitled_design-2.png&height=1080&width=1920&type=png&gravity=centre
content-length: 362
x-xss-protection: 1; mode=block

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/25/Untitled_design-2.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design-2.png&height=1080&wi...

3 MB
3 MB

24ms
24ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design-2.png&height=1080&width=1920&type=png&gravity=centre

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

d308bbb6a79b8c48c60b8ed09cfc5c7463e12a76c9c4601020f002445c3003ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:51:00 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 406228
x-cache: Hit from cloudfront
content-length: 2728653
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: rv5vi98V_Po7c_tWlJNuyizmYfKeROMk7IXkr9lZqL7g68hYm9as-w==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design-2.png&height=1080&width=1920&type=png&gravity=centre
content-length: 362
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D79F 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:12:58 GMT
expires: Wed, 29 Jan 2025 19:12:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7123 829 B
997 B 21ms
20ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc90168629e45f05c5ed948c6ba8a9592cd2292e54589820b40fbc6d08af0e1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BeT6pfeRoU6IdoXKSOqg4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benuredhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BeT6pfeRoU6IdoXKSOqg4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 00:41:28 GMT
expires: Wed, 31 Jan 2024 00:41:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D79F 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 07:47:53 GMT

GET
H2 200 dfp-component-template.html Show response
benuredhawks.com/common/templates/dfp/ 0
72 B 128ms
128ms XHR
text/html 67.192.28.16
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://benuredhawks.com/common/templates/dfp/dfp-component-template.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.192.28.16 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://benuredhawks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Jan 2024 10:24:53 GMT
server: Microsoft-IIS/10.0
etag: "c8760906653da1:0"
content-type: text/html
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7123 0
0 38ms
38ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=4390989755428161&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D79F 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hnDZ4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:41:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

crop
images.sidearmdev.com/
Redirect Chain

https://benuredhawks.com/images/2024/1/25/Untitled_design.png?width=1920&height=1080&mode=crop&scale=both&format=jpg&quality=80&anchor=middlecenter
https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design.png&height=1080&widt...

2 MB
2 MB

24ms
23ms

Image
image/png

18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design.png&height=1080&width=1920&type=png&gravity=centre

Protocol

Server

18.173.187.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-84.muc50.r.cloudfront.net

Software

Resource Hash

5140bf33c807bb5be8f3da139ab99fe6ef2263e527157a30233b2bf37b231713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:50:59 GMT
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: MUC50-P4
age: 406229
x-cache: Hit from cloudfront
content-length: 2510357
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Uc3H9ioR-0QS1ZvCfrhlPzHwdbOvbRc6K4w8CQB2NlBprO_nUTU-aQ==

Redirect headers

strict-transport-security: max-age=0;
date: Wed, 31 Jan 2024 00:41:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/crop?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbenmesa.sidearmsports.com%2fimages%2f2024%2f1%2f25%2fUntitled_design.png&height=1080&width=1920&type=png&gravity=centre
content-length: 360
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
39ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=4390989755428161&bg=!CgmlCUbNAAa8BdJLnAU7ADQBe5WfOKQgGI8i62qDau7_w_hmhbvu6NszNtHfWoSg4IGrAj5_lgwY3ojbOdiiILsweMh6AgAAADJSAAAAAWgBB5kCv7gzTzkn8ejZABMp4afDB_a_MJL_DuOrGplYOQjw4Dgup85f-062l6Wa9G0ShdJy2xrhgQgKncIP_Votsle8nSP5mnfouXxwBI2dV-9zdY3oP9N8KfvLiPmbPxI8rttxvv5U-iIQ-PrrN7qW84MoTnxcsa9g2p3cBnWEE3TZoKnl13p6hfYYZ6nP1KSmMTNPVai02BpvIlTYqvT_H3DL-VH-hHh4Zn2-wOHEErn_BmAMq1lDblyxO6oLTOrKN6dA60QKAK4wlRkBfsZK_0ToGLIHBnLTwLbQFHK8oJXhO4dzkC9wahiZt2IrTFLXW2w3JDvdNrgCs4L5oHf31E-CEYQwcKnwVNGsWOAq6CNEBGrtXHB4vWTGSZUyTi9VI9DjSzMARkMfykr_9Bc5Y-ivnEMxM_KedYonnRvhWq5OTcnT2YBlO8xZtS9jlRbf7TtD8L5xYakPzUXqDd_YQ7xoscZRCl0QDlpSBWjvfSL2GUhuuhyfmPaaCBYGMa5YniQ08jMMHpggsvc9yO5IgfC-OfW0cM9ksxPMPc2IWxFFSndWWcQEkAohRNFilA7hQ1sqLCeIsqWkumB7ma8pk9l63JK3cR_c75aGU6eLG9cYou6al1-OIJ4nN0zichkKGzEUAMy7vFT6tt12HPjujm0g0bL-_k5nfv7B8iT--ciZbNSRwlcUZN_XEA7idOcbesIxEU0O4wbWYtFglaaX3YJJjup7c6m-bBwLSu1x28WuYgdhEgJw7LuvwnpxA_cwjWAaGcKfZ6-13j4h-tfOOvbW9zO6HuHyQiojXQoFzkKXnh31sGqORNlkEo5H4CjGm6Z45pZRSnpfQCffcKpy6Grm0Tm5FQjfd79G6v-QGwMdf6VUaK5lYu8hPLcpJ_J7ODugVNrvMVi8tF8uLFJYTWn-qFtxX9d0luKTU2zODH3mCUM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10A9 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvME3qvHXYKHVJ-T77BJ0Hi-ib_W0Yxq3PVgBwyaEswpgqVm-7ETXy8vWd_LVY3329r9lrZ-_SUPF87E1UebGzny5J9xH9HPz9wWoOBV3oiY--hf9un6uIfF5KYHEDsY3B6Cgp73Kw9b2RSoIti1VS-Lw19&sai=AMfl-YSUjnBxl6dDIRhpUiUxNFllX-72DHZdBN95qxb_dZKQH-xBDqm8jA6c60Zto_GS-M5E3jLOsfT1UqLu3QwM4cjlTkAJkCx7W4fj4KF2wFwkq-U894tzFDeiMUnRHZNyQBYOKnTuF9HICbr6bU6IlA&sig=Cg0ArKJSzHOJ2qbDWPP7EAE&cid=CAQSTwAvHhf_oFHbo8tle5JM_lDXj13GiMGYlFBo8DC32BZqTnjyDImdOsk-tQceTd5sCKh5ZB2A1EitG0PohqaldQOVZTllocg9tnuvWtlhLGIYAQ&id=lidar2&mcvt=1000&p=832,201,922,929&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4273403911&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170666168800&rst=1706661687883&rpt=210&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MCY99C2VY5&gtm=45je41t0v9129253275&_p=1706661686048&gcs=G111&gcd=11t1t1l1l5&npa=0&dma_cps=sypham&dma=1&cid=2063913798.1706661686&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1706661686&sct=1&seg=0&dl=https%3A%2F%2Fbenuredhawks.com%2F&dt=Benedictine%20University%20Mesa%20-%20Official%20Athletics%20Website&en=scroll&epn.percent_scrolled=90&_et=23&tfd=6548
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benuredhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 00:41:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benuredhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benuredhawks.com/	1970-01-21 03:40:21	Name: _ga_MCY99C2VY5 Value: GS1.1.1706661686.1.0.1706661686.0.0.0
.benuredhawks.com/	1970-01-20 18:05:48	Name: _gid Value: GA1.2.1429229501.1706661686
.benuredhawks.com/	1970-01-20 18:04:21	Name: _gat_UA-195106495-5 Value: 1
.benuredhawks.com/	1970-01-20 18:04:21	Name: _gat_UA-180696617-1 Value: 1
.benuredhawks.com/	1970-01-21 03:25:57	Name: __gads Value: ID=00efe8a96cab295a:T=1706661687:RT=1706661687:S=ALNI_MZq9jdR-tnghyew7eZ2L9Gj0WrfkA
.benuredhawks.com/	1970-01-21 03:25:57	Name: __gpi Value: UID=00000d4cda9da004:T=1706661687:RT=1706661687:S=ALNI_MaQjetBvE1guu3EJT9IDSoWnCv3gg
.benuredhawks.com/	1970-01-20 22:23:33	Name: __eoi Value: ID=b54e06241fa66682:T=1706661687:RT=1706661687:S=AA-AfjY1dwk2NrKJJNg66G-khBHR
.adnxs.com/	1970-01-21 03:40:21	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:13:57	Name: XANDR_PANID Value: x8mG5UN_bP-Bt7JewMOIweXzFeLH3mcwN0fjc5fnsBLyPi8yqs_YiiRu_J_GEI14H4la_zFgygKYb7DzWRQ0sClqKSxfMDIFIImpUW3I-7Q.
.adnxs.com/	1970-01-20 20:13:57	Name: uuid2 Value: 9117202683240573074
.casalemedia.com/	1970-01-21 02:49:57	Name: CMID Value: ZbmXOImh1Bhy5Ec3ogS0lAAA
.casalemedia.com/	1970-01-20 20:13:57	Name: CMPS Value: 5218
.casalemedia.com/	1970-01-20 20:13:57	Name: CMPRO Value: 5218
.doubleclick.net/	1970-01-20 22:23:33	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:25:57	Name: IDE Value: AHWqTUkR3GA-GHr3UCsQGEitlIRTDT-p1a6Z7OGowmpfgiRb-Keyqf1IDX5c1R8VJhQ
.adnxs.com/	1970-01-20 20:13:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In2hG-IP!]tbPl1M>e)ZlrFUfJ+tGXxp)?ocOUAh'C$CI0JhXSGEi:#3k)aaS8NhitFs3If)y3KL9D3I?--n^WFo
.benuredhawks.com/	1970-01-21 03:40:21	Name: _ga Value: GA1.1.2063913798.1706661686
.benuredhawks.com/	1970-01-21 03:40:21	Name: _ga_Y29PC3P5S9 Value: GS1.1.1706661688.1.0.1706661688.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
benuredhawks.com
cc0ae5f429eeafe8d4b5de442b3655bf.safeframe.googlesyndication.com
cdn.krxd.net
cdn.transcend.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
dbukjj6eu5tsf.cloudfront.net
dsum-sec.casalemedia.com
dxbhsrqyrr690.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fonts.sidearmsports.com
googleads.g.doubleclick.net
ib.adnxs.com
images.sidearmdev.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
scontent-dfw5-2.cdninstagram.com
securepubads.g.doubleclick.net
sidearm-syndication.s3.amazonaws.com
statcollector.sidearmsports.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.18.36.155
142.250.184.198
151.101.66.133
172.217.23.98
174.143.40.29
18.173.154.32
18.173.187.84
2001:4860:4802:32::36
2600:9000:225b:5800:4:cc99:4000:93a1
2600:9000:26da:8400:2:8531:afc0:93a1
2606:4700::6811:180e
2a00:1450:4001:801::2004
2a00:1450:4001:802::2001
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9c
2a03:2880:f234:1c5:face:b00c:0:43fe
37.252.171.149
54.231.170.9
67.192.28.16
99.84.88.85
99.84.90.89
00c3154f069d899f00bf44b191222e979d09d0620850336181f9c48b30bf3440
02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6b1f5d45343375287b4f792169622df4102b92bc3bf60ce1c57fa411b30914
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20da7195227c6b983133610b35fe4e1d7f00bbdcd49363b52c16fb37fe0f6bd4
23f763a1799cadd6852205791c46ebcfc70c5e24ca8bb6c5aacf4b0b245d94a0
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
31083d2dcae34903398087f9cf0c2c16c43239e0b4dd8511ab73368ae1b3b1ac
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32889d251fc20f7aa1e8aaabb6affd79bee7ed63a0be17f4234f0bab30508388
36791c7ed0c7ae2e4246246fcc002f0db8f238e8c53795bc305c32e2973b190e
378ead8d61543d7cae599eb64a5d678ddcd5e4c8e9accdff0c91c29a7f68e59c
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7
3c3cd1b77209cd37befb59e821aee90c9880c142edd310772578ade9b1c57922
3c9936fa22699b3baf8688f1fabd2fdb046fd68bc10c7c434861529855dbaaf9
3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d12d3fe0ad2d9dca4f5e4ab1e44eecaaeca212b2dd6ade5786c6231478c1933
5140bf33c807bb5be8f3da139ab99fe6ef2263e527157a30233b2bf37b231713
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aa125ae189f4e809f9075ca2646510560ffee5bfd97db2308501cb17efe4d6
563d7dc30af548669450340faf6a97f534cad505c2dc1755aeb019ea3d4f2f58
572852a48e9e6943b844539bcceaae144b13ac0c8b07269c2afb6c85e5c09169
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67f4d5060b6a97dad094f90313ea00d99a47163efc199d44d9340fa6f89d2629
69d9ebd4b1206e258357a002b50b22899a35c3814276efadc143a20322c2e2e4
6bcd093acfb6706f4db36f75feedfa76a0111b682bd83337f75b0aa50316d2aa
6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f
6e25c749372929780f21d96f20259212517f3446ba6d522122c49092aa748fb1
7159b1e57dc6cfa8abd3a69a3ae0c6de500aad6566d820b9c2588ee653333cdc
7206c69616e018803e154f99b42fec06040cccacdcbb62851eafa824b6980122
73ff28f9c3721f64ff5101795d680193fb9e6067ff6f27f4c5aaf88de78008f7
75bac12fe7187d68cad89bc6b1b5e97beda73815f2a7ad6b9b4133eaea623442
75c0ee48073a932b0310ac5bb2312cd76a193af773a61917645cac1b0d6eb62a
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
79d2e140dc637915bd7f383df56a527522ddaa4cde060bcfe9d7ddccf1e95021
7e0768124016fb73f556af1d0f2018436c3410aec803e4c8c11ad7143efbbf79
7e69d105cb0e7119238aeafae1416ea52065a799c507adc9ae953b2463a30812
7f1950abc6e6c61b21446666705924af293529ca8f79655c6f1fb57d3331e898
83b7dfe20f25c16176291d2012035d1989606fa6ec22b0924fe355a5e6a8b668
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
867b1b25fb47d28d49d6fd9d14b529c63342eb83beac0f2f562af728be786676
9401f74cd127dc713e19bd045e7197559defbb88b6fd1800244ba478be3da0da
947e6358cb5cea6a8b04aa2194a651e81b6fd4f2ccaae44b6e1abda44e67aaca
981a05d31c203213444731ceff098c4476718d43fadc82da7728b7f0d6e00016
9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9
9c9f81fc576e217cb26321fa2217ea162a5c7bcd1a0f2cf10b1c03efea0a6e71
9f5d7bce0a86cc04ccb01c003d85143585236f8ebf761ea74a4b986a039eaf6f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a702cce055e0a624c899ebdd1dac27516aa46e7fce36283ecf939f203c3b2bd6
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedb4e52310d3b06a3dfef9165d7aa67aca638e02f0755bafaac96a43f33c964
afbbba5c4021a34d362532f2f07e274de6de9f6b271db3d066ade009276a8013
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3112af82ae0d4d86cc13b8b08c7ef9938cf3a401df7f53d82c413edae6cdca7
b434966f6747dcdaa3b452c4b034b779832377bed4a2220eebc0f24fd0f821b9
b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b
b9cb4cbee988579c15e25d156aa8ede468f382522881da40994c684f37b7a1eb
bd073d84ed76956a05493dc2eebaa375535cfafa3b79c00576c475104cfb3a0e
bdfe708dce9d1cf33fb6de825086e51a22e1779bf0ff5aadcec1d46d3eab217d
be04cd730f3e44dc45853dfd436f7333404a255dbb779c664f779c6aedfc7a40
c0c9d36daecb13c492421fe898ddb96e1e7a463af9244de5fa2d265ef6fb9339
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c370963c13366d93cfd050f98bc5ddb1e436d17d9218394b25d92e2e0e906f0d
c4ef7ec47986932b8fa1d84cc6aa4a202d47e0c18775901831b161101a9c8ada
c602b6dc9a9a0796f3301b161df700920336416bef6c5f01e6f3fbfa02f2b8e6
c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8
c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec
c936b0a7bc7ae16efa96271a08a276374fbdf6c79817d19b6b912689b12e4085
ca55ea7584d49925adb74ad7b077c78a5802e26d3c2cd90e2b6edaa10f98b2ce
cbfa614f0aca78401f767da068fc0f27d7d7c69b95d48f3d54a9b0058602614d
d05de84bed95b5c19cb87abe06624b5527048efbdaca57e67f4d0ae6bb7bf0ca
d308bbb6a79b8c48c60b8ed09cfc5c7463e12a76c9c4601020f002445c3003ac
d3b93ec179a269de5b18e8abe2d1ad542e276c37821a117792f2f5318bdf6d9b
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135
dc6e11adb38fe087c1a8ad9ce2cb3e8a8ae780be92c9c15d39932ecdcd1edf57
dcb5353581b6cf517d722cfb0840473f184597e6e10e4913c0fe1d54e70fa0ce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4e94440163688cf0639ebe2ebe062f17aebd76a6dc2b51722a327ce5656221
df3b9f1550bfc9e517852043e81ca65097f944c5aa19bcf3c08399de5a2b6336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9de569ff2320d66bb18d05de2c67c6fb9191f928cfed2f78b928c3ceaead870
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecd83f94aff9e4af22f9faf6c254a1821d0f29b227b68da4fdb17a497319df6e
edaa5c6138f7a50853aa68b49bb91be8a432cf77cfa6688023dbff319f6f19f0
ee19be6670c509e02005b5ac7b0d895eaa5f26276c8b224f6376c33764db72e3
eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2f08165b0e2a50f8f61677d2966ba3431d37b648fd20b00357ee010fa141b0
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f8569fe154e6d536fcc234c5caf5dde8a47563c51c0dfdb9b14d12752bd013f5
fc90168629e45f05c5ed948c6ba8a9592cd2292e54589820b40fbc6d08af0e1d
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fda054e85d4e006fc732fac25ec91210c593642b66e22c0a2292e7f44665c435

benuredhawks.com Open in urlscan Pro 67.192.28.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

86 %HTTPS

61 %IPv6

22 Domains

32 Subdomains

32 IPs

4 Countries

16032 kBTransfer

19799 kBSize

18 Cookies

16 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benuredhawks.com Open in urlscan Pro
67.192.28.16 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

86 %
HTTPS

61 %
IPv6

22
Domains

32
Subdomains

32
IPs

4
Countries

16032 kB
Transfer

19799 kB
Size

18
Cookies

153 HTTP transactions
2 data transactions