bluehens.com Open in urlscan Pro
45.223.99.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bluehens.com/
Effective URL:
https://bluehens.com/
Submission: On September 17 via api (September 17th 2024, 12:51:46 pm UTC) from US — Scanned from DE

Summary HTTP 162 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 45 IPs in 4 countries across 32 domains to perform 162 HTTP transactions. The main IP is 45.223.99.109, located in United States and belongs to INCAPSULA, US. The main domain is bluehens.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on July 22nd 2024. Valid for: 6 months.

This is the only time bluehens.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	45.223.99.109 45.223.99.109	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:223... 2600:9000:223f:5800:4:cc99:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:440... 2606:4700:4400::ac40:9312	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.27.92 13.32.27.92	16509 (AMAZON-02) (AMAZON-02)
8	108.138.24.78 108.138.24.78	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	23.48.23.17 23.48.23.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
30	18.66.122.103 18.66.122.103	16509 (AMAZON-02) (AMAZON-02)
9 9	2600:9000:211... 2600:9000:211e:600:17:ad1e:f6c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:90a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.11 3.160.150.11	16509 (AMAZON-02) (AMAZON-02)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	13.32.27.78 13.32.27.78	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.94 18.245.46.94	16509 (AMAZON-02) (AMAZON-02)
2	18.244.15.236 18.244.15.236	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	23.67.137.210 23.67.137.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.29.152 3.5.29.152	14618 (AMAZON-AES) (AMAZON-AES)
162	45

40 45.223.99.109 (United States)

ASN19551 (INCAPSULA, US)

bluehens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:5800:4:cc99:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

fonts.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9312 (United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-92.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.24.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-78.fra56.r.cloudfront.net

dxbhsrqyrr690.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-17.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.66.122.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-103.fra60.r.cloudfront.net

images.sidearmdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:211e:600:17:ad1e:f6c0:21 (United States) 9 redirects

ASN16509 (AMAZON-02, US)

db5y6jlvyeaqj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-11.fra60.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-94.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.15.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-15-236.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.29.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	bluehens.com bluehens.com	775 KB
30	sidearmdev.com images.sidearmdev.com — Cisco Umbrella Rank: 18365	1 MB
17	cloudfront.net 9 redirects dxbhsrqyrr690.cloudfront.net dbukjj6eu5tsf.cloudfront.net Failed db5y6jlvyeaqj.cloudfront.net	70 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 162	210 KB
8	gstatic.com fonts.gstatic.com	243 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 356 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 667 aax.amazon-adsystem.com — Cisco Umbrella Rank: 466	88 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4054 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 688	132 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	468 KB
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1469 a.ad.gt — Cisco Umbrella Rank: 1575	5 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2538 launchpad.privacymanager.io — Cisco Umbrella Rank: 2062 geo.privacymanager.io — Cisco Umbrella Rank: 1911	37 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 td.doubleclick.net — Cisco Umbrella Rank: 189 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213	180 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33 region1.google-analytics.com — Cisco Umbrella Rank: 3310	21 KB
4	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 5759	146 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522 cdn.id5-sync.com — Cisco Umbrella Rank: 984	29 KB
3	typekit.net p.typekit.net — Cisco Umbrella Rank: 578 use.typekit.net — Cisco Umbrella Rank: 462	45 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1700	125 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	3 KB
2	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 638 ib.adnxs.com — Cisco Umbrella Rank: 270	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	73 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 8394	144 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	8 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9906	480 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 925	295 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1628	12 KB
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1023	13 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1108	17 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1003	251 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1430	248 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10137	63 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	4 KB
1	sidearmsports.com fonts.sidearmsports.com — Cisco Umbrella Rank: 21744	14 KB
162	32

	Domain	Requested by
40	bluehens.com	bluehens.com transcend-cdn.com
30	images.sidearmdev.com
9	db5y6jlvyeaqj.cloudfront.net	9 redirects
8	fonts.gstatic.com	fonts.googleapis.com
8	dxbhsrqyrr690.cloudfront.net	bluehens.com
7	pagead2.googlesyndication.com	transcend-cdn.com
5	www.googletagmanager.com	transcend-cdn.com
4	fundingchoicesmessages.google.com	transcend-cdn.com
4	transcend-cdn.com	bluehens.com transcend-cdn.com
3	id.hadron.ad.gt	transcend-cdn.com
3	c.amazon-adsystem.com	transcend-cdn.com
3	www.google-analytics.com	transcend-cdn.com
2	geo.privacymanager.io	transcend-cdn.com
2	id5-sync.com	transcend-cdn.com
2	aax.amazon-adsystem.com	transcend-cdn.com
2	tpc.googlesyndication.com	transcend-cdn.com
2	cdn.confiant-integrations.net	transcend-cdn.com
2	securepubads.g.doubleclick.net	transcend-cdn.com
2	www.facebook.com
2	connect.facebook.net	transcend-cdn.com
2	use.typekit.net	bluehens.com
2	htlbid.com	bluehens.com transcend-cdn.com
2	fonts.googleapis.com	bluehens.com transcend-cdn.com
1	ams-pageview-public.s3.amazonaws.com
1	a.ad.gt	transcend-cdn.com
1	lb.eu-1-id5-sync.com	transcend-cdn.com
1	cdn.id5-sync.com	transcend-cdn.com
1	cdn.hadronid.net	transcend-cdn.com
1	tags.crwdcntrl.net	transcend-cdn.com
1	secure.cdn.fastclick.net	transcend-cdn.com
1	api.rlcdn.com	transcend-cdn.com
1	lexicon.33across.com	transcend-cdn.com
1	cdn.jsdelivr.net	transcend-cdn.com
1	config.aps.amazon-adsystem.com	transcend-cdn.com
1	launchpad.privacymanager.io	transcend-cdn.com
1	launchpad-wrapper.privacymanager.io	transcend-cdn.com
1	www.google.de
1	region1.analytics.google.com	transcend-cdn.com
1	td.doubleclick.net	transcend-cdn.com
1	stats.g.doubleclick.net	transcend-cdn.com
1	ib.adnxs.com	transcend-cdn.com
1	region1.google-analytics.com	transcend-cdn.com
1	acdn.adnxs.com	transcend-cdn.com
1	p.typekit.net	bluehens.com
1	cdnjs.cloudflare.com	bluehens.com
1	fonts.sidearmsports.com	bluehens.com
0	dbukjj6eu5tsf.cloudfront.net Failed	bluehens.com
162	47

This site contains links to these domains. Also see Links.

Domain
rec.bluehens.com
www.facebook.com
twitter.com
instagram.com
bluehens.evenue.net
www.learfield.com
sites.udel.edu
www.caasports.com
www.ncaa.org
www.udel.edu
udel.spirit.bncollege.com
events.bluehens.com
seatgeek.com
ud.alumniq.com
www.youtube.com
scoreboard.clippd.com
stats.statbroadcast.com
go.flosports.tv
caasports.com
www.flosports.tv
www.adidas.com
sidearmsports.com
www.sidearmsports.com
learfield.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-22` - `2025-01-18`	6 months	crt.sh
*.sidearmsports.com Amazon RSA 2048 M02	`2023-11-06` - `2024-12-03`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
transcend-cdn.com WE1	`2024-09-13` - `2024-12-12`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M02	`2024-08-20` - `2025-09-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-26` - `2024-09-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cdn.adnxs.com R11	`2024-08-20` - `2024-11-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
images.sidearmdev.com Amazon RSA 2048 M02	`2024-06-19` - `2025-07-19`	a year	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
confiant-integrations.net WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M03	`2024-06-26` - `2025-07-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
lexicon.33across.com WR3	`2024-09-06` - `2024-12-05`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
hadronid.net WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
id5-sync.com WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
a.ad.gt WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://bluehens.com/
Frame ID: 6A1369F66659404A49ED108EE128EA4C
Requests: 156 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-Y29PC3P5S9&gacid=284746157.1726577500&gtm=45je4990v882570456z8833217870za200zb833217870&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=973307195
Frame ID: A3CA9A1C515C6C75578B83101A07A65C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240912/r20110914/zrt_lookup_fy2021.html
Frame ID: 0D2FB1E4ABFB668B12DC3EF6A3EFFA59
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-6273736034387105&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1726577500&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbluehens.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726577500242&bpp=2&bdt=1219&idt=457&shv=r20240912&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4771968632884&frm=20&pv=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331833%2C95338228%2C95342016%2C95342338&oid=2&pvsid=537220961983753&tmod=631546608&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=485
Frame ID: 1DEEA5C40AA32E644FCA7FB3BB6A459C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 565CD74DE4E7F88D9DC98782302A3A01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

University of Delaware Athletics - Official Athletics Website

Page URL History Show full URLs

http://bluehens.com/ HTTP 307
https://bluehens.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

162
Requests

93 %
HTTPS

58 %
IPv6

32
Domains

47
Subdomains

45
IPs

4
Countries

4084 kB
Transfer

10768 kB
Size

16
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://rec.bluehens.com/
Title: Recreation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareBaseball/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareBASE

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarebase

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=MB&linkID=delaware-athletics&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareMBB

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareMBB

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarembb

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WB&linkID=delaware-athletics&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareWBB

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareWBB

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarewbb

Search URL Search Domain Scan URL

URL: https://www.facebook.com/udbluehencheer

Search URL Search Domain Scan URL

URL: https://twitter.com/UDBlueHenCheer

Search URL Search Domain Scan URL

URL: https://instagram.com/UDBlueHenCheer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareTFXC

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareTFXC

Search URL Search Domain Scan URL

URL: https://instagram.com/DelawareTFXC

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UDBlueHenDance/

Search URL Search Domain Scan URL

URL: https://twitter.com/UDBlueHenDance

Search URL Search Domain Scan URL

URL: https://instagram.com/UDBlueHenDance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareFieldHockey/

Search URL Search Domain Scan URL

URL: https://twitter.com/Delaware_FH

Search URL Search Domain Scan URL

URL: https://instagram.com/delaware_fh

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/list/FB

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareFootball/

Search URL Search Domain Scan URL

URL: https://twitter.com/Delaware_FB

Search URL Search Domain Scan URL

URL: https://instagram.com/Delaware_FB

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UDMensGolf

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareMGolf

Search URL Search Domain Scan URL

URL: https://instagram.com/DelawareMGOLF

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareWomensGolf/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareWGOLF

Search URL Search Domain Scan URL

URL: https://instagram.com/DelawareWGOLF

Search URL Search Domain Scan URL

URL: https://twitter.com/Delaware_IH

Search URL Search Domain Scan URL

URL: https://instagram.com/Delaware_IH

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=ML&linkID=delaware-athletics&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareMLax

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareMLAX

Search URL Search Domain Scan URL

URL: https://instagram.com/delawaremlax

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WL&linkID=delaware-athletics&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareWomensLacrosse/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareWLax

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarewlax

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareRowing/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareRowing

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarerowing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareMSOC/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareMSOC

Search URL Search Domain Scan URL

URL: https://instagram.com/delawaremsoc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareWSOC/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareWSOC

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarewsoc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UDelawareSoftball

Search URL Search Domain Scan URL

URL: https://twitter.com/Delaware_SB

Search URL Search Domain Scan URL

URL: https://instagram.com/delaware_sb

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareSwim

Search URL Search Domain Scan URL

URL: https://twitter.com/Delaware_Swim?lang=en

Search URL Search Domain Scan URL

URL: https://instagram.com/delaware_swim

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareMTEN

Search URL Search Domain Scan URL

URL: https://instagram.com/delawaremten

Search URL Search Domain Scan URL

URL: https://twitter.com/DelawareWTEN

Search URL Search Domain Scan URL

URL: https://instagram.com/delawarewten

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareTFXC/

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=VB&linkID=delaware-athletics&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DelawareVolleyball/

Search URL Search Domain Scan URL

URL: https://twitter.com/Delaware_VB

Search URL Search Domain Scan URL

URL: https://instagram.com/delaware_vb

Search URL Search Domain Scan URL

URL: https://www.learfield.com/partner/delaware-sports-properties/
Title: Sponsorship Opportunities

Search URL Search Domain Scan URL

URL: https://sites.udel.edu/ocm/brand-identity/licensing-trademarks/
Title: Trademarks and Licensing

Search URL Search Domain Scan URL

URL: http://www.caasports.com/?DB_OEM_ID=29100
Title: CAA

Search URL Search Domain Scan URL

URL: http://www.ncaa.org/
Title: NCAA

Search URL Search Domain Scan URL

URL: https://sites.udel.edu/sexualmisconduct/policies/
Title: Sexual Misconduct Policy

Search URL Search Domain Scan URL

URL: http://www.udel.edu/
Title: Website

Search URL Search Domain Scan URL

URL: https://udel.spirit.bncollege.com/?utm_campaign=BM-PS_Top_Nav&utm_source=Client_Push&utm_medium=Referral
Title: Shop

Search URL Search Domain Scan URL

URL: https://events.bluehens.com/
Title: Concerts & Events

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=GS&linkID=delaware-athletics&shopperContext=&caller=&appCode=&RSRC=WEB&RDAT=DRP
Title: Ticketing Homepage

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/signin
Title: My Account

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=BCC&linkID=delaware-athletics&shopperContext=&caller=appList&appCode=
Title: Concert & Event Tickets

Search URL Search Domain Scan URL

URL: https://seatgeek.com/delaware-blue-hens-football-tickets
Title: SeatGeek: Buy or Sell Tickets

Search URL Search Domain Scan URL

URL: https://bluehens.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=FB&linkID=delaware-athletics&shopperContext=&caller=&appCode=
Title: Buy Football Tickets

Search URL Search Domain Scan URL

URL: https://ud.alumniq.com/giving/to/bluehens
Title: Give Now

Search URL Search Domain Scan URL

URL: https://udel.spirit.bncollege.com/?utm_campaign=bm-ps_top_nav&utm_source=client_push&utm_medium=referral
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@UDBlueHens
Title: View Archives

Search URL Search Domain Scan URL

URL: https://scoreboard.clippd.com/tournament-leaderboard/233378/scoring/participants
Title: Stats

Search URL Search Domain Scan URL

URL: http://stats.statbroadcast.com/broadcast/?id=541390
Title: Stats

Search URL Search Domain Scan URL

URL: https://go.flosports.tv/partner/caa?utm_campaign=caa&utm_medium=partner&utm_source=teams&utm_content=teams&rtid=towson&coverage_id=
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.ncaa.org/sports/division-i

Search URL Search Domain Scan URL

URL: http://caasports.com/

Search URL Search Domain Scan URL

URL: https://www.flosports.tv/caa/?utm_campaign=2019caa&utm_medium=referral&utm_source=caasports.com&utm_content=website&rtid=&coverage_id=

Search URL Search Domain Scan URL

URL: https://www.adidas.com/us

Search URL Search Domain Scan URL

URL: https://www.udel.edu/home/legal-notices/accessibility/
Title: Notice of Accessibility

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sidearmsports.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://learfield.com/
Title: Learfield

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/
Title: Sidearm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bluehens.com/ HTTP 307
https://bluehens.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Howard.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fHoward.png&type=webp

Request Chain 85

https://db5y6jlvyeaqj.cloudfront.net/images/logos/uiowa.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fuiowa.png&type=webp

Request Chain 86

https://db5y6jlvyeaqj.cloudfront.net/images/logos/George_Mason_UpdatedLogo.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fGeorge_Mason_UpdatedLogo.png&type=webp

Request Chain 87

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Penn-State.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fPenn-State.png&type=webp

Request Chain 88

https://db5y6jlvyeaqj.cloudfront.net/images/logos/unh-logo.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2funh-logo.png&type=webp

Request Chain 100

https://db5y6jlvyeaqj.cloudfront.net/images/logos/DC-Wildcat-CMYK-Full-Color-Outline.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDC-Wildcat-CMYK-Full-Color-Outline.png&type=webp

Request Chain 101

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Delaware.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDelaware.png&type=webp

Request Chain 102

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Towson_.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fTowson_.png&type=webp

Request Chain 103

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Villanova.png HTTP 302
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fVillanova.png&type=webp

162 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bluehens.com/
Redirect Chain

http://bluehens.com/
https://bluehens.com/

67 KB
18 KB

342ms
167ms

Document
text/html

45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3464aa886c98cc4bce79004ddac75f86bc03427486ab65896d3dff6dbf473eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: x-trace
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 17 Sep 2024 12:51:38 GMT
strict-transport-security: max-age=15724800
vary: Accept-Encoding
x-cache-status: STALE
x-cdn: Imperva
x-iinfo: 4-29403079-29403086 NNNN CT(23 24 0) RT(1726577497825 92) q(0 0 0 0) r(0 0) U12
x-redis-cache: HIT
x-trace: 00-77860df66e4d1ca2efbcd9ec9a222237-c400481d48d1155e-00

Redirect headers

Location: https://bluehens.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 sidearm_font_v2.css
fonts.sidearmsports.com/sidearm_v2/ 14 KB
14 KB 51ms
7ms Stylesheet
text/css 2600:9000:223f:5800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/sidearm_font_v2.css
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d416314a4f2e32ef97eb22bd38a42d74b3084c7f6e0ed64fae8864860bf8908

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 01:30:30 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 18:02:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40870
x-amz-meta-cb-modifiedtime: Tue, 24 Oct 2023 18:01:17 GMT
etag: "6e11d3abb0316d98bbf55c280bf769f2"
x-amz-server-side-encryption: AES256
content-type: text/css
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13872
x-amz-cf-id: rWeEgmAVK4Vmnuck6mZ8Q3wuirYLPnUZeuT_K5HRsxQW4XdIbYlr6A==

GET
H3 200 swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/6.4.5/ 13 KB
4 KB 47ms
28ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.4.5/swiper-bundle.min.css

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4620524f7a08c502887be3119a9174305cce8939e89b4c7f365a8043b4dd54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 900576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3563
last-modified: Fri, 18 Dec 2020 18:53:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fdcfa8c-3572"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSIw3GDCsZHB2MopGAXoTI0OaGuxGiU2idAZJdEBiakOjHLp%2FuSNJm0TjzVUjbi13e8lDtGpAoVLxPkt7SQrFTWY5oSdMMrG7HP78XtpUyq%2FhOgQSgy4AhinC7Qz5NulZpD00F1wiiSYNvZbKKhPdcVu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c493a990c869f1d-FRA
expires: Sun, 07 Sep 2025 12:51:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 24 KB
2 KB 51ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300&family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a09138c313f9d0ca3ee7b54346e5c29a9ca1cc8f4f22e5fd25d3e5e58d95cfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Sep 2024 12:51:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Sep 2024 12:51:39 GMT

GET
H2 200 index.9af13005.mjs Show response
bluehens.com/ 1 MB
458 KB 261ms
258ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/index.9af13005.mjs

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

889ec42f6dd83d6d7a544065ce18b7fe0ca1057b99deec003c17e2c5cc4a7b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"16ca85-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 290) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=20658, public
content-length: 468695
expires: Tue, 17 Sep 2024 18:35:56 GMT

GET
H2 200 index-0d880305.css
bluehens.com/assets/ 769 KB
126 KB 89ms
86ms Stylesheet
text/css 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/assets/index-0d880305.css

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d880305402b8dcc7b205e3cb2da9371eac22f1a6f68f0867c7e76911ed26570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"c050c-191e0db15a0"
content-type: text/css; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 288) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=13612, public
content-length: 128810
expires: Tue, 17 Sep 2024 16:38:30 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 150 KB
52 KB 117ms
87ms Script
text/javascript 2606:4700:4400::ac40:9312
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9312 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240a1349e50b0056e0785ed5b04419aa1f904bdf8fe5ac9ce26da45a179de4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8697
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"9e1aa15507f99c8a2449c2f3f17f02dc"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 8c493a9929744db3-FRA
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:52:39 GMT

GET
H2 200 htlbid.css
htlbid.com/v3/bluehens.com/ 7 KB
1 KB 439ms
407ms Stylesheet
text/css 13.32.27.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/bluehens.com/htlbid.css
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa03c1564665a66ffb3f9c8758985c498207dd7c2b7a242f5d9730acb6bfc027

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Sat, 14 Sep 2024 03:42:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"c3f9c9fedcb104dcfacf61bdc628bad7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: uYDgsJkxG4hWOQjUR7p3F6xOC36Ls7MPNrVMGkkCPbs4yxY2A14vPA==

GET
H2 200 footer_edu.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 5 KB
6 KB 42ms
9ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/footer_edu.svg
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7dcbe275b0cc54589a87fcc079f489635faf570315ec4badc81292c4034caff

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:07:22 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 27858
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:06 GMT
vary: Origin
etag: "43f3bb36c36897e057bff90bea13b7f4"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 5425
x-amz-cf-id: v4T-11CblLwYw8JhMY7oRfnihIt85_lfn4dzJfaapCjYx55ES_r_ww==

GET
H2 200 footer_logo_ncaa.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 2 KB
3 KB 40ms
7ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/footer_logo_ncaa.svg
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3793a3122a488b00007ec5ff134108533a1ae22e1426f75b359e42b4cfca079

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:07:22 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 27858
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:06 GMT
vary: Origin
etag: "85c591e112422850c6b0c77428716fdc"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 2175
x-amz-cf-id: YlPiWZu0tcGUlIRNp26_3NSUN1iJA5K9FHNhEJoQxXn8HX1FZP9Jmg==

GET
H2 200 footer_logo_caa.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 2 KB
2 KB 9ms
9ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/footer_logo_caa.svg
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d2323f1f6973752d684815563bf4d734c559e4347b4ebee8580e595435963bd

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:53:45 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 25075
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:07 GMT
vary: Origin
etag: "b46c7451d27825cb5c48e5f3fe98963e"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 1840
x-amz-cf-id: jhJ_85NOJT9faqVJ0vatvzw5ZUkfIkL_88VS2IGqXwt4oGUPtbcAkA==

GET
H2 200 footer_logo_flosports.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 9 KB
10 KB 9ms
9ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/footer_logo_flosports.svg
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 672aec32d6a3ab9b22652a35184d5865e9f7169eacc7ada30287b83f1634849d

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:21:05 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 48635
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:07 GMT
etag: "89d9d1b4296ff32112c50a59b1105dcf"
vary: Origin
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 9534
x-amz-cf-id: WWKRujFbRu2Z3k6YVYcFDG-h2RsmvHqxl5lZW3AI9CP3vlEC1Hd4lg==

GET
H2 200 footer_logo-adidas.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 1 KB
2 KB 8ms
8ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/footer_logo-adidas.svg
Requested by: Host: bluehens.com
URL: https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c9885c979a5326a684561c8374e4173b1e3e5269015378defc36dd875efafba

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:21:05 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Thu, 25 May 2023 15:27:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 48635
x-amz-meta-cb-modifiedtime: Thu, 25 May 2023 15:25:23 GMT
etag: "e5347f42dc0132014664d3731bbb4bac"
vary: Origin
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 1128
x-amz-cf-id: Hrly1afBjc2V8GfwmjMZsBJTScijyYiK8HmEjl7w3sv_XZfFD_793Q==

GET
H2 200 _Incapsula_Resource Show response
bluehens.com/ 87 KB
21 KB 94ms
94ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1573272202

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0deec1d24fc7c4ec53a25f553b745db2fd23a4956e1af704b06cc6e8a15cbbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21092
content-type: application/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 58ms
15ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cvi3mxg&ht=tk&f=49469.49476&a=13031040&app=typekit&e=css
Requested by: Host: bluehens.com
URL: https://bluehens.com/assets/index-0d880305.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx
etag: "6649f74c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 ui.js Show response
transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 313 KB
87 KB 54ms
42ms Script
text/javascript 2606:4700:4400::ac40:9312
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9312 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8067287fc9283a84bfb20c6bfa2e4a9b63602a645831bbfffb3ef7066b3480c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12652
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f32a0a8bdd10665ca778fbec1b47a857"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 8c493a9b2b6c049f-FRA
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:52:39 GMT

GET
H3 200 cm.css
transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 17 KB
4 KB 29ms
28ms Stylesheet
text/css 2606:4700:4400::ac40:9312
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9312 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20da7195227c6b983133610b35fe4e1d7f00bbdcd49363b52c16fb37fe0f6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14615
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"dd7f714aa00e011928bd113609b238ad"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 8c493a9bbcd44db3-FRA
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:52:39 GMT

GET nav_logo_main_alt.svg
dbukjj6eu5tsf.cloudfront.net/bluehens.com/images/sng_2022/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 57ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300&family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 11:51:39 GMT
x-content-type-options: nosniff
age: 3600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Sep 2025 11:51:39 GMT

GET
H2 200 l
use.typekit.net/af/4a5f61/00000000000000007735fa47/30/ 22 KB
22 KB 81ms
17ms Font
application/font-woff2 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4a5f61/00000000000000007735fa47/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: bluehens.com
URL: https://bluehens.com/assets/index-0d880305.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cc3d4e2704576a7c3407e0eb06975553281ff9198a7d3bd34cafd7c666ce4f62

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
server: nginx
etag: "5d5d636908645745a406ca27465c97eb4c8911cb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22732

GET
H2 200 l
use.typekit.net/af/39cc4b/00000000000000007735fa4e/30/ 22 KB
22 KB 82ms
18ms Font
application/font-woff2 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/39cc4b/00000000000000007735fa4e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: bluehens.com
URL: https://bluehens.com/assets/index-0d880305.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 826c9bfceb01d5697ab84a0a9209a0f015f1ec0a72387483040678d37757343d

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
server: nginx
etag: "fc26fb6ed546db1209615236c9de4728aef7806a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22688

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 58ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300&family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:52:45 GMT
x-content-type-options: nosniff
age: 302334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Sep 2025 00:52:45 GMT

GET
H3 200 en.json Show response
transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/ 11 KB
2 KB 33ms
32ms Fetch
application/json 2606:4700:4400::ac40:9312
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/en.json

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9312 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

378ead8d61543d7cae599eb64a5d678ddcd5e4c8e9accdff0c91c29a7f68e59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12652
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"06134954b20d8d7d4b739fa4ef061ff7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 8c493a9bdc31049f-FRA
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:52:39 GMT

GET
H2 200 _Incapsula_Resource
bluehens.com/ 1 B
36 B 88ms
87ms Image
text/plain 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluehens.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5492323453405259

Requested by

Host: bluehens.com
URL: https://bluehens.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 Sports Show response
bluehens.com/api/v2/ 48 KB
6 KB 169ms
169ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/Sports

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d9545dbea1e9d8984ddb800a95899ef8ff350fccde1d5b93cbe62ce85d80a408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-5b1684d8ec64810b3954153316094026-5f7c3dda0cb40cc9-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29400800 2NNN RT(1726577497825 795) q(0 0 0 -1) r(0 0) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 Takeovers Show response
bluehens.com/api/v2/ 48 B
204 B 118ms
118ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/Takeovers?sportId=0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dcb81ed41f6b4255377e7a2a866773930ad6bac545b034aa3c2c858f944d878a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-b1963865102dde747bf45e49a37b0134-445e19ff726e22fc-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403086 PNNN RT(1726577497825 969) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 favicon.ico
bluehens.com/ 27 KB
27 KB 90ms
89ms Other
image/x-icon 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

47bfdf3614a012aeb8ed893f49576aef5a2196bdc16ad3e442ac15111a680f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sat, 09 Mar 2019 18:13:07 GMT
x-cdn: Imperva
etag: W/"c2c7fbbea3d6d41:0"
content-type: image/x-icon
access-control-allow-origin: *
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1037) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=11277777, public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 27146
expires: Sun, 26 Jan 2025 01:34:35 GMT

GET
H2 200 AppLayoutComponent.es.1a6ad55c.mjs Show response
bluehens.com/ 7 KB
3 KB 92ms
91ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/AppLayoutComponent.es.1a6ad55c.mjs

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

261bf1b13de1464257b0a9813a137752fe266ec50cfd69ef55bbd68c75d9b797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"1c39-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1095) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=20919, public
content-length: 3349
expires: Tue, 17 Sep 2024 18:40:17 GMT

GET
H2 200 AlertComponent.es.b96328db.mjs Show response
bluehens.com/ 2 KB
1 KB 94ms
93ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/AlertComponent.es.b96328db.mjs

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

82f2eeca26e7101b39b913803c6694d340aabdaa1eea1983259394b4eeb45e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"888-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1097) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24710, public
content-length: 1180
expires: Tue, 17 Sep 2024 19:43:28 GMT

GET
H2 200 search Show response
bluehens.com/api/v2/TrackingTag/ 8 KB
2 KB 158ms
157ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/TrackingTag/search?PageTemplate=home-page

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3ebdb3917299b898bb74e4f7145dcdaf48d7ad3d88626ad9eb73c771b96697c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-8fa2c2e5ce0f6d43f922f2e5b1e8ce3e-275d645df5cd4f22-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403051 2NNN RT(1726577497825 1132) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 SidearmContainerComponent.es.5e0fe32a.mjs Show response
bluehens.com/ 543 B
445 B 89ms
88ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/SidearmContainerComponent.es.5e0fe32a.mjs

Requested by

Host: bluehens.com
URL: https://bluehens.com/index.9af13005.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3a7d73ff4dd45c335055f2b5397dc27624b43b0b3c91a7504bc1a90f473a79a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/index.9af13005.mjs
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"21f-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1208) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=20658, public
content-length: 319
expires: Tue, 17 Sep 2024 18:35:57 GMT

GET
H2 200 SCommonFooter.es.5fcd8b26.mjs Show response
bluehens.com/ 24 KB
10 KB 89ms
89ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/SCommonFooter.es.5fcd8b26.mjs

Requested by

Host: bluehens.com
URL: https://bluehens.com/index.9af13005.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e83aef0486f83f3fd8d09b9b5917a9cf83813bad1ed9ac8eed3a4c83b7c4dcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/index.9af13005.mjs
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"60a8-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1210) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=18257, public
content-length: 9647
expires: Tue, 17 Sep 2024 17:55:56 GMT

GET
H2 200 SSplashScreen.es.800dfe1f.mjs Show response
bluehens.com/ 5 KB
2 KB 92ms
92ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/SSplashScreen.es.800dfe1f.mjs

Requested by

Host: bluehens.com
URL: https://bluehens.com/index.9af13005.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c2a35dde3f574f62c783bcd036b8ba4abaf686cfa470d922e0efad5afbf04e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/index.9af13005.mjs
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"1323-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1211) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=20721, public
content-length: 2198
expires: Tue, 17 Sep 2024 18:37:00 GMT

GET
H2 200 sidearm-icons.svg
bluehens.com/ 107 KB
38 KB 92ms
92ms Other
image/svg+xml 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/sidearm-icons.svg

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:18 GMT
x-cdn: Imperva
etag: W/"1ac0a-191e0db0dd0"
content-type: image/svg+xml
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1222) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=11448, public
content-length: 38506
expires: Tue, 17 Sep 2024 16:02:27 GMT

GET
H2 200 StoriesComponent.es.746bf834.mjs Show response
bluehens.com/ 1 KB
726 B 90ms
90ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/StoriesComponent.es.746bf834.mjs

Requested by

Host: bluehens.com
URL: https://bluehens.com/index.9af13005.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

665d637a565cc943581c859a2cb016cd0c53958e555e94766c00c610d013c759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/index.9af13005.mjs
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"4f5-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1228) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=17019, public
content-length: 567
expires: Tue, 17 Sep 2024 17:35:18 GMT

GET
H2 200 YoutubeComponent.es.92ba59b8.mjs Show response
bluehens.com/ 1 KB
750 B 90ms
89ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/YoutubeComponent.es.92ba59b8.mjs

Requested by

Host: bluehens.com
URL: https://bluehens.com/index.9af13005.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c16fa6bcb0c4e2b88271f6c4d391e51f84703cdeb96b70bd8cf1c46d97600470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/index.9af13005.mjs
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"489-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1229) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=18193, public
content-length: 551
expires: Tue, 17 Sep 2024 17:54:52 GMT

GET
H2 200 SAdBlockModal.es.52a713b6.mjs Show response
bluehens.com/ 2 KB
1 KB 91ms
90ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/SAdBlockModal.es.52a713b6.mjs

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7d5a94636194d7f14e5a086920e43d89b2d960e9e862d0a60295afa183a16e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"84f-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1244) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24709, public
content-length: 1213
expires: Tue, 17 Sep 2024 19:43:28 GMT

GET
H2 200 SBaseModal.es.78161c54.mjs Show response
bluehens.com/ 3 KB
2 KB 92ms
92ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/SBaseModal.es.78161c54.mjs

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9d886f88c420c50ec1541fce0ab04c920e89c3d8130319634ab8f88503f0768e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"ce8-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1246) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24549, public
content-length: 1676
expires: Tue, 17 Sep 2024 19:40:48 GMT

GET
H2 200 _plugin-vue_export-helper.es.f875bd67.mjs Show response
bluehens.com/ 91 B
266 B 93ms
92ms Script
application/javascript 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/_plugin-vue_export-helper.es.f875bd67.mjs

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a327f39e40209aee900ef0744926566b04efefa5c01632857a178aa0366130bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:20 GMT
x-cdn: Imperva
etag: W/"5b-191e0db15a0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1247) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=15225, public
content-length: 102
expires: Tue, 17 Sep 2024 17:05:24 GMT

GET
H2 200 navigation Show response
bluehens.com/api/v2/ 185 KB
12 KB 231ms
231ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/navigation

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a2a697127960096aa9099abe9b938096f7596f2ffcc286e53771ad9b9e492d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-272bc241c8597e13efb54665fcd31d3a-7d02d13e1acd86c8-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403051 2NNN RT(1726577497825 1258) q(0 0 0 -1) r(2 2) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 navigation Show response
bluehens.com/api/v2/ 185 KB
12 KB 454ms
219ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/navigation

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a2a697127960096aa9099abe9b938096f7596f2ffcc286e53771ad9b9e492d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-6510a3822b01f41eab4b95daa2a90377-5c551b6290eddc32-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403193 2NNN RT(1726577497825 1479) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 header_decal.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 328 B
737 B 12ms
12ms Image
image/png 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/header_decal.png
Requested by: Host: bluehens.com
URL: https://bluehens.com/assets/index-0d880305.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489e58aff3ba709bd61876a17bd013616e9a84f3642ef66d7279da2aaf89ccfa

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 07:54:06 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 17853
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:07 GMT
etag: "256f3aebd8e24c8f1eb7d0dda8de7291"
vary: Origin
x-amz-server-side-encryption: AES256
content-type: image/png
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 328
x-amz-cf-id: CmAx1YoQQpSRH7cVuLQ0XWQinay8zXKSjh4rhdjoaN3XpaQubymSrQ==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300&family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 11:51:05 GMT
x-content-type-options: nosniff
age: 3635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Sep 2025 11:51:05 GMT

GET
H2 200 0 Show response
bluehens.com/api/v2/promotions/quick-links-d81be9/ 2 KB
868 B 222ms
221ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/promotions/quick-links-d81be9/0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f20bff41be927fdc540c22522dbd54d587acdef165570dd6b04a6b8f7583d594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-06b87abbf035333b3c7175c9663b905f-af86b26a44b7efb5-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403094 2NNN RT(1726577497825 1260) q(0 0 0 -1) r(2 2) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 active Show response
bluehens.com/api/v2/Alert/ 2 B
336 B 122ms
122ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/Alert/active

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-5a9d367eb960038b2bd5ec1a5c9af633-76c212834ff0ae32-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29400800 2NNN RT(1726577497825 1261) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 campaigns Show response
bluehens.com/api/v2/Slideshows/1/ 41 B
192 B 121ms
120ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/Slideshows/1/campaigns?sportId=0&id=1&$pageSize=1

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1e6a6de58e68447bdc61d002eb8ac448e4a7734c42d1724a14455f4e3d371a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-8e0e60fae3f0110c364e77904b3918eb-a86be84afd1e7990-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403086 PNNN RT(1726577497825 1266) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 nav_logo_main_alt.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 18 KB
19 KB 14ms
14ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/nav_logo_main_alt.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43da9af6bdb69ac8b2284b487cc03b68ae1fa6a54cc8ceabae3ce7983973e7bc

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 01:08:28 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 42193
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:06 GMT
vary: Origin
etag: "3e01a41df5757ccf2626772c950b483c"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 18913
x-amz-cf-id: K5QWRwf3pAyJPHiaYOKPZRnd7ujsC74Us6LoiZ5ursnYXeN_Zqdyow==

GET
H2 200 ImageGalleries Show response
bluehens.com/api/v2/ 28 KB
3 KB 193ms
193ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/ImageGalleries?$pageIndex=0&$pageSize=3&sportId=0&includeImages=true

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

320780b4f916d14c60c94a8462f19524cc86c8a6d91f2442921a6e4b18e7d376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-f9cf9220567f99b54c49a6f4f6f74fa0-19441bf92f212238-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403179 2NNN RT(1726577497825 1293) q(0 0 0 -1) r(0 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 upcoming Show response
bluehens.com/api/v2/EventsResults/ 8 KB
2 KB 297ms
297ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/EventsResults/upcoming?$pageIndex=0&$pageSize=5

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c0d7af53600777e9a9f9b3b79ea1d80d6459d11da7dd4996b7583655452e92c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-90737c3e625129b6e5c31723c2f0aae2-55df39e0e5b3966c-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403181 2NNN RT(1726577497825 1295) q(0 0 0 -1) r(0 2) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 results Show response
bluehens.com/api/v2/EventsResults/ 12 KB
3 KB 240ms
240ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/EventsResults/results?$pageIndex=0&$pageSize=5

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b50486199bd4c75d6237f9d1ab011d303a2114ad84602dc78f53338e990afc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-9c14a00a3370dd012d0e84909debf197-6063cee5a28da70b-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29400800 2NNN RT(1726577497825 1296) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 awards Show response
bluehens.com/api/v2/ 4 KB
2 KB 199ms
199ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/awards?$pageIndex=0&$pageSize=1&hideExpired=true&sportId=0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9565a8da59474dbed6322381ac1239d2262a9248553f94215d60d1728075feeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-fdee4b73429b73797bc29a2c9e8b8978-d13d3939df683548-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403184 2NNN RT(1726577497825 1298) q(0 0 0 -1) r(0 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 0 Show response
bluehens.com/api/v2/promotions/promo---homepage---bottom-a4532b/ 2 KB
1007 B 264ms
264ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/promotions/promo---homepage---bottom-a4532b/0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2401ddaeaaa3b774108ca920fd3448526ea7efef3f82a6d498e0b3c5aea0cbf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-369f91ee63d6bf512f6c8017cafb9833-d53cba20ecb2e4b8-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403193 2NNN RT(1726577497825 1302) q(0 1 1 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 0 Show response
bluehens.com/api/v2/promotions/promo---homepage---top-c5686e/ 3 KB
1 KB 269ms
269ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/promotions/promo---homepage---top-c5686e/0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5c72b7e576e67277de51c4f959de06d64680dfaf638808bc441de02ce390a93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-52be0243cb77d74a465c1e1dc59d50f0-85468e67ec01b627-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403194 2NNN RT(1726577497825 1310) q(0 1 1 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
102 KB 65ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MF7GT4BB50

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c8348da1b78da1d06a1b058b883353b584a45b185898effc844c1e458579a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
85 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d93c0c9a3bc136e8834500e8edf9fcac034084a6b3dcb03e6124cd66a773647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87189
x-xss-protection: 0
last-modified: Tue, 17 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
75 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6R675

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99a770454db5dfc7b53c0cb4c9bf8a9fe95f6c43e914efdea84a027ed2a9b173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76537
x-xss-protection: 0
last-modified: Tue, 17 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H2 200 htlbid.js Show response
htlbid.com/v3/bluehens.com/ 592 KB
143 KB 418ms
417ms Script
application/javascript 13.32.27.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/bluehens.com/htlbid.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 512df9c5e1788c7b0aab3c25438d90463a98cf6fc258fcf348f36b80953a6c7d

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: br
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Sat, 14 Sep 2024 03:42:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"4e96567ebb278d8faccaffcc06a3ddcc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: 7ggH7222m11-qV9E3OBj_Rbq5rFte-irNlLdU84SNKIbZ_mK-7boWA==

GET
H2 200 0 Show response
bluehens.com/api/v2/promotions/sponsors-9f6003/ 3 KB
1004 B 180ms
180ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/promotions/sponsors-9f6003/0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f71b86a8f6d6ddc96b6574593a261a06d73085d13d184c9a90c7f2c7c6f0e98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-26d2877466659bfe77a31ad457c1571c-da72fe2938686601-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403179 2NNN RT(1726577497825 1321) q(0 1 1 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 0 Show response
bluehens.com/api/v2/Splash/ 29 B
182 B 291ms
291ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/Splash/0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

299363f8bd010b882bc4a4530bc911dfa341bbd28f5b63dd69d9d4cf5b9d89be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-e0cf1b1740348c10b48f6c5fce22531f-973150a86ae95f19-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403086 PNNN RT(1726577497825 1323) q(0 1 1 -1) r(2 2) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 23ms
10ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 17 Sep 2024 12:51:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4447, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: h/vVoGJX9h+xKHstvwjiuIC0h5gEvFuM76Kmk0glrSPI++fAejOPqzZNOCeBCUt/0YMRgHfadjLeHk1BylmyvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 65ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faf4bbc260d0c1d77705d2a53a89341dc12dba39b65f068af230f49cc992dfd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52259
x-xss-protection: 0
server: cafe
etag: 717601775470363365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 22 KB
8 KB 62ms
15ms Script
application/javascript 23.48.23.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-17.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 17 Sep 2024 12:51:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jun 2024 17:09:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"667310b3-587e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 7929
Expires: Wed, 18 Sep 2024 12:51:42 GMT

GET
H2 200 stories Show response
bluehens.com/api/v2/ 3 KB
2 KB 288ms
285ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/stories?$pageIndex=0&$pageSize=1&sportId=0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

da73859f474fbec300751d540c59ce5cb974dc6f07b5e4b8b0190381840a4213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-0bd7af0561b60a7075f40a7634823aa9-2bd6c53f5c3487ef-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403051 2NNN RT(1726577497825 1353) q(0 1 1 -1) r(2 2) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 stories Show response
bluehens.com/api/v2/ 28 KB
6 KB 191ms
189ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/stories?$pageIndex=0&$pageSize=5&sportId=0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

44f47c514fadfd628eda9c1ad524d7bd4d566ca932202aae98d421f00602637a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-9f87d9809531e9f3828467f0e90c41ed-a3474a4751a61b14-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403179 2NNN RT(1726577497825 1355) q(0 1 1 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2 200 youtube Show response
bluehens.com/api/v2/videos/ 3 KB
779 B 270ms
264ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/videos/youtube?$pageIndex=0&$pageSize=3&sportId=0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

feef6112b27f8c4da86e112ecdb91725786a6577f22b8558fcfb08605ca4f5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-13c32ce12778febe3af9fb17b6327837-04043f29f0a67077-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403094 2NNN RT(1726577497825 1373) q(0 1 1 -1) r(2 2) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

HEAD
H2 404 prebid-ads.js
bluehens.com/js/ 0
0 259ms
255ms Fetch 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/js/prebid-ads.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-iinfo: 4-29403079-29403202 NNNN CT(22 25 0) RT(1726577497825 1374) q(0 1 2 -1) r(2 2) U6
date: Tue, 17 Sep 2024 12:51:40 GMT
access-control-expose-headers: x-trace
strict-transport-security: max-age=15724800
x-cdn: Imperva
x-trace: 00-057baca1db88510891264e9f3ab55ae0-0f6f7bf45a971efd-00
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
102 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MF7GT4BB50&l=dataLayer&cx=c

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7408c0895d94d56a8b6650b5cc609c1a7990512a59ef3de99dfac479435c956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Sep 2024 12:02:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 17 Sep 2024 14:02:04 GMT

GET
H3 200 313252352863949 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 187ms
186ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/313252352863949?v=2.9.167&r=stable&domain=bluehens.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2383f85a7170bf59dfcc0dcc91b738e5c13020f80d7b9c95a7c118b09c8e3124

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 17 Sep 2024 12:51:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=70, mss=1232, tbw=67149, tp=63, tpl=0, uplat=170, ullat=0
pragma: public
x-fb-debug: gieU13M6FF383L+44opxvEY10ZNPoQG2CSeu0Yr65k/dvgOCpSceVPWh5AkMXHreZ2uPEmqhF7//q5W5LiF9Yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
102 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88a189a6c8aa737d170e91edb72ab80a93cac76eba6421c476a5be581f32d92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Sep 2024 12:51:40 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 42ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MF7GT4BB50&gtm=45je4990v9188804687za200&_p=1726577500045&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=284746157.1726577500&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726577500&sct=1&seg=0&dl=https%3A%2F%2Fbluehens.com%2F&dt=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1574
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
308 B 35ms
9ms Fetch
application/xml 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=ea640bee-8049-48ab-bfa3-4744f3564853
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
server: nginx/1.23.4
access-control-max-age: 0
access-control-allow-methods: GET, OPTIONS
content-type: application/xml
access-control-allow-origin: https://bluehens.com
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.72; 45.141.152.72; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
access-control-allow-headers: Content-Type
content-length: 9

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 416 KB
140 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6273736034387105&plah=bluehens.com

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad01454af06cff27ed20146fb3dc5a7aa071d273d4f56a8ae221d46a0d77a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142864
x-xss-protection: 0
server: cafe
etag: 1628534529965040255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H2 200 convert
images.sidearmdev.com/ 328 KB
329 KB 57ms
30ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F9%2F16%2FDSC02600.jpg%3Fwidth%3D1024%26height%3D809&gravity=smart&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

fa656529e6da98fa46f1b7f616a66f8b8dff64d7fea0746beed4dcb9ee27cf0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 15:17:44 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 77636
x-cache: Hit from cloudfront
content-length: 336194
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 0kAW0s7zZmLB8d3pF8gYcr4EH9cis8Sr1lTh7gEgdpt1feWJ1WK-ww==
expires: Tue, 17 Sep 2024 15:17:42 GMT

GET
H2 200 convert
images.sidearmdev.com/ 159 KB
160 KB 36ms
9ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F9%2F15%2Flily_rogers_team__3_.jpg%3Fwidth%3D682%26height%3D1024&gravity=smart&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

f621bae238565c8e21af9ae8558d991cfa608a167a8fb234536a620d3031ca51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:05:04 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 27996
x-cache: Hit from cloudfront
content-length: 163086
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 6_NxfJMgNnwqoNp9cqnjkDwgiqbr-eAyRh0rHlF8a4tbBUTA0FBA3w==
expires: Wed, 18 Sep 2024 05:05:03 GMT

GET
H2 200 convert
images.sidearmdev.com/ 266 KB
267 KB 52ms
25ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F9%2F9%2FDSC09866.jpg%3Fwidth%3D1024%26height%3D682&gravity=smart&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

58c40ce2ddae08a0c6cabc8f7cee6ac30c980bee7d50a21c7fefb5ecf1957475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 16:48:48 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 72172
x-cache: Hit from cloudfront
content-length: 272668
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Wdn-1oeTuSWOqRW7Xl92_cQ5LEtitMvHkZqOsGoZut34AmuKsGOqfw==
expires: Tue, 17 Sep 2024 16:48:47 GMT

GET
H2 200 crop
images.sidearmdev.com/ 10 KB
10 KB 65ms
44ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F7%2F29%2FWSOC_Headshots_Kyla_ydPBL.jpg&width=330&height=336&gravity=north&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

bdb22f8b3b21dafccd5bc8f3580c2d5e6167edd2473e9f840789e082e70034b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 10:56:20 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 6920
x-cache: Hit from cloudfront
content-length: 9776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 9dTOCI4VcJZk4ebykYlR5sywIqfDq1REBW-5tn03QOYS515qb1Faqw==
expires: Wed, 18 Sep 2024 10:56:20 GMT

GET
H2 200 sidearm-icons-social.svg
bluehens.com/ 22 KB
10 KB 103ms
103ms Other
image/svg+xml 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/sidearm-icons-social.svg

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bbb8b9f5fc594127d8fe002c55a30fec474a401c7547fcb64b24052e5deb6474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 11 Sep 2024 11:32:18 GMT
x-cdn: Imperva
etag: W/"58d4-191e0db0dd0"
content-type: image/svg+xml
x-iinfo: 4-29403079-0 0CNN RT(1726577497825 1545) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=17662, public
content-length: 9946
expires: Tue, 17 Sep 2024 17:46:01 GMT

GET
H2 200 convert
images.sidearmdev.com/ 6 KB
7 KB 14ms
12ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F8%2F22%2FGrotto_Pizza.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

31cea4c4ee0c90aedbd742bcd5e5fff78ee6deca7d1f93831d3509cb4204ec9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:43:29 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 79691
x-cache: Hit from cloudfront
content-length: 6318
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: p3M13nphhx_E4nyZ0LdV2oY9aTqG6uqprWPKgdCpqeHOqCUf1iCEfQ==
expires: Tue, 17 Sep 2024 14:43:29 GMT

GET
H2 200 convert
images.sidearmdev.com/ 5 KB
5 KB 15ms
14ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2022%2F11%2F3%2Fchristianacare.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

0f084592c4ab3b6302b9a05e04b1a598ee935f3015e14896e0fd50f68559ffa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:50:27 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 82873
x-cache: Hit from cloudfront
content-length: 5034
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Maej6Kd__4OQEIz8wm7mv5Yg39kuTj6R9-uT6zmWuVlLGbVnWABmNQ==
expires: Tue, 17 Sep 2024 13:50:27 GMT

GET
H2 200 convert
images.sidearmdev.com/ 6 KB
6 KB 16ms
15ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2023%2F8%2F31%2FDART_logo.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

2bb20826ef7814c64f550422f72e4b97f7d5c670c4c1bd3307e6954073ce4974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:56:30 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 82510
x-cache: Hit from cloudfront
content-length: 5684
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: im7nJ_YR-UlzXf_VcTJaQ9pbAaUgqN1MPl3gZixBowHTG2jG0kWOQw==
expires: Tue, 17 Sep 2024 13:56:30 GMT

GET
H2 200 convert
images.sidearmdev.com/ 3 KB
3 KB 18ms
17ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2022%2F11%2F3%2FDOS.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

e50b51033781f5b21b3bb58df03e951c39151170a840d8194f531b57b81983a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:00:47 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 82253
x-cache: Hit from cloudfront
content-length: 2656
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 99
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 0hGgfdwuZEYqa-BI_OnNq_kBZ0e4ES_wHA1nvekdgZ4EJrGjod8vqg==
expires: Tue, 17 Sep 2024 14:00:47 GMT

GET
H2 200 convert
images.sidearmdev.com/ 4 KB
4 KB 23ms
23ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2022%2F11%2F3%2Flotto.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

a475f1f21a3e5d8212919acace9b69f42ebffa28f2c2c50dc17704e401b45b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:56:30 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 82510
x-cache: Hit from cloudfront
content-length: 3738
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: ctYB_CRKfE8MV_oTrMxJdx9X1FaETAo2sn_f4hNFi6gFc843A-VZ5g==
expires: Tue, 17 Sep 2024 13:56:30 GMT

GET
H2 200 convert
images.sidearmdev.com/ 4 KB
5 KB 21ms
20ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2023%2F9%2F29%2Fhighmark.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

7527b35a2b68d64b19f0ceb682c1cb6ec1cba8fcd3ac1e1cba6b9a2e58864e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:56:30 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 82510
x-cache: Hit from cloudfront
content-length: 4276
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 5LLjgwnT4v0qPscNXTKoXilehA6FLsIANhtlQMomnijPXKqzg8HPIQ==
expires: Tue, 17 Sep 2024 13:56:30 GMT

GET
H2 200 nav_logo_main.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/ 19 KB
20 KB 17ms
11ms Image
image/svg+xml 108.138.24.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/bluehens.com/images/sng_2022/nav_logo_main.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 429c944a58d8fcd45458b8b30352b0124ef4f9f4bbf93a7ee7cb6ee87518b01f

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:21:10 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 12:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 48631
x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2022 13:29:08 GMT
etag: "170bf1a3e50253a74367a9938377c0fc"
vary: Origin
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19647
x-amz-cf-id: pOyV0rWZ_COtUC6mBOU7rMHm165S_xxlzm-ElqsmYxWywTaEC9JsHw==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Howard.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fHoward.png&type=webp

5 KB
5 KB

11ms
11ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fHoward.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

95534fa1d8dc0b194ae4a4acc1845bbc78ea58ef207faba74ee50d8a54a14264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 16:34:22 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 73038
x-cache: Hit from cloudfront
content-length: 4950
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: BaUJZuJ_pO9DTw5A3swQYWglvCMHiveWvD7FOlaWsX9W4HNBxlTwqw==
expires: Tue, 17 Sep 2024 16:34:22 GMT

Redirect headers

date: Mon, 16 Sep 2024 23:07:41 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 49439
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 60-96076032-96074073 3NNN RT(1726528060700 189) q(0 0 0 0) r(1 1) U11
content-length: 284
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fHoward.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: g31LA3bpg6NK53P-IXAJbWhM91jU9lb8pIZ5z20WSp3kk16kEtMXIg==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/uiowa.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fuiowa.png&type=webp

12 KB
12 KB

13ms
13ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fuiowa.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

ed3735c10539c4dc3e2b2109bae96611875c462cf6ad65b56ee2ce7c3877feb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:05:04 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 27996
x-cache: Hit from cloudfront
content-length: 11982
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 0-KwFFILFhOlgsLJAmqefcCibo9dfua6h_87i8_8Zdz7X_foCXka5g==
expires: Wed, 18 Sep 2024 05:05:04 GMT

Redirect headers

date: Tue, 17 Sep 2024 10:24:36 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 8824
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 1-44461921-44454758 3NNN RT(1726568675404 200) q(0 0 0 2) r(2 2) U11
content-length: 283
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fuiowa.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: YdafZEsXd_3KRRbQhJB_bRQ9X2tdbN10o85ToX6iSuXZ0DumCJSANA==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/George_Mason_UpdatedLogo.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fGeorge_Mason_UpdatedLogo.png&type=webp

5 KB
6 KB

9ms
8ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fGeorge_Mason_UpdatedLogo.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

dac9bbaa630ab73ec09cdb11d5c7b8482f8907074a9fdd2f47b7e5b57d27f501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 18:10:11 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 67289
x-cache: Hit from cloudfront
content-length: 5608
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: TcwUJ3wYZxDlNSJFQPgQKv9T2vVd4J3l18xEi8j3KJrpMXRwN4rZTw==
expires: Tue, 17 Sep 2024 18:10:11 GMT

Redirect headers

date: Tue, 17 Sep 2024 00:24:33 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 44827
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 14-38158143-38129491 3NNN RT(1726532673155 90) q(0 0 0 0) r(1 1) U11
content-length: 302
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fGeorge_Mason_UpdatedLogo.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: -ck1Y_5FYIJ4TBgKxcg8KkO7gn2tyDDCwaTaj6nd18F2kgdEOpURXw==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Penn-State.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fPenn-State.png&type=webp

6 KB
7 KB

10ms
9ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fPenn-State.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

efa5908377a06dfc19d325208c011d75ab3f324b1aff6429da0812dfe6bf99cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:18:43 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 48777
x-cache: Hit from cloudfront
content-length: 6154
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Py-HWSz1mcJCIC6p5vXFF99UHekeI2NtCVO0q-NhCySMauoapyfWXg==
expires: Tue, 17 Sep 2024 23:18:43 GMT

Redirect headers

date: Tue, 17 Sep 2024 07:45:49 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 18351
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 10-96199113-96162887 3NNN RT(1726559148756 198) q(0 0 0 0) r(1 1) U11
content-length: 288
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fPenn-State.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: S3J13tUtlq8GrgY7awRG39WZmhpNQ1ENSRf8wo7SVnZLkotlKu3gew==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/unh-logo.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2funh-logo.png&type=webp

11 KB
11 KB

12ms
12ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2funh-logo.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

0be60c08bd1b8632447087f0e14881a107d352f2c2020f49f494ecdc8cacc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:16:42 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 63298
x-cache: Hit from cloudfront
content-length: 11120
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: FR31r5h4WqOqO4LHazgEZQy7KRyKTh3V_d_u7udbTDmCoFkTVaNEAg==
expires: Tue, 17 Sep 2024 19:16:42 GMT

Redirect headers

date: Tue, 17 Sep 2024 09:39:10 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 11550
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 4-29814873-29813962 3NNN RT(1726565949787 188) q(0 0 0 0) r(2 2) U11
content-length: 286
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2funh-logo.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: J3-uM7dyELG4t5Rj59awW8jeC9ZWchewL6mG3sgzyxsal_WGf5CSuA==

GET
H2 200 convert
images.sidearmdev.com/ 117 KB
117 KB 9ms
9ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F3%2F27%2Ffb_x_2024tickets_x_web.jpg&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

47bb58b1ff35e7367406d53e82283a06e384ca8cd14874fd205db869ef585124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:34:23 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 80237
x-cache: Hit from cloudfront
content-length: 119372
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: zxnREh7GvrEQffryBOH2tso60kxC-l15fx7bg7VsPbCd00dE89SkXw==
expires: Tue, 17 Sep 2024 14:34:22 GMT

GET
H2 200 convert
images.sidearmdev.com/ 30 KB
31 KB 13ms
12ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2022%2F11%2F1%2Fblue_and_gold_1440x350_VPhIR.jpg&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

439f78788495e47e4087f53103b765b65552d650b016b40adc252e9629c590a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 00:51:30 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 43210
x-cache: Hit from cloudfront
content-length: 30680
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: m82zKfNl3Fh8leOXseDAzDUDyInve0ksta_t-zgAjkHvC-9YLZop4Q==
expires: Wed, 18 Sep 2024 00:51:30 GMT

GET
H2 200 crop
images.sidearmdev.com/ 15 KB
15 KB 15ms
8ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fdb5y6jlvyeaqj.cloudfront.net%2Fimages%2F2024%2F9%2F15%2FAR8A0265.jpg&width=562&height=316&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

019ee9fc67c3cad162174cd9ebd19a4c8a71dd0f7dd71f15354e72475f998bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:00:29 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 49871
x-cache: Hit from cloudfront
content-length: 15246
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: W7p7W7i11UqNHXtyecREP2qFrTorTFBAZQsGczDiDdD4XbeFiLBd8g==
expires: Tue, 17 Sep 2024 23:00:29 GMT

GET
H2 200 crop
images.sidearmdev.com/ 19 KB
19 KB 18ms
12ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fdb5y6jlvyeaqj.cloudfront.net%2Fimages%2F2024%2F3%2F26%2FLilia_1920x1080_Bahamas.jpg&width=562&height=316&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

090397a18a821b2504ec00ec3f72704bf815af89f310677c88bd5b7e4437bfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:11:00 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 27640
x-cache: Hit from cloudfront
content-length: 19100
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: YEqqFKUCEhxaIn0LNyl8oTCezLPMSZlDP7omImQaohoAXrdmqpVU2w==
expires: Wed, 18 Sep 2024 05:11:00 GMT

GET
H2 200 crop
images.sidearmdev.com/ 11 KB
11 KB 17ms
11ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fdb5y6jlvyeaqj.cloudfront.net%2Fimages%2F2024%2F9%2F15%2FIMG_0827.jpg&width=562&height=316&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

1c04f28ef8e7de198f04373ac9270cab2f15fe9402f25671f5e15d4e1e9af324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:11:00 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 27640
x-cache: Hit from cloudfront
content-length: 11210
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: _6uDBNaZ3GUZQD9G5QL7R_OmQ0yLvVtbXp9eJjpo2vgB6W230HiAEQ==
expires: Wed, 18 Sep 2024 05:11:00 GMT

GET
H2 200 crop
images.sidearmdev.com/ 24 KB
24 KB 15ms
10ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fdb5y6jlvyeaqj.cloudfront.net%2Fimages%2F2024%2F9%2F15%2Flily_rogers.jpg&width=562&height=316&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

1921dfcc3cb912170c027bafb024e5374ad775c84bbc7dbfb31945b4c8cb0925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 05:11:00 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 27639
x-cache: Hit from cloudfront
content-length: 24462
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: mXi2N1yBet5AZAKOL9sCasDyhhu7_ORoNnahXBieE94Zgr5uepwr7w==
expires: Wed, 18 Sep 2024 05:11:00 GMT

GET
H2 200 convert
images.sidearmdev.com/ 13 KB
14 KB 11ms
7ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2023%2F10%2F10%2FFollow_Us.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

8c1e75bfce2682f8d848550397f1c765b2a446f9796c1eac64f4a27279a3bbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:35:29 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 80171
x-cache: Hit from cloudfront
content-length: 13816
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: tuf83v8qfxOJ6eXxqSi9VOlKPnmGfCXVohG7fC7HhKS8ogWqJmHTVg==
expires: Tue, 17 Sep 2024 14:35:29 GMT

GET
H2 200 convert
images.sidearmdev.com/ 21 KB
22 KB 12ms
8ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2024%2F1%2F30%2FFB_Tickets_On_Sale_2.png&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

2359729304316237f4d796537a368dd2170d7ff5a036056cb13536e90ce92c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:35:29 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 80171
x-cache: Hit from cloudfront
content-length: 21642
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: SsGsQGgt1dpELQzIPW7azu0UByj4p5OzZUWPCgPpRZacJcknlefuog==
expires: Tue, 17 Sep 2024 14:35:29 GMT

GET
H2 200 convert
images.sidearmdev.com/ 23 KB
24 KB 14ms
11ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2023%2F10%2F10%2Frep_the_302_web_button_copy.jpg&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

4b491787f0f2b264c8d67d2e9dd5472fc683f5160eaec3ea0c839a8d81c5a659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:39:18 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 79942
x-cache: Hit from cloudfront
content-length: 23712
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 4U6E9X1-7266zrbRflo4tn16kPdYq2EgaCV75pi2qgH3MWPILsCLbQ==
expires: Tue, 17 Sep 2024 14:39:18 GMT

GET
H2 200 convert
images.sidearmdev.com/ 26 KB
27 KB 13ms
10ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Fbluehens.com%2Fimages%2F2023%2F10%2F10%2Fweb_button_mascots.jpg&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

1f4760fe52c040524e08ade26d5399bf2b767db37673df97fd6d83ca8902f107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:01:28 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 82212
x-cache: Hit from cloudfront
content-length: 27094
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 6wmGLdqwWTexAwX2iFb3V7gKxRmBkRYbqJhe9KXu5aN_XgNVoGoMIA==
expires: Tue, 17 Sep 2024 14:01:28 GMT

GET
H2 200 livestats Show response
bluehens.com/api/v2/ 2 B
158 B 117ms
114ms XHR
application/json 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/livestats

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-25b07b5d05ffb0c7b9a79653fe796f43-9bdde0aac1cd4cf5-00
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 4-29403079-29403202 PNNN RT(1726577497825 1753) q(0 0 0 -1) r(1 1) U12
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/DC-Wildcat-CMYK-Full-Color-Outline.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDC-Wildcat-CMYK-Full-Color-Outline.png&type=webp

7 KB
7 KB

11ms
11ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDC-Wildcat-CMYK-Full-Color-Outline.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

a16f74bfc232d2650320170fc3be2563299946dafbfa7d8bec77e8a7e868f531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 21:21:47 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 55792
x-cache: Hit from cloudfront
content-length: 6910
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: zlJJwcApKJbHUvyP_66VEzOZ9xSVeYIOOuieA1rQM_4QL3mT2p53sA==
expires: Tue, 17 Sep 2024 21:21:47 GMT

Redirect headers

date: Mon, 16 Sep 2024 14:33:13 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 80307
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 10-16172452-16156082 3NNN RT(1726497192387 194) q(0 0 0 0) r(1 1) U11
content-length: 312
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDC-Wildcat-CMYK-Full-Color-Outline.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: Y_Q8yWgiThLsUJYoPBPjAAVDAmTbte1p00WFG7cILzjlVVbFWOsS1g==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Delaware.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDelaware.png&type=webp

10 KB
10 KB

16ms
16ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDelaware.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

0dbd624ecb83e8852cab726219efc9f1cb0505a44fe6d176158a431b6b67dd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 14:51:09 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 79231
x-cache: Hit from cloudfront
content-length: 9794
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: SZNgtANAzy0RIJ0eXsoz564G5G2r9_pgl3vTVmjZvvCxbmlTAr_M3g==
expires: Tue, 17 Sep 2024 14:51:09 GMT

Redirect headers

date: Tue, 17 Sep 2024 00:33:53 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 44267
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 9-67206793-67190151 3NNN RT(1726533232676 200) q(0 0 0 0) r(1 1) U11
content-length: 286
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fDelaware.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: p0ZnJ8mqqeLJBKDJi9h1lPb2p1aSdv70hfEGSudZTRGP3EobUwqj8g==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Towson_.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fTowson_.png&type=webp

7 KB
8 KB

16ms
16ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fTowson_.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

955f94a0104c419347a38547dcaafc2b890fa5be1ab55b5eedef755ad76063bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 03:22:48 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 34132
x-cache: Hit from cloudfront
content-length: 7444
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 9qr2fyMMnY7eIjNCVKIJ6INXxT24cnCPayKFsHyKL8JZgSvUWBPhKw==
expires: Wed, 18 Sep 2024 03:22:48 GMT

Redirect headers

date: Mon, 16 Sep 2024 23:07:41 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 49439
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 12-11028318-11028289 3NNN RT(1726528060220 213) q(0 0 0 1) r(1 1) U11
content-length: 285
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fTowson_.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: XGqc2Ff2AogcOXzprFhksnarPw0AlPjn9_iuNcrTTfIHUjyK36FOUw==

GET
H2

200

convert
images.sidearmdev.com/
Redirect Chain

https://db5y6jlvyeaqj.cloudfront.net/images/logos/Villanova.png
https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fVillanova.png&type=webp

6 KB
7 KB

15ms
14ms

Image
image/webp

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fVillanova.png&type=webp

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

29caafdbc3883700f858ebf3943aa8388dc2db58db96736ce0b5e7f9b327edbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 13:38:09 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 83611
x-cache: Hit from cloudfront
content-length: 6304
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: xjZhtg2UJE2TapklLK1dr6ZllGV-RR2IwoC1Z5dwUk2jChCUE7j2CQ==
expires: Tue, 17 Sep 2024 13:38:09 GMT

Redirect headers

date: Mon, 16 Sep 2024 20:22:17 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA56-C2
age: 59363
x-cache-status: MISS
x-cache: Hit from cloudfront
x-iinfo: 61-17137235-17137080 3NNN RT(1726518136565 210) q(0 0 0 -1) r(2 2) U11
content-length: 287
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/convert?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fbluehens.com%2fimages%2flogos%2fVillanova.png&type=webp
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: g2HwuyxXiAH5tLaj0KV8hC5IzGzbEnbcoYHVFGqS95gOOrC-dJDMKw==

GET
H2 200 crop
images.sidearmdev.com/ 46 KB
46 KB 9ms
8ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fdb5y6jlvyeaqj.cloudfront.net%2Fimages%2F2024%2F9%2F16%2FGame6-0525.jpg&width=1416&height=797&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

508c7a0031509ad948bfff7fd9ab25c618b7a21872e8780be9a3bac6a9cb3f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 01:49:07 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 39753
x-cache: Hit from cloudfront
content-length: 46730
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
cache-control: public, s-maxage=86400, max-age=86400, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: m1syv37w-UCbT8hF0ZqkvvsJr37bAguMolBPZc10kiINlPwXTUTzjg==
expires: Wed, 18 Sep 2024 01:49:07 GMT

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 19 KB
19 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300&family=Roboto:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8202d126a1bd9699b9d97ff51bf012337200b44be67f0f64140b16edd458e802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 11:57:49 GMT
x-content-type-options: nosniff
age: 3231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19332
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:03:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Sep 2025 11:57:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59546977&t=pageview&_s=1&dl=https%3A%2F%2Fbluehens.com%2F&ul=de-de&de=UTF-8&dt=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1056806259&gjid=880307986&cid=284746157.1726577500&tid=UA-180624321-17&_gid=173060025.1726577501&_r=1&_slc=1&gtm=45He4990n81TW6R675za200&cd1=2024-09-17T14%3A51%3A40%2B02%3A00&cd20=Delaware%2C%20University%20of&cd21=DI&cd22=Colonial%20Athletic&cd23=1480&cd24=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=0&cd27=LFIMGC&cd28=1&cd29=0&cd35=0&cd37=0&cd49=UA-180624321-17&cd50=delaware&cd53=frontpage&cd54=paciolan&cd55=east&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=0&cd5=284746157.1726577500&z=811171835

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59546977&t=pageview&_s=1&dl=https%3A%2F%2Fbluehens.com%2F&ul=de-de&de=UTF-8&dt=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=165223679&gjid=1488921724&cid=284746157.1726577500&tid=UA-180696617-1&_gid=173060025.1726577501&_r=1&_slc=1&gtm=45He4990n81K3TH4CCv833217870za200&cd1=2024-09-17T14%3A51%3A40%2B02%3A00&cd20=Delaware%2C%20University%20of&cd21=DI&cd22=Colonial%20Athletic&cd23=1480&cd24=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=0&cd27=LFIMGC&cd28=1&cd29=0&cd35=0&cd37=0&cd49=UA-180624321-17&cd50=delaware&cd53=frontpage&cd54=paciolan&cd55=east&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=0&cd5=284746157.1726577500&cd56=SIDEARM&z=1920746381

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 76ms
25ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y29PC3P5S9&cid=284746157.1726577500&gtm=45je4990v882570456z8833217870za200zb833217870&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&frm=0&tag_exp=0
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame A3CA 0
0 58ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-Y29PC3P5S9&gacid=284746157.1726577500&gtm=45je4990v882570456z8833217870za200zb833217870&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=973307195

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Sep 2024 12:51:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 23ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=45je4990v882570456z8833217870za200zb833217870&_p=1726577500045&_gaz=1&gcs=G111&gcd=13t3tPt2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=284746157.1726577500&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726577500&sct=1&seg=0&dl=https%3A%2F%2Fbluehens.com%2F&dt=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&en=page_view&_fv=1&_ss=1&ep.timestamp=2024-09-17T14%3A51%3A40%2B02%3A00&ep.school_name=Delaware%2C%20University%20of&ep.division=DI&ep.conference=Colonial%20Athletic&ep.ss_client_id=1480&ep.site_name=delaware&ep.page_name=University%20of%20Delaware%20Athletics%20-%20Official%20Athletics%20Website&ep.page_category=home&ep.site_section=frontpage&ep.power_five=false&ep.all_access=true&ep.paciolan_marketing=false&ep.ticketing_provider=paciolan&ep.school_region=east&ep.fanbase_partner=false&ep.sidearm_extended=false&ep.mmr=LFIMGC&ep.provider=SIDEARM&up.division=DI&up.school_name=Delaware%2C%20University%20of&up.conference=Colonial%20Athletic&up.sidearm_extended=false&up.ticketing_provider=paciolan&tfd=1990
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
48ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y29PC3P5S9&cid=284746157.1726577500&gtm=45je4990v882570456z8833217870za200zb833217870&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1963823582

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 42ms
12ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=313252352863949&ev=PageView&dl=https%3A%2F%2Fbluehens.com%2F&rl=&if=false&ts=1726577500683&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726577500680.429654949707444509&cs_est=true&ler=empty&cdl=API_unavailable&it=1726577500162&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 17 Sep 2024 12:51:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 205ms
176ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=313252352863949&ev=PageView&dl=https%3A%2F%2Fbluehens.com%2F&rl=&if=false&ts=1726577500683&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726577500680.429654949707444509&cs_est=true&ler=empty&cdl=API_unavailable&it=1726577500162&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 17 Sep 2024 12:51:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415593897732620492", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=15, mss=1328, tbw=3134, tp=-1, tpl=-1, uplat=168, ullat=0
pragma: no-cache
x-fb-debug: kBWqw1siKjKMyK2+crW3vFRCAlk+gz95AIHmHx6xIZj4aDo1wzV1tgfV7NpjEmyH4m2jaYZapW9Lj8c6O4FaEg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415593897732620492"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240912/r20110914/ Frame 0D2F 0
0 21ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240912/r20110914/zrt_lookup_fy2021.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 10595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4126
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Sep 2024 09:55:05 GMT
etag: 14908419571193397619
expires: Tue, 01 Oct 2024 09:55:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=transcend-consent-manager&ign=true&pw=1600&ph=1200&x=800&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=transcend-consent-manager&ign=true&pw=1600&ph=1200&x=800&y=1130.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 12:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 1DEE 0
0 60ms
58ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-6273736034387105&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1726577500&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbluehens.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726577500242&bpp=2&bdt=1219&idt=457&shv=r20240912&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4771968632884&frm=20&pv=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331833%2C95338228%2C95342016%2C95342338&oid=2&pvsid=537220961983753&tmod=631546608&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=485

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Sep 2024 12:51:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 48ms
31ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240912&st=env

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15e9cf2081bef169d129f1b847d3e3fc14300b9567aafee702f010ce05aecc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12844
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 49ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1efa6df490b8a4d98bf900242a213f29b6d0e8ab0b5bc0ae551a4fd4b4fa7ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32323
x-xss-protection: 0
server: cafe
etag: 725 / 19983 / m202409130501 / config-hash: 12978647260079391612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/dUS5h2GBxTdv0wRo01iyjHA2ZOY/gpt_and_prebid/ 105 KB
23 KB 472ms
448ms Script
text/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/dUS5h2GBxTdv0wRo01iyjHA2ZOY/gpt_and_prebid/config.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f68ab54d589ecf82b060d49fb1f266bd17fdcc10095cf449d86d3b604c79984

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-request-id: 7GB7726YVEB63VXN
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 23563
x-amz-id-2: DXcs5VNO1spjMBZvCgMBPbFe6XN+YOJjyowf2LuDuW7YcchGBRXKyqNVEpV4dllg5LccEw4ngtA=
last-modified: Tue, 17 Sep 2024 12:42:40 GMT
server: cloudflare
etag: "c2db590d216aa93601f9e7aa2646b16c"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8c493aa3fc5cd34a-FRA

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/543c2a69-cc69-4de7-9965-a892353bb9c9/ 20 KB
3 KB 37ms
7ms Script
text/javascript 3.160.150.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/543c2a69-cc69-4de7-9965-a892353bb9c9/launchpad-liveramp.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a028a127f8387c87b10411b593684453eb3968c66982dcbb04d1ad29c694db1e

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:12:18 GMT
x-amz-version-id: dZYTOzJz0MNi96E_cy3CgOdjNxz60ZJS
content-encoding: gzip
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 49163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 01 Jul 2024 14:50:40 GMT
server: AmazonS3
etag: W/"3ca01df1e29d08d432e0f2bb202c9fc2"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 8RSBubV2ELkKi_ulLCa2C3J4nwAMv5aUvyeySP12J3Qy4pkoAmhp8w==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 43ms
10ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:46:28 GMT
content-encoding: gzip
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified: Mon, 16 Sep 2024 16:57:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 313
etag: W/"b3da0d59872bd7a86984a426ca256adc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: IN-tDsghliAnJ0blsrC8-Egii2lmihechyY8GcR195Ze_9JIsrW5VA==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 12:51:40 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 156 KB
33 KB 115ms
8ms Script
application/x-javascript 13.32.27.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: PSMw9bnQ8I6ilocwHpmOD8pdOU6j2RGn
content-encoding: br
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
date: Tue, 17 Sep 2024 12:45:19 GMT
last-modified: Wed, 21 Aug 2024 07:20:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 382
x-amz-server-side-encryption: AES256
etag: W/"21442f2b8d4d10d9b3feb114c12ad42a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: KsDafH38oYPjHPhAVFaDMzyR5Nsv-unyD9P031Cp_TZp4MOzIGQ85A==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130501/ 477 KB
149 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130501/pubads_impl.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2db6f5816e22bc5c271d00a5f39c5bed544219fa9ec6620e9028704c58799a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 08:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15992
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152107
x-xss-protection: 0
server: cafe
etag: 15411602477199946532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Sep 2025 08:25:08 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
10ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 03:06:51 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 35090
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: PVAHZGPqfGM3sJv8sJgOSDqkFGzf4WNvz_mcAaLHTSJfYILGNTgldA==

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 565C 0
0 87ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 168468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Sep 2024 14:03:53 GMT
expires: Mon, 15 Sep 2025 14:03:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 49d1d053-156d-46ed-9d18-8370d1d949e8 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
830 B 43ms
6ms Script
application/javascript 18.245.46.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/49d1d053-156d-46ed-9d18-8370d1d949e8
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-94.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1aeed47f137c9545994b5e92c89b04af6b880063380c5e2dc6fb8cb4d2d3e713

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 11:55:55 GMT
via: 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P9
age: 3345
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: qZmKJOF5pQRk_1eyunuSF-si8Ij7-7KSE3VeHZAdqutzgw06ZUx1QQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 9ms
8ms XHR
application/json 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbluehens.com&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 74fa5a45ab8d7d490420eb7219ee554bb708be080b7042bdd4446717ffc88972

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 09:20:49 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 12651
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bluehens.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2936
x-amz-cf-id: mbCM_c4-o_XlYYdTbrR6SC16Kls24IcwiN1s0zOekJOp57Y6i8hcfA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
373 B 168ms
55ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbluehens.com%2F&pid=0qdKCA0qXimGT&cb=0&ws=1600x1200&v=24.910.1025&t=1400&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21708449227%2FDELA%22%7D%5D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bluehens.com
access-control-allow-credentials: true
content-length: 43
x-amz-cf-id: 8ex32Xqlo_9dK84c6Jx6tx9-6HweF6nwUji3w0Z1ID3S1_SqvUbDBQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 116ms
22ms Fetch
application/json 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b18d5c728044b014fd9c9fc164b50a397768b29acab755c3c2e2a2f6d4a88fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31846
x-jsd-version: 1.0.2181
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 850
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21943-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-+9Zv36EPWJqDiItrmxPZNTWKnr0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7p0anREwJaZZ4dxOrG%2B5rlIMKzJ9J9V%2FPlIQgwyRWP%2FkiEEYbdsWn7q7k7SLSpDLY2HjUtA%2F2FP0CwDKqdrY8wdT75c%2B52rWQOkxxDs1Y3Nhj06kA6xCZqiZl0LVIOoIsmZQTIDHIoFxNzKpVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c493aa55be19a15-FRA

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
248 B 189ms
99ms Fetch
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=001Pg000009cAoGIAU&gdpr=0&src=pbjs&ver=8.47.0&coppa=0
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://bluehens.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
315 B 157ms
58ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=550&_it=prebid&t=1&src=id
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6f315967fd75c4a282a6f6ce9a15dc101a50393e5e1304855ecc815a3af79f

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: br
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 8c493aa56f6a65ac-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 168 B
446 B 107ms
10ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a51cc561175cbe0f693d6de81c461339d4c430f02adb7ba924592d728263ee0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bluehens.com
date: Tue, 17 Sep 2024 12:51:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
251 B 111ms
18ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13773
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://bluehens.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 21708449227 Show response
fundingchoicesmessages.google.com/i/ 208 KB
69 KB 133ms
47ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21708449227?ers=3

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49541a0f8787457cc957a15cfed413edfeec65fb0e0af93208d7e403d724dc74

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VsCzK8PI0DHGPRFgt9RBXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VsCzK8PI0DHGPRFgt9RBXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxEUSV1hbgFiIm-Put6Xb2QQ27F4kpqSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGlopGdgGl9gAAAKkD4e"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
374 B 107ms
48ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbluehens.com%2F&pid=0qdKCA0qXimGT&cb=1&ws=1600x1200&v=24.910.1025&t=1400&slots=%5B%7B%22sd%22%3A%22htlad-11-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21708449227%2FDELA%22%7D%5D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:40 GMT
content-encoding: gzip
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bluehens.com
access-control-allow-credentials: true
content-length: 43
x-amz-cf-id: KQzVBQQZ65MqMAEbBGtetbYzEpedfMP365a_9BTTjvjgSU3_os1ycQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 61ms
15ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 17 Sep 2024 13:06:41 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 54ms
8ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 03:43:06 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 18:47:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 32916
x-amz-server-side-encryption: AES256
etag: W/"6016bf24a16f4d1d8384c5f7f11c49fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: i_TRJs9otzF8s7Q1W3mzIXrCAldodgpLoSOaVAWqDuk32SwMUOQSag==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 67ms
22ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fbluehens.com%2F&ref=&_it=amazon&partner_id=550
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 5084
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8c493aa56d88bb61-FRA
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 98 KB
29 KB 62ms
18ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Sep 2024 11:24:35 GMT
server: cloudflare
x-amz-request-id: 0KQ5PDNJMHJ2F13D
age: 3551
etag: W/"6f43174cf2798dcd024756859322fc73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8c493aa5689f9bb3-FRA
x-amz-id-2: UV4tLacUL5UO8MUY2vSTkanga3CMLHWBqBMBxsj3xhJXBzW62YBSNCL8aqU7seg8io+RbWckXc4=

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
627 B 7ms
6ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2024 08:29:20 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront), 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 15741
x-amzn-trace-id: Root=1-66e93de0-1737b3b83382e3fe093350ab;Parent=4a6ef49d04b7f48b;Sampled=0;Lineage=1:06620786:0
x-amzn-requestid: 96e7879d-b559-4eb0-98a9-d91f2d81eac3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: ePabDGyYjoEEtNQ=
content-length: 30
x-amz-cf-id: 5ncfbv_AA8O7LgVuZgUMwqt_YiPIQvdcQKApU3DKF7EUv6ZdGo0_0w==

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 73ms
37ms Preflight
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bluehens.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 17 Sep 2024 12:51:41 GMT
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-apigw-id: eQA2lGKMDoEEtFw=
x-amz-cf-id: yEnU-Pu3o-yyk11BXiQGmoJtjeoosdG9WCYJEf6y3IUCOqamFDFr-g==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 831aa13d-a679-4094-8478-0a31b0b4a9a1
x-cache: Miss from cloudfront

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
295 B 35ms
8ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

3fa0d2355804df883a848e528ca9a07dca03c26125c71e763fcb2e4fc7f83dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://bluehens.com
date: Tue, 17 Sep 2024 12:51:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 111ms
110ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=550&sync=0&domain=bluehens.com&url=https://bluehens.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bluehens.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8c493aa59fe465ac-FRA
content-length: 0
content-type: application/json
date: Tue, 17 Sep 2024 12:51:41 GMT
debug: OPTIONS block
expires: Wed, 17 Sep 2025 12:51:41 GMT
server: cloudflare

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 122 B
276 B 127ms
126ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=550&sync=0&domain=bluehens.com&url=https://bluehens.com/
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 336e058cb55d3f2dd9a6205dce21d1d9b34e46c629e1f965dc85d7e01cc718bb

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8c493aa658c865ac-FRA

POST
H2 200 1083.json Show response
id5-sync.com/g/v2/ 251 B
444 B 27ms
10ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1083.json

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

25714405879722390083b98ed2466000daf45fce258b1baa278d5a3e91c0236e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bluehens.com
date: Tue, 17 Sep 2024 12:51:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 200 AGSKWxUvTONqajABMBr0ZZa8HWWpUHTbZBYJGUVfRMeynmyWTms18xrR7q10HHrIlDd5wMSz9mruKxfceFg_9wxbsAfqxy0_F0opiBPz0-qsuFrp4xnYp1n9xIvZfX4jseIBwpdJnmSP3g== Show response
fundingchoicesmessages.google.com/f/ 448 KB
63 KB 93ms
92ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUvTONqajABMBr0ZZa8HWWpUHTbZBYJGUVfRMeynmyWTms18xrR7q10HHrIlDd5wMSz9mruKxfceFg_9wxbsAfqxy0_F0opiBPz0-qsuFrp4xnYp1n9xIvZfX4jseIBwpdJnmSP3g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2NTc3NTAxLDE0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ibHVlaGVucy5jb20vIixudWxsLFtbOCwiZ1Q2X0pJdlZxdEEiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2de216ee7f7c6e13f69f21fef1f637095c82166853a0ce17fff103f1e89f29a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DFspy26S2Vq20vc0MQAnEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-DFspy26S2Vq20vc0MQAnEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmII1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxEUSV1hbgFiIm-Put6Xb2QQOHLuVo6SRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGlopGdgGl9gAAAq4z7N"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 284 KB
101 KB 18ms
18ms Script
application/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: C1ANERD5PQ8BAS3Y
age: 6033239
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 103346
x-amz-id-2: 9z1fo743YDscJSg2yapDtmDQXNS49uEuyVGsEooWWXCq89AMKM+PYVRrTMLxje9QKt+YnfuXs2A=
last-modified: Tue, 09 Jul 2024 14:20:21 GMT
server: cloudflare
etag: "76074361c87e7c8d3af88302818b71f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8c493aa6d978d34a-FRA

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 23ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Sep 2024 12:51:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Sep 2024 12:51:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 11:42:04 GMT
x-content-type-options: nosniff
age: 4177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Sep 2025 11:42:04 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:52:45 GMT
x-content-type-options: nosniff
age: 302334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Sep 2025 00:52:45 GMT

GET
H2 200 550 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 47ms
26ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/550?_it=amazon
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5668a76b0e5052146bc8834970457abc8067a5c8043300b7f93a9c280a6f082

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Sep 2024 12:45:28 GMT
server: cloudflare
age: 169
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8c493aa77ab29b5e-FRA

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 11:41:59 GMT
x-content-type-options: nosniff
age: 4182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Sep 2025 11:41:59 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
Origin: https://bluehens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:52:45 GMT
x-content-type-options: nosniff
age: 302334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Sep 2025 00:52:45 GMT

POST
H3 204 AGSKWxVElEa5TBtPBKFzVFkWTnkv7ykW_f0yY1vvqGkpMcARvWNSu-KaLqSPAVopL3G71eyjMnZpiNOi1GJzFbHdq2EhxXChc-JulwApJ8u1j2PBKjqkBNZC3iVc0RF2pXhyn8WN0-HQbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
23ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVElEa5TBtPBKFzVFkWTnkv7ykW_f0yY1vvqGkpMcARvWNSu-KaLqSPAVopL3G71eyjMnZpiNOi1GJzFbHdq2EhxXChc-JulwApJ8u1j2PBKjqkBNZC3iVc0RF2pXhyn8WN0-HQbg==

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yFr23bO21BRjEvVE-tAKCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-yFr23bO21BRjEvVE-tAKCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDjuflu6nU2g4_65fYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0tBIz8A8vsAAAIQILqI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVElEa5TBtPBKFzVFkWTnkv7ykW_f0yY1vvqGkpMcARvWNSu-KaLqSPAVopL3G71eyjMnZpiNOi1GJzFbHdq2EhxXChc-JulwApJ8u1j2PBKjqkBNZC3iVc0RF2pXhyn8WN0-HQbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
29ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVElEa5TBtPBKFzVFkWTnkv7ykW_f0yY1vvqGkpMcARvWNSu-KaLqSPAVopL3G71eyjMnZpiNOi1GJzFbHdq2EhxXChc-JulwApJ8u1j2PBKjqkBNZC3iVc0RF2pXhyn8WN0-HQbg==

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7bMJrWf_amwECmUq-N5lyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Sep 2024 12:51:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7bMJrWf_amwECmUq-N5lyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDjuflu6nU3gwL-v-xiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpaGRnoF5fIEBAKl1LyI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bluehens.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
480 B 303ms
105ms Image
image/png 3.5.29.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=71ff5cb934a1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.29.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 17 Sep 2024 12:51:43 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 3G0GPX3NEN9NVRQS
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: q7YjIV8kESTaHtt1aFxeKhz5W/RT/AEwuAiov1n81TzKz3uh3IVYgrJ743KY5oK7Md2yRxnT0LprjMnm9s20t/NsTfnWyerEiQvoBb1j9HI=

GET
H2 204 counter Show response
bluehens.com/api/v2/promotions/ 0
139 B 122ms
121ms XHR
text/plain 45.223.99.109
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://bluehens.com/api/v2/promotions/counter?adIds=13,14,15,16,17,40,20,18,22,21,23,39,12,10,38,34,35

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.99.109 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bluehens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
tenant: delaware

Response headers

date: Tue, 17 Sep 2024 12:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-trace: 00-3bb094dced6b915a04168a7cf4aebf5e-7b6bed16fba99c8c-00
x-cache-status: BYPASS
access-control-allow-origin: *
x-iinfo: 4-29403079-29403202 PNNN RT(1726577497825 3755) q(0 0 0 -1) r(1 1) U11
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/bluehens.com/images/sng_2022/nav_logo_main_alt.svg

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240912&jk=537220961983753&bg=!YmGlYS7NAAbpMHvgyTA7ADQBe5WfODbYOqDNIl-da-UqzQDZZ1aJ-8dIJLoXkaLHqMR73wWpN6S62oiWhMJxutpGMgUDAgAAAEdSAAAAAmgBB34ANnXkrFt-__EkecVanNyNVDDpswiBD1fHLPOK1j6d7x24leGuVtCZ2sX7ozTV191237lofAK0QJkClKM6OSOxMQhRuWEvamnPhIYW9CzoT6L_4mD-Kjx2eSrJRZ2nhclq-um5YTDcVapt8IJp-PjIo33bOpv996W3jqsfqgku8SSFPg6iIBl7V4aFLeHztrEeuunrcoLxDNBPNBLeozNcbTjamZVWruGS_ou5VhQJLGC_BZLDyZi-qkI-IGI5lRmzhfU8insEzeARCrLDpiZP0e9VdXoAC2n92DeTLWV-vWIC2bOKR_xj3xiTRV1nIiIt5NRakd1Ng0fad73c1HZ2GsWE_LPeS2aYyRGEnCIMYOPKn_Mfy6tuYvT3UnGpLQ61BGPbNeeZe698eWY-zwNJFdh154RcQ4L3fSnp_Y1bDeFg10pemyXMieP2PFxxoCKZk48-_82_K54B294Bxm5x_jqoPniqsebP2y2Uxg_4H27rZbqcWm_fTQ4KMiVo37TWUXVGgH9rcyDIiN7EijDU6gRNAToeyBP9U-43nkytIC7jyG2EhCVczX86utydBLzi1-wbWNVaxmOr1X2czuqgYypE73oECM-Z9pTFDUiksBjLIpjdrOvCSceumoVQV7ujgcOtXnZd5NdB-vehZo-SjOu5VcFPTuWzGxu07ijEL32UeHAb1f74SoSRr_G21OERjbGLLblByYRqiYPlLKcZGoICY6d4GgzO9RM5J70KuuL_LxtMcvP8w--4QmGb6aCkRApzGOgB-j-uNmVVioOAi23DZyMs5qkxZcEOj9RNYbijqAlzpaVlMkyCr0oDcKshA8H45ubzHxoQeAkA4BctGIxQzLHyGerSxorz80vewImFUTMbD3RkSvj33dI4l6uG0Pky8eMQLuWI2hAjPaMH2O8ODHEH08M96xXdu-S0mSuoflCh1cGYcTV04VivTw

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluehens.com/	1970-01-21 08:21:31	Name: visid_incap_3117534 Value: IVbAZrtfQeuHQ4rLOF6eC1l76WYAAAAAQUIPAAAAAADBMKe034ldz7ejfkQ+KAes
.bluehens.com/	1969-12-31 23:59:59	Name: nlbi_3117534 Value: yRXQLvEDrDC/RtbDfZn1mgAAAAA9qsri/dmQ3gFyRci0FF+H
.bluehens.com/	1969-12-31 23:59:59	Name: incap_ses_1172_3117534 Value: Qof9WZDnBUY76oul9sdDEFl76WYAAAAA02fShKRnaAnHfNpG6iT0tg==
.bluehens.com/	1970-01-21 09:12:17	Name: _ga_MF7GT4BB50 Value: GS1.1.1726577500.1.0.1726577500.0.0.0
.bluehens.com/	1970-01-20 23:37:43	Name: _gid Value: GA1.2.173060025.1726577501
.bluehens.com/	1970-01-20 23:36:17	Name: _gat_UA-180624321-17 Value: 1
.bluehens.com/	1970-01-20 23:36:17	Name: _gat_UA-180696617-1 Value: 1
.bluehens.com/	1970-01-21 09:12:17	Name: _ga_Y29PC3P5S9 Value: GS1.1.1726577500.1.0.1726577500.60.0.0
.bluehens.com/	1970-01-21 09:12:17	Name: _ga Value: GA1.1.284746157.1726577500
.bluehens.com/	1970-01-21 01:45:53	Name: _fbp Value: fb.1.1726577500680.429654949707444509
.doubleclick.net/	1970-01-20 23:36:18	Name: test_cookie Value: CheckForPermission
.bluehens.com/	1970-01-21 08:21:53	Name: _sharedID Value: 562c5894-8864-4ebb-8512-0fdb65bbf093
.bluehens.com/	1970-01-21 08:21:53	Name: _sharedID_cst Value: zix7LPQsHA%3D%3D
bluehens.com/	1970-01-20 23:36:21	Name: _lr_retry_request Value: true
bluehens.com/	1970-01-21 00:19:29	Name: _lr_env_src_ats Value: false
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bluehens.com/js/prebid-ads.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13773 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ams-pageview-public.s3.amazonaws.com
api.rlcdn.com
bluehens.com
c.amazon-adsystem.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
connect.facebook.net
db5y6jlvyeaqj.cloudfront.net
dbukjj6eu5tsf.cloudfront.net
dxbhsrqyrr690.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fonts.sidearmsports.com
fundingchoicesmessages.google.com
geo.privacymanager.io
htlbid.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
images.sidearmdev.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
p.typekit.net
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
td.doubleclick.net
tpc.googlesyndication.com
transcend-cdn.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
dbukjj6eu5tsf.cloudfront.net
pagead2.googlesyndication.com
108.138.24.78
13.224.186.120
13.32.27.78
13.32.27.92
13.32.99.59
162.19.138.117
162.19.138.120
18.244.15.236
18.245.46.94
18.66.122.103
2001:4860:4802:34::36
23.48.23.17
23.67.137.210
2600:9000:211e:600:17:ad1e:f6c0:21
2600:9000:223f:5800:4:cc99:4000:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:4400::ac40:90a6
2606:4700:4400::ac40:9312
2606:4700::6811:190e
2606:4700::6812:ba1f
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:1495
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.160.150.11
3.5.29.152
34.120.133.55
35.244.193.51
37.252.171.85
45.223.99.109
65.9.66.122
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
019ee9fc67c3cad162174cd9ebd19a4c8a71dd0f7dd71f15354e72475f998bac
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
090397a18a821b2504ec00ec3f72704bf815af89f310677c88bd5b7e4437bfe5
0be60c08bd1b8632447087f0e14881a107d352f2c2020f49f494ecdc8cacc5fc
0d880305402b8dcc7b205e3cb2da9371eac22f1a6f68f0867c7e76911ed26570
0d93c0c9a3bc136e8834500e8edf9fcac034084a6b3dcb03e6124cd66a773647
0dbd624ecb83e8852cab726219efc9f1cb0505a44fe6d176158a431b6b67dd9e
0deec1d24fc7c4ec53a25f553b745db2fd23a4956e1af704b06cc6e8a15cbbc7
0f084592c4ab3b6302b9a05e04b1a598ee935f3015e14896e0fd50f68559ffa5
1921dfcc3cb912170c027bafb024e5374ad775c84bbc7dbfb31945b4c8cb0925
1aeed47f137c9545994b5e92c89b04af6b880063380c5e2dc6fb8cb4d2d3e713
1c04f28ef8e7de198f04373ac9270cab2f15fe9402f25671f5e15d4e1e9af324
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d2323f1f6973752d684815563bf4d734c559e4347b4ebee8580e595435963bd
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
1e6a6de58e68447bdc61d002eb8ac448e4a7734c42d1724a14455f4e3d371a07
1efa6df490b8a4d98bf900242a213f29b6d0e8ab0b5bc0ae551a4fd4b4fa7ab3
1f4760fe52c040524e08ade26d5399bf2b767db37673df97fd6d83ca8902f107
20da7195227c6b983133610b35fe4e1d7f00bbdcd49363b52c16fb37fe0f6bd4
2359729304316237f4d796537a368dd2170d7ff5a036056cb13536e90ce92c75
2383f85a7170bf59dfcc0dcc91b738e5c13020f80d7b9c95a7c118b09c8e3124
2401ddaeaaa3b774108ca920fd3448526ea7efef3f82a6d498e0b3c5aea0cbf3
240a1349e50b0056e0785ed5b04419aa1f904bdf8fe5ac9ce26da45a179de4fd
25714405879722390083b98ed2466000daf45fce258b1baa278d5a3e91c0236e
261bf1b13de1464257b0a9813a137752fe266ec50cfd69ef55bbd68c75d9b797
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4
299363f8bd010b882bc4a4530bc911dfa341bbd28f5b63dd69d9d4cf5b9d89be
29caafdbc3883700f858ebf3943aa8388dc2db58db96736ce0b5e7f9b327edbe
2bb20826ef7814c64f550422f72e4b97f7d5c670c4c1bd3307e6954073ce4974
2c8348da1b78da1d06a1b058b883353b584a45b185898effc844c1e458579a15
31cea4c4ee0c90aedbd742bcd5e5fff78ee6deca7d1f93831d3509cb4204ec9b
320780b4f916d14c60c94a8462f19524cc86c8a6d91f2442921a6e4b18e7d376
336e058cb55d3f2dd9a6205dce21d1d9b34e46c629e1f965dc85d7e01cc718bb
3464aa886c98cc4bce79004ddac75f86bc03427486ab65896d3dff6dbf473eb3
378ead8d61543d7cae599eb64a5d678ddcd5e4c8e9accdff0c91c29a7f68e59c
3a7d73ff4dd45c335055f2b5397dc27624b43b0b3c91a7504bc1a90f473a79a2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c9885c979a5326a684561c8374e4173b1e3e5269015378defc36dd875efafba
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ebdb3917299b898bb74e4f7145dcdaf48d7ad3d88626ad9eb73c771b96697c2
3fa0d2355804df883a848e528ca9a07dca03c26125c71e763fcb2e4fc7f83dd1
429c944a58d8fcd45458b8b30352b0124ef4f9f4bbf93a7ee7cb6ee87518b01f
439f78788495e47e4087f53103b765b65552d650b016b40adc252e9629c590a4
43da9af6bdb69ac8b2284b487cc03b68ae1fa6a54cc8ceabae3ce7983973e7bc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44f47c514fadfd628eda9c1ad524d7bd4d566ca932202aae98d421f00602637a
47bb58b1ff35e7367406d53e82283a06e384ca8cd14874fd205db869ef585124
47bfdf3614a012aeb8ed893f49576aef5a2196bdc16ad3e442ac15111a680f96
489e58aff3ba709bd61876a17bd013616e9a84f3642ef66d7279da2aaf89ccfa
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
49541a0f8787457cc957a15cfed413edfeec65fb0e0af93208d7e403d724dc74
4b491787f0f2b264c8d67d2e9dd5472fc683f5160eaec3ea0c839a8d81c5a659
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f68ab54d589ecf82b060d49fb1f266bd17fdcc10095cf449d86d3b604c79984
508c7a0031509ad948bfff7fd9ab25c618b7a21872e8780be9a3bac6a9cb3f80
512df9c5e1788c7b0aab3c25438d90463a98cf6fc258fcf348f36b80953a6c7d
58c40ce2ddae08a0c6cabc8f7cee6ac30c980bee7d50a21c7fefb5ecf1957475
5c6f315967fd75c4a282a6f6ce9a15dc101a50393e5e1304855ecc815a3af79f
5c72b7e576e67277de51c4f959de06d64680dfaf638808bc441de02ce390a93a
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
665d637a565cc943581c859a2cb016cd0c53958e555e94766c00c610d013c759
672aec32d6a3ab9b22652a35184d5865e9f7169eacc7ada30287b83f1634849d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74fa5a45ab8d7d490420eb7219ee554bb708be080b7042bdd4446717ffc88972
7527b35a2b68d64b19f0ceb682c1cb6ec1cba8fcd3ac1e1cba6b9a2e58864e4a
7d5a94636194d7f14e5a086920e43d89b2d960e9e862d0a60295afa183a16e6d
8202d126a1bd9699b9d97ff51bf012337200b44be67f0f64140b16edd458e802
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
826c9bfceb01d5697ab84a0a9209a0f015f1ec0a72387483040678d37757343d
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
82f2eeca26e7101b39b913803c6694d340aabdaa1eea1983259394b4eeb45e62
889ec42f6dd83d6d7a544065ce18b7fe0ca1057b99deec003c17e2c5cc4a7b52
88a189a6c8aa737d170e91edb72ab80a93cac76eba6421c476a5be581f32d92c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c1e75bfce2682f8d848550397f1c765b2a446f9796c1eac64f4a27279a3bbbc
95534fa1d8dc0b194ae4a4acc1845bbc78ea58ef207faba74ee50d8a54a14264
955f94a0104c419347a38547dcaafc2b890fa5be1ab55b5eedef755ad76063bd
9565a8da59474dbed6322381ac1239d2262a9248553f94215d60d1728075feeb
99a770454db5dfc7b53c0cb4c9bf8a9fe95f6c43e914efdea84a027ed2a9b173
9d416314a4f2e32ef97eb22bd38a42d74b3084c7f6e0ed64fae8864860bf8908
9d886f88c420c50ec1541fce0ab04c920e89c3d8130319634ab8f88503f0768e
a028a127f8387c87b10411b593684453eb3968c66982dcbb04d1ad29c694db1e
a09138c313f9d0ca3ee7b54346e5c29a9ca1cc8f4f22e5fd25d3e5e58d95cfcf
a16f74bfc232d2650320170fc3be2563299946dafbfa7d8bec77e8a7e868f531
a2a697127960096aa9099abe9b938096f7596f2ffcc286e53771ad9b9e492d82
a2db6f5816e22bc5c271d00a5f39c5bed544219fa9ec6620e9028704c58799a1
a327f39e40209aee900ef0744926566b04efefa5c01632857a178aa0366130bd
a475f1f21a3e5d8212919acace9b69f42ebffa28f2c2c50dc17704e401b45b52
a51cc561175cbe0f693d6de81c461339d4c430f02adb7ba924592d728263ee0b
a8067287fc9283a84bfb20c6bfa2e4a9b63602a645831bbfffb3ef7066b3480c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab4620524f7a08c502887be3119a9174305cce8939e89b4c7f365a8043b4dd54
b18d5c728044b014fd9c9fc164b50a397768b29acab755c3c2e2a2f6d4a88fdb
b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc
b3793a3122a488b00007ec5ff134108533a1ae22e1426f75b359e42b4cfca079
b50486199bd4c75d6237f9d1ab011d303a2114ad84602dc78f53338e990afc04
bad01454af06cff27ed20146fb3dc5a7aa071d273d4f56a8ae221d46a0d77a76
bbb8b9f5fc594127d8fe002c55a30fec474a401c7547fcb64b24052e5deb6474
bdb22f8b3b21dafccd5bc8f3580c2d5e6167edd2473e9f840789e082e70034b0
c0d7af53600777e9a9f9b3b79ea1d80d6459d11da7dd4996b7583655452e92c6
c16fa6bcb0c4e2b88271f6c4d391e51f84703cdeb96b70bd8cf1c46d97600470
c2a35dde3f574f62c783bcd036b8ba4abaf686cfa470d922e0efad5afbf04e6b
c5668a76b0e5052146bc8834970457abc8067a5c8043300b7f93a9c280a6f082
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c7408c0895d94d56a8b6650b5cc609c1a7990512a59ef3de99dfac479435c956
cc3d4e2704576a7c3407e0eb06975553281ff9198a7d3bd34cafd7c666ce4f62
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d15e9cf2081bef169d129f1b847d3e3fc14300b9567aafee702f010ce05aecc5
d2de216ee7f7c6e13f69f21fef1f637095c82166853a0ce17fff103f1e89f29a
d9545dbea1e9d8984ddb800a95899ef8ff350fccde1d5b93cbe62ce85d80a408
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da73859f474fbec300751d540c59ce5cb974dc6f07b5e4b8b0190381840a4213
dac9bbaa630ab73ec09cdb11d5c7b8482f8907074a9fdd2f47b7e5b57d27f501
dcb81ed41f6b4255377e7a2a866773930ad6bac545b034aa3c2c858f944d878a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e50b51033781f5b21b3bb58df03e951c39151170a840d8194f531b57b81983a8
e7dcbe275b0cc54589a87fcc079f489635faf570315ec4badc81292c4034caff
e83aef0486f83f3fd8d09b9b5917a9cf83813bad1ed9ac8eed3a4c83b7c4dcf4
e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6
ed3735c10539c4dc3e2b2109bae96611875c462cf6ad65b56ee2ce7c3877feb2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5908377a06dfc19d325208c011d75ab3f324b1aff6429da0812dfe6bf99cd
f20bff41be927fdc540c22522dbd54d587acdef165570dd6b04a6b8f7583d594
f621bae238565c8e21af9ae8558d991cfa608a167a8fb234536a620d3031ca51
f71b86a8f6d6ddc96b6574593a261a06d73085d13d184c9a90c7f2c7c6f0e98d
fa03c1564665a66ffb3f9c8758985c498207dd7c2b7a242f5d9730acb6bfc027
fa656529e6da98fa46f1b7f616a66f8b8dff64d7fea0746beed4dcb9ee27cf0f
faf4bbc260d0c1d77705d2a53a89341dc12dba39b65f068af230f49cc992dfd1
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
feef6112b27f8c4da86e112ecdb91725786a6577f22b8558fcfb08605ca4f5f9

bluehens.com Open in urlscan Pro 45.223.99.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

93 %HTTPS

58 %IPv6

32 Domains

47 Subdomains

45 IPs

4 Countries

4084 kBTransfer

10768 kBSize

16 Cookies

97 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bluehens.com Open in urlscan Pro
45.223.99.109 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

93 %
HTTPS

58 %
IPv6

32
Domains

47
Subdomains

45
IPs

4
Countries

4084 kB
Transfer

10768 kB
Size

16
Cookies

162 HTTP transactions
0 data transactions