www.brightermonday.co.ke Open in urlscan Pro
2606:4700::6812:8954  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECdpADHbd3ztj1G1scDSu74&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECdpADHbd3ztj1G1scDSu74&google_cver=1&C=1

Request Chain 81

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YFEDJ3Ag88wvGGYVPHzcsAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV4HeH0_3eZ_oQpnrx7RyI&google_cver=1

Request Chain 94

• https://um.simpli.fi/gp_match?google_gid=CAESEEKhQgp8dpIZO17gro3kZ3I&google_cver=1&google_push=AQvitUIPHjFOh9Hvgup4oZj6y_twSZN1tqK2nnqz4bJ5tIQu7nqZu5FP0JkRFpni2E8V89XgkbPyH313oTZDB4jYE09rvDMnAsqwhw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10A203119D5F42439162AC0D3DEFC37D&google_push=AQvitUIPHjFOh9Hvgup4oZj6y_twSZN1tqK2nnqz4bJ5tIQu7nqZu5FP0JkRFpni2E8V89XgkbPyH313oTZDB4jYE09rvDMnAsqwhw

Request Chain 96

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDysA1gndEjsErmMqi5SeOM&google_cver=1&google_push=AQvitULwzgF3lxAt5f8kMCLE3F6GDn_QROsYpDuZPm97KBDD40m6wn1ZSbWgPss_KF4iDd7pwqn9PTeneeRNd6AtnmOaQ7j0akq- HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MDMzMTk2MjUzMzY3MzEwNQ%3D%3D&google_push=AQvitULwzgF3lxAt5f8kMCLE3F6GDn_QROsYpDuZPm97KBDD40m6wn1ZSbWgPss_KF4iDd7pwqn9PTeneeRNd6AtnmOaQ7j0akq-

Request Chain 97

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_cver=1&google_push=AQvitUKZFAhWFtw6Q-9JsYrXE3sjibkxTfN3LICu3xSjHG_u4u3bAEZnLfDN2PWmOVJIssCkERG4D5wn-sysMNPdxInLDmoMEmD8Yw HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_cver=1&google_push=AQvitUKZFAhWFtw6Q-9JsYrXE3sjibkxTfN3LICu3xSjHG_u4u3bAEZnLfDN2PWmOVJIssCkERG4D5wn-sysMNPdxInLDmoMEmD8Yw&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFEDJ-a5lvsCcT6P2l-YhQAABGoAAAAB&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_push=AQvitUKZFAhWFtw6Q-9JsYrXE3sjibkxTfN3LICu3xSjHG_u4u3bAEZnLfDN2PWmOVJIssCkERG4D5wn-sysMNPdxInLDmoMEmD8Yw&google_cver=1

Request Chain 98

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFajML3ASfNIHXZQfhOZ-dM&google_cver=1&google_push=AQvitUKQzcPUuFRwxA39FXDk2OMl73xYRy6uwnSPd0_3KxwJG7sZIw1SdRaKa51dGGlmOw6GUYD5wRdw8VvEdchIVmJBhz7v2NnK5w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKQzcPUuFRwxA39FXDk2OMl73xYRy6uwnSPd0_3KxwJG7sZIw1SdRaKa51dGGlmOw6GUYD5wRdw8VvEdchIVmJBhz7v2NnK5w

Request Chain 99

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAs3kU6FpmCoQfom946kmVU&google_cver=1&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXVnxHg HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXVnxHg&google_gid=CAESEAs3kU6FpmCoQfom946kmVU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczNTc5NTM0NzUyNjU0NjYwOQ%3D%3D&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXVnxHg

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.brightermonday.co.ke/	85 KB 18 KB	890ms 871ms	Document text/html	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fccad4ec561e17bb881a2967010f10177426182b1a489e7493bbcac12ab7a75 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority www.brightermonday.co.ke :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dad086f68f49a458d5b342b52475b377d1615921956; expires=Thu, 15-Apr-21 19:12:36 GMT; path=/; domain=.brightermonday.co.ke; HttpOnly; SameSite=Lax; Secure laravel_session=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.brightermonday.co.ke; HttpOnly XSRF-TOKEN=eyJpdiI6IjcwZlU3UnNtdlFqRVBpcE1qNG9wVmc9PSIsInZhbHVlIjoibXJVcTRNRzdhK0JSeDZlMFNNamFBeGo1ajEwV3p1K0FWeVBkQlhzb0NoS0l3YXJtXC9WaUQwdUVMK0NkV21jTzliUVwvU01IYkZjSDJQVUdTTEJ5aEg1NHNHUzZDMlwvOTgwaTZyVHArZEdKMUl2T3Z5MEpmeVRVaVNoSTZROXZEeG4iLCJtYWMiOiJkMzc1MTQ2NjBkMDAxZjExZGJiOWUyZDYxYzQyNzRjOTU5ZDQyMzZkM2Q2NTFmZTBiMmZhN2ZjMjZjYjFkMTgwIn0%3D; expires=Tue, 16-Mar-2021 21:12:37 GMT; Max-Age=7200; path=/; secure laravel_session=eyJpdiI6Imhvb1g2KzB6WVNHVlh6bWpXZCtNaEE9PSIsInZhbHVlIjoiK1ltNDdrekY0Nmp3aUxXVkxTWTNtUUtJeW1kVXkrclYrN1wvQVJYQ1kySnJNbnJcL2ZSYVlBRXN1NVVNTG1DQkJLUzJYbzc3UlwvNHJ2dTc5UzBmWXhoQ045R0F6MWFJUXJ5cVl5WDRCYmEzQTZveDJySWhhVXBNdGdcL3ZCNUEyYlpqIiwibWFjIjoiZmUyNTNmMGMxMWRkOTQxYmMyMzc4YWZhMjUwOTMyYWQ5ZTcyYWQ3MTE5M2RhMDQ5MTVlODgxYmQyM2JiNzk2YyJ9; expires=Tue, 16-Mar-2021 21:12:37 GMT; Max-Age=7200; path=/; secure; httponly cache-control no-cache, private referrer-policy origin-when-cross-origin x-frame-options DENY vary Accept-Encoding x-ua-compatible IE=Edge x-xss-protection 1; mode=block x-request-id 99512f86a07550a06c695fc1d53fb37e cf-cache-status DYNAMIC cf-request-id 08de0d5db900004a9dc5347000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff server cloudflare cf-ray 63104b42c91b4a9d-FRA content-encoding gzip
GET H2	200	roboto-v20-latin-300.woff2 www.brightermonday.co.ke/static-assets/fonts/	15 KB 16 KB	17ms 15ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/static-assets/fonts/roboto-v20-latin-300.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d612700004a9dc82a8000000001 x-request-id 84864be90404e2bcda0fa81623d4cac0 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-3da8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b483ce54a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	roboto-v20-latin-regular.woff2 www.brightermonday.co.ke/static-assets/fonts/	15 KB 16 KB	23ms 22ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/static-assets/fonts/roboto-v20-latin-regular.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d612700004a9dd9120000000001 x-request-id 6074084094e8e9cb3bf9baf87628f3f4 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:42 GMT server cloudflare etag W/"6050ccca-3d78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b483ce84a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	roboto-v20-latin-500.woff2 www.brightermonday.co.ke/static-assets/fonts/	16 KB 16 KB	19ms 17ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/static-assets/fonts/roboto-v20-latin-500.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d612700004a9d978d5000000001 x-request-id df5992608942044fac9ea936a2c0665c x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:35 GMT server cloudflare etag W/"6050ccc3-3e00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b483ce94a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	roboto-v20-latin-700.woff2 www.brightermonday.co.ke/static-assets/fonts/	15 KB 16 KB	28ms 26ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/static-assets/fonts/roboto-v20-latin-700.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d612800004a9df502e000000001 x-request-id ff97fd3acd70bff510a69205aff0f986 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:42 GMT server cloudflare etag W/"6050ccca-3dc8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b483ceb4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	global-227d33ca0f.css www.brightermonday.co.ke/build/assets/css/brightermonday/	145 KB 25 KB	15ms 14ms	Stylesheet text/css	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fcbb62e07718accf6f84a6d2bc9e4436a79ea6cb6af80903726da51efd623fc Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1784 vary Accept-Encoding cf-request-id 08de0d612800004a9dc538e000000001 x-request-id ef0d78dfe20b7f58c296966bd52bec46 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-245b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/css x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b484cec4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	tailwindcss-v12-ee66afe1a7.css www.brightermonday.co.ke/build/assets/css/brightermonday/	845 KB 90 KB	33ms 32ms	Stylesheet text/css	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/css/brightermonday/tailwindcss-v12-ee66afe1a7.css Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd4bc9f4ead3fdf0d7e6208496a9f3d6796021ef8a8fdfdb60d95c46031311ea Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 5300 vary Accept-Encoding cf-request-id 08de0d612800004a9dafbdd000000001 x-request-id f6a10a2956eaf0378721b52f5d088dd6 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:42 GMT server cloudflare etag W/"6050ccca-d3220" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/css x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b484cee4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	home-3f176c6d91.css www.brightermonday.co.ke/build/assets/css/brightermonday/	24 KB 4 KB	37ms 36ms	Stylesheet text/css	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e6631d93bb14868ec1339fb7967e3b5a343781922b4464827d2ec60c570a250 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2943 vary Accept-Encoding cf-request-id 08de0d612c00004a9dad3f3000000001 x-request-id 20418d5a68e969b5e91e56b37d122b08 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-60c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/css x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b484cef4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	employer-landing-a4752a3d09.css www.brightermonday.co.ke/build/assets/css/brightermonday/	4 KB 2 KB	21ms 20ms	Stylesheet text/css	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/css/brightermonday/employer-landing-a4752a3d09.css Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eadf3410218872c4f64b7ebeeb1c8b8c0edef9aa83c1a2d09a9922db8875a4fe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2943 vary Accept-Encoding cf-request-id 08de0d612800004a9dd4168000000001 x-request-id 0c3eb58d930dab2bfaed06aca71349a4 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-11eb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/css x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b484cf04a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	modernizr-webp-92a84cf73e.js Show response www.brightermonday.co.ke/build/assets/scripts/	3 KB 2 KB	22ms 22ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/scripts/modernizr-webp-92a84cf73e.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1093c82c3394fe3ae25b849f33736be3432370fa1d1ab4a41aa0ccec84472664 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d614b00004a9dcb0ad000000001 x-request-id bf1c531c60286774b04a48787433a25a x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:35 GMT server cloudflare etag W/"6050ccc3-d4a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b487d6d4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	jobseeker-hero-tagline-65b20ef485.webp www.brightermonday.co.ke/build/static-assets/img/	51 KB 51 KB	21ms 20ms	Image image/webp	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/build/static-assets/img/jobseeker-hero-tagline-65b20ef485.webp Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 725559119f77c4108b1fd2757f005127e38e5efeeea85b2b903a88289e29092d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff cf-cache-status HIT age 6542 vary Accept-Encoding content-length 52510 cf-request-id 08de0d615b00004a9df2128000000001 x-request-id 2ed207c9089f85e3ee13e5edcd0e933c x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:35 GMT server cloudflare etag "6050ccc3-cd1e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp x-xss-protection 1; mode=block cache-control public, max-age=31536000 accept-ranges bytes cf-ray 63104b489daf4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	refer-stroke.png www.brightermonday.co.ke/static-assets/img/ke/	4 KB 5 KB	16ms 15ms	Image image/webp	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/static-assets/img/ke/refer-stroke.png Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90b708ade3f856de113b3e9eafaa3c192e972f98cf8cc811e338304abd423447 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff cf-cache-status HIT age 4742 cf-polished origFmt=png, origSize=5778 last-modified Tue, 16 Mar 2021 15:20:42 GMT content-disposition inline; filename="refer-stroke.webp" vary Accept content-length 4562 x-xss-protection 1; mode=block x-request-id 4a135267b27b20c44b86cc643e9530b5 x-ua-compatible IE=Edge cf-bgj imgq:85,h2pri server cloudflare etag "6050ccca-1692" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp cache-control public, max-age=31536000 cf-request-id 08de0d615c00004a9d9734e000000001 accept-ranges bytes cf-ray 63104b489dbc4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	refer-amount.png www.brightermonday.co.ke/static-assets/img/ke/	11 KB 12 KB	14ms 13ms	Image image/webp	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/static-assets/img/ke/refer-amount.png Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f71fcf5ee579440011c643fb53f59677e6d4ddd62cb1643496813e7f1eea251f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff cf-cache-status HIT age 4742 cf-polished origFmt=png, origSize=13344 last-modified Tue, 16 Mar 2021 15:20:36 GMT content-disposition inline; filename="refer-amount.webp" vary Accept content-length 11596 x-xss-protection 1; mode=block x-request-id 2cd78b5151e932c1a8724ac77c304092 x-ua-compatible IE=Edge cf-bgj imgq:85,h2pri server cloudflare etag "6050ccc4-3420" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp cache-control public, max-age=31536000 cf-request-id 08de0d615d00004a9dd9125000000001 accept-ranges bytes cf-ray 63104b489dbf4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	jquery-dc5e7f18c8.min.js Show response www.brightermonday.co.ke/build/assets/scripts/	87 KB 30 KB	15ms 14ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/scripts/jquery-dc5e7f18c8.min.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d615d00004a9dcb0ae000000001 x-request-id dbed77bc689ec7e16d89602b716a1e3b x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-15d84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b489dc34a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	app-c02739af4a.m.js Show response www.brightermonday.co.ke/build/assets/scripts/	20 KB 7 KB	21ms 20ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 142a0bb72a0ab952ad2ebcc348f863b70078843fa547d8f966320fb8158c2eda Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6893 vary Accept-Encoding cf-request-id 08de0d615e00004a9de1a2c000000001 x-request-id e7c04c7c5751927df9f5e611e933600a x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-5061" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b489dc44a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	238 KB 60 KB	31ms 30ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 50314accd142c11be29423e08ef1b320c59dc672885e4f3f243665dae087d18e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61753 x-xss-protection 0 last-modified Tue, 16 Mar 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Mar 2021 19:12:37 GMT
GET H2	200	landscape-8310d4b879.svg www.brightermonday.co.ke/build/static-assets/img/ke/	8 KB 3 KB	16ms 15ms	Image image/svg+xml	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/build/static-assets/img/ke/landscape-8310d4b879.svg Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab0c26366cbb6cff003f51ffa4e8a6f3c77a2a83324a0d3b7245cdc0805afd8a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2943 vary Accept-Encoding cf-request-id 08de0d616400004a9d04399000000001 x-request-id 39e79e5901db97ef69b3d77bf16a356f x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-1eca" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/svg+xml x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b48addc4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	roboto-v20-latin-300-ef7c6637c6.woff2 www.brightermonday.co.ke/build/static-assets/fonts/	15 KB 16 KB	15ms 15ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/static-assets/fonts/roboto-v20-latin-300-ef7c6637c6.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d616600004a9dafbe3000000001 x-request-id 6c0aa6e0e5e7d3f50b39e05a0fffa5ed x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-3da8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b48ade24a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	roboto-v20-latin-regular-479970ffb7.woff2 www.brightermonday.co.ke/build/static-assets/fonts/	15 KB 16 KB	22ms 22ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/static-assets/fonts/roboto-v20-latin-regular-479970ffb7.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d616700004a9dfd217000000001 x-request-id 85c66a4b0dd524e3bf88e1895c510aa0 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-3d78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b48ade54a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	roboto-v20-latin-500-020c97dc8e.woff2 www.brightermonday.co.ke/build/static-assets/fonts/	16 KB 16 KB	18ms 17ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/static-assets/fonts/roboto-v20-latin-500-020c97dc8e.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6060 vary Accept-Encoding cf-request-id 08de0d616800004a9dc82ad000000001 x-request-id 91c1ed875b441d0a225dccafa1dbdb81 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-3e00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b48ade74a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET DATA	200 OK	truncated /	158 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe6d1458028b23b1954151a02340cf10633ae152aa4aef789cc580dda7cce512 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	roboto-v20-latin-700-2735a3a69b.woff2 www.brightermonday.co.ke/build/static-assets/fonts/	15 KB 16 KB	15ms 14ms	Font font/woff2	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/build/static-assets/fonts/roboto-v20-latin-700-2735a3a69b.woff2 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://www.brightermonday.co.ke Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/global-227d33ca0f.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1109 vary Accept-Encoding cf-request-id 08de0d61a000004a9d9a23c000000001 x-request-id 221ef21c7341ce897544a1777e707aca x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-3dc8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/woff2 x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b490e724a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET DATA	200 OK	truncated /	44 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	31-0fd41c8ec418f8fe4ab1.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	14 KB 6 KB	15ms 15ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/31-0fd41c8ec418f8fe4ab1.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9906b7a04a11c06f7973ff0badeb27c834f8020854d588bfab1ed13900eb25a2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2942 vary Accept-Encoding cf-request-id 08de0d61f800004a9d9fae0000000001 x-request-id 358a83368802839407be2f67dc79172b x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:35 GMT server cloudflare etag W/"6050ccc3-36f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b498f624a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	24-b306d1acbe8d3af59cac.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	8 KB 3 KB	15ms 15ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/24-b306d1acbe8d3af59cac.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d252eee153c3dfa53680eda4be167f71c6017d49e2c060667a372ff6fcfd0470 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2942 vary Accept-Encoding cf-request-id 08de0d61f900004a9d0d1b9000000001 x-request-id 97fa2c724c1f05dd9b718ad513086e4c x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-1fc3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b498f634a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	10-4197cf4ef163d8d23fff.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	13 KB 4 KB	17ms 16ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/10-4197cf4ef163d8d23fff.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ca01b6abc715c5b4bd91cd79ff1941ad89588bdf1dbe4faaa1af1dc0554b573 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6541 vary Accept-Encoding cf-request-id 08de0d61f900004a9dbca41000000001 x-request-id 71bd494f4ff830fe4f911c10bbc0e805 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-32ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b498f654a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 6252 date Tue, 16 Mar 2021 17:28:25 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Tue, 16 Mar 2021 19:28:25 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	32 KB 13 KB	54ms 51ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12620 x-xss-protection 0 server cafe etag 4454677202539371103 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 16 Mar 2021 19:12:37 GMT
GET H2	200	hotjar-20118.js Show response static.hotjar.com/c/	6 KB 3 KB	188ms 117ms	Script application/javascript	13.226.159.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-20118.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-79.dus51.r.cloudfront.net Software / Resource Hash 20171003bde113ba9f5facc5db34211f72ff6f57f9ee4868fd6f38eac64e0f5e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop DUS51-C1 etag W/b4443ede0e07b0b8a1c5c93dcf41da4e vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript access-control-allow-origin * x-cache-hit 1 x-amz-cf-id R5-5TxBi9TDRCbGOc3BCJ60Pcnk2GfMsGmrPH3RLU3CrFGe-MOBZXQ== via 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	91 KB 23 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23762 x-fb-rlafr 0 pragma public x-fb-debug WCQ6xsw/MmLlPbNL3Mck6tPpDDFPEIjf/D4sQWcT2Q08pDI00AiqQEYZPxrsb68BceRyhcLb5dXQi9wfSDSwqg== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 16 Mar 2021 19:12:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bm-jobseeker-hero-out-cf37421766.webp www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/	32 KB 33 KB	16ms 16ms	Image image/webp	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/bm-jobseeker-hero-out-cf37421766.webp Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f4d458b4c12cc714098ce4d5bb4f24e8cae1130accd49795a34f6331082098c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff cf-cache-status HIT age 1434 vary Accept-Encoding content-length 33164 cf-request-id 08de0d621000004a9dd4176000000001 x-request-id 7b269a4e2624bbf260c2a4330bc7beb9 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag "6050ccc4-818c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp x-xss-protection 1; mode=block cache-control public, max-age=31536000 accept-ranges bytes cf-ray 63104b49bfad4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	refer-and-earn-98d397c78e.webp www.brightermonday.co.ke/build/static-assets/img/ke/	72 KB 73 KB	46ms 46ms	Image image/webp	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/build/static-assets/img/ke/refer-and-earn-98d397c78e.webp Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ed629c865cef46e359a2ca11d6cfacfab98934b8002016b40a04116da4d813f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff cf-cache-status HIT age 1434 vary Accept-Encoding content-length 74034 cf-request-id 08de0d621000004a9dd00be000000001 x-request-id 154d1ae2c178c427c2cb1ac1871d2ef5 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag "6050ccc4-12132" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp x-xss-protection 1; mode=block cache-control public, max-age=31536000 accept-ranges bytes cf-ray 63104b49bfaf4a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	52-d64f3a8c1a418f7fadb7.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	758 B 538 B	19ms 18ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/52-d64f3a8c1a418f7fadb7.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74b8cadcc0bc90eea01159e24ad24950a52fe50cfdd74a1786cb1dc73c23cc68 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1433 vary Accept-Encoding cf-request-id 08de0d624200004a9dbca45000000001 x-request-id 56c7e6e0beb69244cb5a7f0336df6acb x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:35 GMT server cloudflare etag W/"6050ccc3-2f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b4a08444a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	49-6b8274a6d372c4cbd2e8.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	2 KB 1 KB	16ms 16ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/49-6b8274a6d372c4cbd2e8.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59e40542d5955aff7def3e299235d37ab0e42da694beeae2ec492eebbbd93462 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2942 vary Accept-Encoding cf-request-id 08de0d624300004a9de831d000000001 x-request-id cc749e5de5c955188603ce9a89232c8f x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:41 GMT server cloudflare etag W/"6050ccc9-84a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b4a08494a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	2-eed4084c01858b478267.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	6 KB 3 KB	13ms 12ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/2-eed4084c01858b478267.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 954a763c78ed0db5c7a378838e87c7eedc8ef90c6f4d4ce9d34972054f482a3c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1433 vary Accept-Encoding cf-request-id 08de0d624600004a9d043ab000000001 x-request-id 90a4f21d1d242959a7ebddb38ca883b9 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:40 GMT server cloudflare etag W/"6050ccc8-187a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b4a08544a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	3-af9034e2c2af79ee5f6e.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	3 KB 1 KB	16ms 16ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/3-af9034e2c2af79ee5f6e.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15b0462968d6054ff45a0f97dedb92a6d652ad8673ff2c79e10e3e9da7b02b04 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1433 vary Accept-Encoding cf-request-id 08de0d624600004a9dafbf1000000001 x-request-id 3439250c400d2d6cfa47219e41713dc2 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:35 GMT server cloudflare etag W/"6050ccc3-bc1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b4a08554a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 95 B	15ms 14ms	XHR text/plain	2a00:1450:400c:c09::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=921096184&uid=0&gjid=995557999&_gid=2130245119.1615921957&_u=aGDAgEADAAAAAE~&z=1958588913 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 16 Mar 2021 19:12:37 GMT content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 73 B	13ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=986579264&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&ul=en-us&de=UTF-8&dt=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tech&ea=BrowserDetection&el=OperaMiniExtreme&ev=0&_u=aGDAAEADAAAAAG~&jid=922573068&gjid=930840459&cid=1680343680.1615921957&uid=0&tid=UA-57081444-2&_gid=2130245119.1615921957&_r=1&gtm=2wg330WDM8865&cd1=0&cd2=0&cd3=0&cd4=0&cd6=None&cd7=0&cd8=9a9e5ec69b9b6e769ade74c00d5efebf&cd9=1615921956&cd10=_GTM-WDM8865_180&z=1233337475 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 26 B	14ms 14ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=986579264&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&ul=en-us&de=UTF-8&dt=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tech&ea=BrowserDetection&el=OperaMiniExtreme&ev=0&_u=aGDAAEADAAAAAG~&jid=922573068&gjid=930840459&cid=1680343680.1615921957&uid=0&tid=UA-126174493-1&_gid=2130245119.1615921957&_r=1&gtm=2wg330WDM8865&cd1=0&cd2=0&cd3=0&cd4=0&cd6=None&cd7=0&cd8=9a9e5ec69b9b6e769ade74c00d5efebf&cd9=1615921956&cd10=_GTM-WDM8865_180&z=1233337475 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 25 B	13ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=986579264&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&ul=en-us&de=UTF-8&dt=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tech&ea=BrowserDetection&el=OperaMiniExtreme&ev=0&_u=aGDAAEADAAAAAG~&jid=922573068&gjid=930840459&cid=1680343680.1615921957&uid=0&tid=UA-126200746-1&_gid=2130245119.1615921957&_r=1&gtm=2wg330WDM8865&cd1=0&cd2=0&cd3=0&cd4=0&cd6=None&cd7=0&cd8=9a9e5ec69b9b6e769ade74c00d5efebf&cd9=1615921956&cd10=_GTM-WDM8865_180&z=1233337475 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 119 B	6ms 6ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=986579264&t=pageview&_s=1&dl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&ul=en-us&de=UTF-8&dt=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAD~&jid=921096184&gjid=995557999&cid=1680343680.1615921957&uid=0&tid=UA-57081444-2&_gid=2130245119.1615921957&gtm=2wg330WDM8865&cd1=0&cd2=0&cd3=0&cd4=0&cd6=None&cd7=0&cd8=9a9e5ec69b9b6e769ade74c00d5efebf&cd9=1615921956&cd10=_GTM-WDM8865_180&z=410602737 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 18:40:52 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1905 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	1164560620304770 Show response connect.facebook.net/signals/config/	241 KB 69 KB	60ms 60ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1164560620304770?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2e81673e2ea21c0b548069f619e5393bd34b01f97f9fb5b5ce8fa38eaa3ed59a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug mbPA/m1ineVE0BFIVuEMzgrpw5Ug2Ix/kV3yvpxKtKtjJnY6KGIhO+SUgJP7TQYzcCEZTOEDhiKwgtuNdJFEqA== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 16 Mar 2021 19:12:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 118 B	30ms 29ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=921096184&_u=aGDAgEADAAAAAE~&z=1143508759 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	29ms 29ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=921096184&_u=aGDAgEADAAAAAE~&z=1143508759 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/	4 B 28 B	91ms 15ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=922573068&uid=0&gjid=930840459&_gid=2130245119.1615921957&_u=aGDAAEADAAAAAG~&z=1465742509 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 16 Mar 2021 19:12:37 GMT content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/	4 B 431 B	90ms 15ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=922573068&uid=0&gjid=930840459&_gid=2130245119.1615921957&_u=aGDAAEADAAAAAG~&z=1465742509 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 16 Mar 2021 19:12:37 GMT content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/966951895/	2 KB 2 KB	46ms 17ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966951895/?random=1615921957505&cv=9&fst=1615921957505&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tiba=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1029b86dc5ad2b5ead8ba0f9263a5d2bf2797c6182f159fdd18869a2ddad1ce6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1032 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	50-b448cbc9f48963c9944c.m.js Show response www.brightermonday.co.ke/assets/scripts/chunk/myjobs/	42 KB 12 KB	14ms 14ms	Script application/javascript	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/50-b448cbc9f48963c9944c.m.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/scripts/app-c02739af4a.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f1d002d383675db04874d80659f128a44d367f21cf5640d9aca37b71a89d7f1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2942 vary Accept-Encoding cf-request-id 08de0d62a300004a9d9c8dd000000001 x-request-id 25075ce4f7f19264bfd922f75f7c051c x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag W/"6050ccc4-a979" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type application/javascript x-xss-protection 1; mode=block cache-control public, max-age=31536000 cf-ray 63104b4a99374a9d-FRA expires Wed, 16 Mar 2022 19:12:37 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	59 KB 20 KB	37ms 14ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/assets/scripts/chunk/myjobs/24-b306d1acbe8d3af59cac.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a6e33437d10551be1229b0bb240145430f615d608bc9632b7499442af2bec16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "814 / 456 of 1000 / last-modified: 1615903271" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19923 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:37 GMT
GET H3-Q050	200	/ www.google.com/pagead/1p-user-list/966951895/	42 B 232 B	21ms 20ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/966951895/?random=1615921957505&cv=9&fst=1615921200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&frm=0&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tiba=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&async=1&fmt=3&is_vtc=1&random=996390155&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-user-list/966951895/	42 B 530 B	81ms 67ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/966951895/?random=1615921957505&cv=9&fst=1615921200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&frm=0&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tiba=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&async=1&fmt=3&is_vtc=1&random=996390155&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 259 B	7ms 7ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1164560620304770&ev=PageView&dl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&rl=&if=false&ts=1615921957580&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.2.1615921957579.1764034545&it=1615921957486&coo=false&rqm=GET Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 16 Mar 2021 19:12:37 GMT
GET H2	200	modules.385e5029655a846359a5.js Show response script.hotjar.com/	217 KB 58 KB	150ms 56ms	Script application/javascript	13.226.159.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.385e5029655a846359a5.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-20118.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-122.dus51.r.cloudfront.net Software / Resource Hash ec3e271eed759fab8bf86ca363811159faf214b1ac3d943eab9f4d6f744f2cbd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 11:03:07 GMT content-encoding br x-content-type-options nosniff age 29370 x-cache Hit from cloudfront content-length 58606 access-control-allow-origin * last-modified Tue, 16 Mar 2021 11:02:26 GMT etag "fadc55851cce596396b4403635b35293" vary Accept-Encoding content-type application/javascript via 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop DUS51-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id -C3HiCxwwVSHGLrG6NptV_RoVZhPmlzw4DCc1CPqy-Qc62AzyYPrkQ==
GET H2	200	pubads_impl_2021031101.js Show response securepubads.g.doubleclick.net/gpt/	284 KB 100 KB	42ms 41ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 801b78af2ab57cfc67d37f8137feac63f1b722b8812dea418b43759e9baddef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 11 Mar 2021 19:23:32 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102217 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:37 GMT
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 65 B	43ms 42ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=922573068&_u=aGDAAEADAAAAAG~&z=924786606 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/	42 B 65 B	42ms 42ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-57081444-2&cid=1680343680.1615921957&jid=922573068&_u=aGDAAEADAAAAAG~&z=924786606 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	box-469cf41adb11dc78be68c1ae7f9457a4.html Show response vars.hotjar.com/ Frame 029D	2 KB 1 KB	198ms 62ms	Document text/html	52.85.115.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-20118.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.115.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-115-30.hel50.r.cloudfront.net Software / Resource Hash 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-469cf41adb11dc78be68c1ae7f9457a4.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.brightermonday.co.ke/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.brightermonday.co.ke/ Response headers content-type text/html content-length 851 date Sun, 14 Feb 2021 22:59:58 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "d594f1d4c3e5dbd6b556c60d34e0daea" last-modified Fri, 12 Feb 2021 15:00:08 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 45e951df17063864957163fe2b8687d3.cloudfront.net (CloudFront) x-amz-cf-pop HEL50-C2 x-amz-cf-id ptT-BjatXLYimdgE81mv3Z-0pQh1ptktNHmNeFehj_fAxZC2Ct-OFA== age 2578359
GET H2	200	adv5109_1594097335.jpg i.roamcdn.net/kazi/ke/hq/f5ba7f81bdfba86bc77a6f17fb411388/-/advertiser-img-ke-jobs-prod/dealer-images/advid5109/	11 KB 12 KB	42ms 26ms	Image image/webp	2606:4700::6811:8e37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.roamcdn.net/kazi/ke/hq/f5ba7f81bdfba86bc77a6f17fb411388/-/advertiser-img-ke-jobs-prod/dealer-images/advid5109/adv5109_1594097335.jpg Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:8e37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b73854f133c71965eea7afa15c3f5c9948c715bf34c865e9751e1e5ea7bd38d2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:37 GMT x-content-type-options nosniff cf-cache-status HIT age 307644 cf-polished qual=85, origFmt=jpeg, origSize=15016 cf-ray 63104b4bb8d92bad-FRA content-disposition inline; filename="adv5109_1594097335.webp" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11466 x-amz-id-2 +Zw+Y6SUrRMg5ByW7JxH83NfOftbVaJYXDPUmtYGga8skeMnkCmHpcqeAPABPWJjxLf2ZHYUW2w= last-modified Fri, 05 Feb 2021 08:14:24 GMT server cloudflare etag "e3dacc76595f0746f037967323d74c84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id NA7ASARNVZJQ44VX vary Accept cache-control public, max-age=31536000 x-amz-version-id null cf-request-id 08de0d635700002bad70069000000001 accept-ranges bytes content-type image/webp cf-bgj imgq:85,h2pri
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 799 B	40ms 15ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.brightermonday.co.ke Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	50ms 25ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.brightermonday.co.ke Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 10 KB	473ms 472ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=53253812222080&correlator=3380620535282512&output=ldjh&impl=fifs&eid=21068529%2C31060464%2C31060472%2C31060344%2C31060367%2C31060456&vrg=2021031101&ptt=17&sc=1&sfv=1-0-38&ecs=20210316&iu_parts=7108206%2CBrighterMonday_Kenya_dsk_home_atf_h1_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1615921958&dt=1615921958008&dlt=1615921957154&idt=538&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=895&adks=2963885971&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x130&msz=1600x130&ga_vid=1680343680.1615921957&ga_sid=1615921958&ga_hid=986579264&ga_fc=false&fws=4&ohw=1600 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 8b0d4656caedf2c75bd0cb23391b8b5a9471cb2ee293be411fc494e4ad0f4aef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9440 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	72ms 14ms	Other text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	31ms 7ms	Other text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	12 KB 6 KB	869ms 869ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=53253812222080&correlator=3380620535282512&output=ldjh&impl=fifs&eid=21068529%2C31060464%2C31060472%2C31060344%2C31060367%2C31060456&vrg=2021031101&ptt=17&sc=1&sfv=1-0-38&ecs=20210316&iu_parts=7108206%2CBrighterMonday_Kenya_dsk_home_btf_h2_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1615921958&dt=1615921958012&dlt=1615921957154&idt=538&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=2438&adks=1195572964&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x130&msz=1600x130&ga_vid=1680343680.1615921957&ga_sid=1615921958&ga_hid=986579264&ga_fc=false&fws=4&ohw=1600 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 04639b8354d0f2911bf2b1c9273a7eeedd96699828ea39cf87cdb80afbf91878 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5887 x-xss-protection 0 google-lineitem-id 5159395389 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138285837551 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.brightermonday.co.ke cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ www.facebook.com/tr/	0 114 B	7ms 6ms	Other text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryAnuJNI5pkm1zIPz0 Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt date Tue, 16 Mar 2021 19:12:38 GMT content-type text/plain access-control-allow-origin https://www.brightermonday.co.ke access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0
GET H3-Q050	200	container.html Show response 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 19B9	6 KB 3 KB	35ms 21ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.brightermonday.co.ke/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.brightermonday.co.ke/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 16 Mar 2021 19:12:38 GMT expires Wed, 16 Mar 2022 19:12:38 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	41ms 28ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1615840876344261" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28211 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:38 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	38ms 18ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 39cdbb9babbe3d1c3b2789103194b9ad50e4a074e8ef8e9ff93e372c379be620 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6565 x-xss-protection 0
GET H3-Q050	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 376D	510 B 675 B	44ms 30ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3pMqeATAB&v=APEucNU0W_phx9RSITqC8rYOnBtjwZHyBH12gEzoqR5GdWp06pemKfjTDZq1P3O3KwcKDJY9gv0vqh_UXS6ybyZ2eHhRF9M1j31Ak31fRsV2aAn96-bNJQ3GocoRcK9VFH0oK_UabFBO1BpKunBlrAdrFkF1MychpHAIWXMW6aUzsKZA7NhQ_C3Y87lN0IZKb2xCssbY260V-wPR_Vyudxr-GOGAqOQVow Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNyuyAIQpovKAhj3pMqeATAB&v=APEucNU0W_phx9RSITqC8rYOnBtjwZHyBH12gEzoqR5GdWp06pemKfjTDZq1P3O3KwcKDJY9gv0vqh_UXS6ybyZ2eHhRF9M1j31Ak31fRsV2aAn96-bNJQ3GocoRcK9VFH0oK_UabFBO1BpKunBlrAdrFkF1MychpHAIWXMW6aUzsKZA7NhQ_C3Y87lN0IZKb2xCssbY260V-wPR_Vyudxr-GOGAqOQVow pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUl_IFdzHTix5P2gA5NYQeSsVTqA5zeHI9UQk_2veLm0Q7iZXzCGT_xfBrt8JzU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 16 Mar 2021 19:12:38 GMT server cafe cache-control private content-length 236 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 19B9	22 KB 11 KB	57ms 45ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA1PRFxETc7c75ePI9l1l6EnMuhZRnJx9MFw8kIqqxk4aK_6RAwd5dXnt93ziW7xZV0kuynTMJVWl18JjBtsH_n47-oBWA71T5wTo_EvAw3n0eAfDkrEp5IzC9iP_6-p_0Z66E_2HnoJNErg7raq-1KUdv2Q&dbm_d=AKAmf-AUPVDz9jaUQgGa0CxhV_GxG0jr0WH71tqnyGkrHUaz5ykqfDrYDk-Uzq0Tab2JtiizblqbKPAhvBu7pSC2oXzKMWJTcn82Q5cNBtKpMIquxpDpxI_QuZdk1IWI9dSPF7R2UGshYz3dFZ7GZgknnBGNgcyLB1gmvQjFp8JzHkIec7zWr4ThvEQ1jtkr75lBqh8ffr9ymjSGFeDpQdsxKgKebeco1qFHueTMy97tZmXYvZIxDcyH_DzRz5sCzu1QnOaerhE7SxdAJ3gUwbbT5FGHb66AJAC5IU2ZPMtpyN3c45eqExw0Erzn9VEdW6IzBCJlvA2G2efrknN3NsVRTM_zs1pNzDTAb8fzZ3BkskuazVbpHs9B6KuG2gGVWy4bugIaVbClWfIzWm8xZge0ClOOKB0GaTFD3LMbxpBMUydJrmR1aMkfTbqckYWY51nR4xRX48X8RCs6QoUq-2YV8a9cIlZdn-wtbdTq2M8BFRr9iBlodkMQkyQS09RW1GQEg6mXb1ktWxvd6oA-8i2zTVbffu4CNwxxGbybzaicoDl_XrzEGPmJn7ScdScJAWf78SY0o_d9QdSukQ4xn2TASkalYL-OgrCSMTsnR1AcrES0a73qV4xDYsG2Rg7KkCLyZcYM82eA4xyroo5_rPRJCbrJi11u7F9MygSez88l9OAdHLA5gafe4fLoKXC0jVtut4uVfO8yorsLfozsGAuMwl47m1Nwf712uCr2d4KA3_fCGhhnoKKsxmYSbj-esiT-aBtECzZtXLUofNuOzRAyoPtAgDba_meoI2ncXfNx5viXjww50WwJlA5KxvBFVC-8eMySGN8i_4NgcXr3ouJFsfM74X8koMIjXpWGUvhzMll8UKCrbgphvH7QeNs_rNZ0fB-npobLV56hxS_S2WRko3eKHdHF4HNi-aeWDPsCTYbdLxYyDyhht1t63aDXyT_EjJqLv_HwsQtlXWKVa1cpTjQbUnrNbhlZeb1AckX1A03Ojk6v-mVeKCidQxMoj2XMGEH6HTDnbXA9yZA3C0EUwFEMiG-YY6WOcDPthEwaORTglK5O3sP5eMTezuxls610ZDdyrgipeOyTxW4kb9w300YCWUTuSEG4Q7qHBTRr-0mzp1gFdzqbyqtYXAI224I4uU1-nBkU-PhcCupAARcbfEv2xpGf4wPu38LtKwWpQnkbRhNuKgyB8A4QITXL-BAgJyqGbLveh7elqQ0pKsFowNhz9m0NwAjbkfxtopevbTACz43g2Lqb-s5tWLaTrJJwHujfG9no8SEkgO4_FY06o124TOh8OSN9ex7el-s4uKhIlxggUqd9ZreTu3uqfWwtTPzlZX03miJIbk4jEMJjMhdST7QkDRSubBaRq4agJ0BWcZA26MEOMmQ3FMCGE4566nP20ylTgKT8S4D7-5lqpZx637zVbCz3IUICKH9E13bzfaz9BL_Qd4-RgHKpOY0t6K_mzAV-guXridpn-7WaozvgU1xuk5x2BDXdWV2jOru0YPHq2flJ1oxW0pVfSClHHX0rAI8PergZzm9_eVWCvElN3ZPSZxafMhHHSlFrYftDU3GA4eh8gSzvkpvn9LJb6-wH6LCviSpoERT7q_Vj-6vfMs7lUcZAsC59ejwqdMtlm7qUFZI9jq57RbEjNwNj-4ryfu5S9l8NCi3F1VjZfH1TSZUNetSfS180JRoVYJSwir925R2J6nvMwtq11K990U53wRBSOHLpYP8Bt80HUB3EBYM5mM76uxZ81FcfLyhkgu_emZvogFQGG99LveW8cPDS7858tJyhqe1itldhkAH98hfLVE6GHl_v-DzkVaKTItdW1_qEiKKbMoI3cnKiq2KGJQ96vxB-RjlQ07pBS-RJT8bLAn429cRYE5ZUvkJJ1VMjqHKKER0j9xlMlMEATQRSv0NQ7Xe6yBnFNPYxAkwKI4lDzYe75Cejrs-Ndgp4KWNNwDGFUSAsAbTrAQgPiD0Vw-IQUg9bQAKTuUDzGWRNlX2EEPtLq6jNPT3TsupgIDDOKLzW1b3bErOxuAKb2GR1AmoaBW1lqLAF-S5T8KF9VoPFg7tNygnpiQ5urmvk4S_17a1ECg4s_W0M_x-owEWB9MXaOqCaXlDoOlpzr8WC2QqGqjgiykTPPg3BBMWl7Qq003D7z73Cdrw1RO-8YF4XUfQ_fyclB81-E_LzGwkviCjn8eQkvIFW0mf-1yTiurwQcHwHS04CTQsHP0Ke3HSeLTBoqcdfnX9zgp2yP1L5_wiS7z4aoq6wkXMkbZpRkaIekccJYCtWvNAtDFTd27XXLn4o6uACL7cNuFap6t1UvD2v-aJFsX2gy62YEc7WeijMb6GWlxgesGeQPNzk9JcNnvRKhnDKlAy2uZdfK867UGYZYVpkEQLdSqOa-QcFkrBGsQZbjFyJWJSLq_1FZ8Wib3did4SQM_54IHff_C96skBvYk5sD7Y3_xtz2cRU22JKXeIp7OXnfBoZDQas-V1SU8qHwSTKoz6MBIB1hhEy71tAaWn3qt1ixZI3kSe4NzQrNJo4-ioj4oPiRoWybQNXoP5q9gWUTG07Fqu_NPjmtFfuR6Psx8k4031mie3pJL6sRxoA_eBC2j4flHkoKPZJaVBdxdiM5ZN8uJI204SZ9fhQCk4HoJsnEdoDR5Ni96I_F_N2IlqEokAr_v0lj11g9Yb6i4CxnaEerOzvnrHJgvzP_kLk0_UBioAI_raPMALXv3jaxieahBworV3cHzvA4NMsZGGIg7sAFE9QSrbvXcUwTLQB5kUwS51-F9X75480r7XJwbKbneDhOFMN7rnNy9ND13SEeLCx-3Tm6HONmJe_g04iDqluzeLhiRw90ip6p2Gk-p6aT38WMLDDG7IYwKIibg561NmIe7pOYnfIO61Ijalt8Si2vcsDy8RNtyphoezSDsGcCcswmktIg6FCehhGk-r2ZmaE8bcJpGoKSk6py6bxIPpQ_LJZaQDSf1ltkz4&cid=CAASEuRonZ3z0wmEDtM6PQQBcb6rSQ&rfl=1%2Chttps%253A%252F%252Fwww.brightermonday.co.ke%252F%240 Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash aadf306cba1df8271f5ae0c0603fbaa95a1797007af5aa9d8f088401bd9c5c04 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11316 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 19B9	42 B 476 B	66ms 52ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-o3TkbAj7dL0Y2VeHfAeodZLDe4BtyYI3CSTtLcfdAnvLrqJ5KzbCMqIG6YEGCpZaC2T5cTcYzRWi_muaTskfR_TkhPsiw3j6DdOLLhY7gG-1EBY Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	clk Show response ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25491114.297118267;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/ Frame 19B9	39 KB 17 KB	126ms 58ms	Script text/javascript	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25491114.297118267;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0fdBJgNRYOK_A-CCx_AP0pOpsAWyw_3TYZvExLqZDdvZHhABIN6O5Rdg-4GAgIgKoAHi3dvLAsgBCakCsF9xoJcBtD6oAwGqBNgBT9AC0De_uS5aIFaQ_JPNLgHLVI09jCabx8Cpy035wf3_NTTrqlS4aUVmzTmdRN1HYff35coRwnu9mevN_RFESjEWfykWwzG1Soms8djc0tgq3mP6tVBEiEwTEggqk-ybsE-LcgSqNp6syHJbrpIj5mG46UbvWFY8g--ROSNmfWvJSET0meKTYZEK-OicIfk5piSH8SmJWTcn3a4sw-oUAs9oa3IJkNXrl3VCVsBViGp3yneprOlypDbcbjMKELNrzJzyYm1d0Wq8SN69ybhRVNjWEbEOQovJwAT6hPbmvALgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPMvPIK0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRonZ3z0wmEDtM6PQQBcb6rSQ&sig=AOD64_2N6zid9GDsvxHVJnuObiDeJaCGpQ&client=ca-pub-3937286400902984&dbm_c=AKAmf-BNAHqhNx9aHK2Kls5szqOySFCGWeIiBUHagq5caMUVZldDmA4ZyDRJsdYDzvoVTqxKjzBv5TXSKgqIPSRZMqxQHDoWvG-PDd9aLudUC8mJR-dPYlhppPfwniT5bdJeTW3Uq8ASILXZzdqCd1QH1T9MidQVtw&dbm_d=AKAmf-CAla28H8k4nGEFTLtGVcYs9_H9wKOn13BEzeaVscmSFgvDt-bU4vAjBdjrmebnj-b9nLQZ41YdFAgSKB8OgMIwh0zaHGnGKN4SrdnBSrs8zIMTl0SbMsjdKcEc5YiHHuY0di9ST2n-mE3tSKFY9XOInlNCLaUBQABWXSCci613lbVL_Z8r0_cHOQ1CaKD-dxfghLtNYvu4zAFBfii26A0vf6mV5BELwqb2FXz30OTmM4eK9pdtA0xIs5gRpnVTelrhkwHhHKnifzOTnmOyPkJ4YBZAnlu3vpd0DJgatZCkaVelqK77S8D4phOlBOF8AHxX60PWZoch9vfQJpZ0xempwWDQQ2qEFNvjAgE8EubngxmycaYVlnkVWIxzMl_jyDJhjcnipz6IQiEoEmOTaSSAx0qOmkHqok_rHws4ze4kUvnRMhyJ2AT-dxPPhjg-t5_somuXOln6wQIU25pwFucZZhEuzA&adurl=;ord=1615921958057314;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=? Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software cafe / Resource Hash b39a9a158c5a61d623511f7ac172fcc740bdf70f87cef7564a1cdb82d1ecc68d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17128 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame 19B9	2 KB 1 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/window_focus_fy2019.js Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:11:19 GMT content-encoding gzip x-content-type-options nosniff age 79 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 6751271179024913178 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 30 Mar 2021 19:11:19 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 19B9	112 KB 34 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1615840882416834" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34604 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:38 GMT
GET H3-Q050	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame 19B9	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:10:08 GMT content-encoding gzip x-content-type-options nosniff age 150 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5996 x-xss-protection 0 server cafe etag 15528521553155206461 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 30 Mar 2021 19:10:08 GMT
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1611170586013198" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6403 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:38 GMT
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/221/ Frame 08A6	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/221/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.brightermonday.co.ke/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.brightermonday.co.ke/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4984 date Tue, 16 Mar 2021 17:16:29 GMT expires Wed, 16 Mar 2022 17:16:29 GMT last-modified Tue, 08 Dec 2020 21:41:15 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 6969 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 376D	170 B 243 B	39ms 38ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3pMqeATAB&v=APEucNU0W_phx9RSITqC8rYOnBtjwZHyBH12gEzoqR5GdWp06pemKfjTDZq1P3O3KwcKDJY9gv0vqh_UXS6ybyZ2eHhRF9M1j31Ak31fRsV2aAn96-bNJQ3GocoRcK9VFH0oK_UabFBO1BpKunBlrAdrFkF1MychpHAIWXMW6aUzsKZA7NhQ_C3Y87lN0IZKb2xCssbY260V-wPR_Vyudxr-GOGAqOQVow Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 376D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECdpADHbd3ztj1G1scDSu74&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECdpADHbd3ztj1G1scDSu74&google_cver=1&C=1	43 B 1014 B	503ms 503ms	Image image/gif	173.222.177.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECdpADHbd3ztj1G1scDSu74&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3pMqeATAB&v=APEucNU0W_phx9RSITqC8rYOnBtjwZHyBH12gEzoqR5GdWp06pemKfjTDZq1P3O3KwcKDJY9gv0vqh_UXS6ybyZ2eHhRF9M1j31Ak31fRsV2aAn96-bNJQ3GocoRcK9VFH0oK_UabFBO1BpKunBlrAdrFkF1MychpHAIWXMW6aUzsKZA7NhQ_C3Y87lN0IZKb2xCssbY260V-wPR_Vyudxr-GOGAqOQVow Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.177.7 Dallas, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-177-7.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 16 Mar 2021 19:12:39 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 16 Mar 2021 19:12:39 GMT Redirect headers Pragma no-cache Date Tue, 16 Mar 2021 19:12:39 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECdpADHbd3ztj1G1scDSu74&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Tue, 16 Mar 2021 19:12:39 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 376D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YFEDJ3Ag88wvGGYVPHzcsAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV4HeH0_3eZ_oQpnrx7RyI&google_cver=1	43 B 1014 B	258ms 258ms	Image image/gif	173.222.177.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV4HeH0_3eZ_oQpnrx7RyI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3pMqeATAB&v=APEucNU0W_phx9RSITqC8rYOnBtjwZHyBH12gEzoqR5GdWp06pemKfjTDZq1P3O3KwcKDJY9gv0vqh_UXS6ybyZ2eHhRF9M1j31Ak31fRsV2aAn96-bNJQ3GocoRcK9VFH0oK_UabFBO1BpKunBlrAdrFkF1MychpHAIWXMW6aUzsKZA7NhQ_C3Y87lN0IZKb2xCssbY260V-wPR_Vyudxr-GOGAqOQVow Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.177.7 Dallas, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-177-7.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 16 Mar 2021 19:12:40 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 16 Mar 2021 19:12:40 GMT Redirect headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPV4HeH0_3eZ_oQpnrx7RyI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame 19B9	21 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA1PRFxETc7c75ePI9l1l6EnMuhZRnJx9MFw8kIqqxk4aK_6RAwd5dXnt93ziW7xZV0kuynTMJVWl18JjBtsH_n47-oBWA71T5wTo_EvAw3n0eAfDkrEp5IzC9iP_6-p_0Z66E_2HnoJNErg7raq-1KUdv2Q&dbm_d=AKAmf-AUPVDz9jaUQgGa0CxhV_GxG0jr0WH71tqnyGkrHUaz5ykqfDrYDk-Uzq0Tab2JtiizblqbKPAhvBu7pSC2oXzKMWJTcn82Q5cNBtKpMIquxpDpxI_QuZdk1IWI9dSPF7R2UGshYz3dFZ7GZgknnBGNgcyLB1gmvQjFp8JzHkIec7zWr4ThvEQ1jtkr75lBqh8ffr9ymjSGFeDpQdsxKgKebeco1qFHueTMy97tZmXYvZIxDcyH_DzRz5sCzu1QnOaerhE7SxdAJ3gUwbbT5FGHb66AJAC5IU2ZPMtpyN3c45eqExw0Erzn9VEdW6IzBCJlvA2G2efrknN3NsVRTM_zs1pNzDTAb8fzZ3BkskuazVbpHs9B6KuG2gGVWy4bugIaVbClWfIzWm8xZge0ClOOKB0GaTFD3LMbxpBMUydJrmR1aMkfTbqckYWY51nR4xRX48X8RCs6QoUq-2YV8a9cIlZdn-wtbdTq2M8BFRr9iBlodkMQkyQS09RW1GQEg6mXb1ktWxvd6oA-8i2zTVbffu4CNwxxGbybzaicoDl_XrzEGPmJn7ScdScJAWf78SY0o_d9QdSukQ4xn2TASkalYL-OgrCSMTsnR1AcrES0a73qV4xDYsG2Rg7KkCLyZcYM82eA4xyroo5_rPRJCbrJi11u7F9MygSez88l9OAdHLA5gafe4fLoKXC0jVtut4uVfO8yorsLfozsGAuMwl47m1Nwf712uCr2d4KA3_fCGhhnoKKsxmYSbj-esiT-aBtECzZtXLUofNuOzRAyoPtAgDba_meoI2ncXfNx5viXjww50WwJlA5KxvBFVC-8eMySGN8i_4NgcXr3ouJFsfM74X8koMIjXpWGUvhzMll8UKCrbgphvH7QeNs_rNZ0fB-npobLV56hxS_S2WRko3eKHdHF4HNi-aeWDPsCTYbdLxYyDyhht1t63aDXyT_EjJqLv_HwsQtlXWKVa1cpTjQbUnrNbhlZeb1AckX1A03Ojk6v-mVeKCidQxMoj2XMGEH6HTDnbXA9yZA3C0EUwFEMiG-YY6WOcDPthEwaORTglK5O3sP5eMTezuxls610ZDdyrgipeOyTxW4kb9w300YCWUTuSEG4Q7qHBTRr-0mzp1gFdzqbyqtYXAI224I4uU1-nBkU-PhcCupAARcbfEv2xpGf4wPu38LtKwWpQnkbRhNuKgyB8A4QITXL-BAgJyqGbLveh7elqQ0pKsFowNhz9m0NwAjbkfxtopevbTACz43g2Lqb-s5tWLaTrJJwHujfG9no8SEkgO4_FY06o124TOh8OSN9ex7el-s4uKhIlxggUqd9ZreTu3uqfWwtTPzlZX03miJIbk4jEMJjMhdST7QkDRSubBaRq4agJ0BWcZA26MEOMmQ3FMCGE4566nP20ylTgKT8S4D7-5lqpZx637zVbCz3IUICKH9E13bzfaz9BL_Qd4-RgHKpOY0t6K_mzAV-guXridpn-7WaozvgU1xuk5x2BDXdWV2jOru0YPHq2flJ1oxW0pVfSClHHX0rAI8PergZzm9_eVWCvElN3ZPSZxafMhHHSlFrYftDU3GA4eh8gSzvkpvn9LJb6-wH6LCviSpoERT7q_Vj-6vfMs7lUcZAsC59ejwqdMtlm7qUFZI9jq57RbEjNwNj-4ryfu5S9l8NCi3F1VjZfH1TSZUNetSfS180JRoVYJSwir925R2J6nvMwtq11K990U53wRBSOHLpYP8Bt80HUB3EBYM5mM76uxZ81FcfLyhkgu_emZvogFQGG99LveW8cPDS7858tJyhqe1itldhkAH98hfLVE6GHl_v-DzkVaKTItdW1_qEiKKbMoI3cnKiq2KGJQ96vxB-RjlQ07pBS-RJT8bLAn429cRYE5ZUvkJJ1VMjqHKKER0j9xlMlMEATQRSv0NQ7Xe6yBnFNPYxAkwKI4lDzYe75Cejrs-Ndgp4KWNNwDGFUSAsAbTrAQgPiD0Vw-IQUg9bQAKTuUDzGWRNlX2EEPtLq6jNPT3TsupgIDDOKLzW1b3bErOxuAKb2GR1AmoaBW1lqLAF-S5T8KF9VoPFg7tNygnpiQ5urmvk4S_17a1ECg4s_W0M_x-owEWB9MXaOqCaXlDoOlpzr8WC2QqGqjgiykTPPg3BBMWl7Qq003D7z73Cdrw1RO-8YF4XUfQ_fyclB81-E_LzGwkviCjn8eQkvIFW0mf-1yTiurwQcHwHS04CTQsHP0Ke3HSeLTBoqcdfnX9zgp2yP1L5_wiS7z4aoq6wkXMkbZpRkaIekccJYCtWvNAtDFTd27XXLn4o6uACL7cNuFap6t1UvD2v-aJFsX2gy62YEc7WeijMb6GWlxgesGeQPNzk9JcNnvRKhnDKlAy2uZdfK867UGYZYVpkEQLdSqOa-QcFkrBGsQZbjFyJWJSLq_1FZ8Wib3did4SQM_54IHff_C96skBvYk5sD7Y3_xtz2cRU22JKXeIp7OXnfBoZDQas-V1SU8qHwSTKoz6MBIB1hhEy71tAaWn3qt1ixZI3kSe4NzQrNJo4-ioj4oPiRoWybQNXoP5q9gWUTG07Fqu_NPjmtFfuR6Psx8k4031mie3pJL6sRxoA_eBC2j4flHkoKPZJaVBdxdiM5ZN8uJI204SZ9fhQCk4HoJsnEdoDR5Ni96I_F_N2IlqEokAr_v0lj11g9Yb6i4CxnaEerOzvnrHJgvzP_kLk0_UBioAI_raPMALXv3jaxieahBworV3cHzvA4NMsZGGIg7sAFE9QSrbvXcUwTLQB5kUwS51-F9X75480r7XJwbKbneDhOFMN7rnNy9ND13SEeLCx-3Tm6HONmJe_g04iDqluzeLhiRw90ip6p2Gk-p6aT38WMLDDG7IYwKIibg561NmIe7pOYnfIO61Ijalt8Si2vcsDy8RNtyphoezSDsGcCcswmktIg6FCehhGk-r2ZmaE8bcJpGoKSk6py6bxIPpQ_LJZaQDSf1ltkz4&cid=CAASEuRonZ3z0wmEDtM6PQQBcb6rSQ&rfl=1%2Chttps%253A%252F%252Fwww.brightermonday.co.ke%252F%240 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ec9f79b65c569ced21e12e2d405be370d6bf5ada72c410aba8386d30977de18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:22 GMT content-encoding gzip x-content-type-options nosniff age 16 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8471 x-xss-protection 0 server cafe etag 13855568932611873204 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 30 Mar 2021 19:12:22 GMT
GET H3-Q050	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 19B9	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA1PRFxETc7c75ePI9l1l6EnMuhZRnJx9MFw8kIqqxk4aK_6RAwd5dXnt93ziW7xZV0kuynTMJVWl18JjBtsH_n47-oBWA71T5wTo_EvAw3n0eAfDkrEp5IzC9iP_6-p_0Z66E_2HnoJNErg7raq-1KUdv2Q&dbm_d=AKAmf-AUPVDz9jaUQgGa0CxhV_GxG0jr0WH71tqnyGkrHUaz5ykqfDrYDk-Uzq0Tab2JtiizblqbKPAhvBu7pSC2oXzKMWJTcn82Q5cNBtKpMIquxpDpxI_QuZdk1IWI9dSPF7R2UGshYz3dFZ7GZgknnBGNgcyLB1gmvQjFp8JzHkIec7zWr4ThvEQ1jtkr75lBqh8ffr9ymjSGFeDpQdsxKgKebeco1qFHueTMy97tZmXYvZIxDcyH_DzRz5sCzu1QnOaerhE7SxdAJ3gUwbbT5FGHb66AJAC5IU2ZPMtpyN3c45eqExw0Erzn9VEdW6IzBCJlvA2G2efrknN3NsVRTM_zs1pNzDTAb8fzZ3BkskuazVbpHs9B6KuG2gGVWy4bugIaVbClWfIzWm8xZge0ClOOKB0GaTFD3LMbxpBMUydJrmR1aMkfTbqckYWY51nR4xRX48X8RCs6QoUq-2YV8a9cIlZdn-wtbdTq2M8BFRr9iBlodkMQkyQS09RW1GQEg6mXb1ktWxvd6oA-8i2zTVbffu4CNwxxGbybzaicoDl_XrzEGPmJn7ScdScJAWf78SY0o_d9QdSukQ4xn2TASkalYL-OgrCSMTsnR1AcrES0a73qV4xDYsG2Rg7KkCLyZcYM82eA4xyroo5_rPRJCbrJi11u7F9MygSez88l9OAdHLA5gafe4fLoKXC0jVtut4uVfO8yorsLfozsGAuMwl47m1Nwf712uCr2d4KA3_fCGhhnoKKsxmYSbj-esiT-aBtECzZtXLUofNuOzRAyoPtAgDba_meoI2ncXfNx5viXjww50WwJlA5KxvBFVC-8eMySGN8i_4NgcXr3ouJFsfM74X8koMIjXpWGUvhzMll8UKCrbgphvH7QeNs_rNZ0fB-npobLV56hxS_S2WRko3eKHdHF4HNi-aeWDPsCTYbdLxYyDyhht1t63aDXyT_EjJqLv_HwsQtlXWKVa1cpTjQbUnrNbhlZeb1AckX1A03Ojk6v-mVeKCidQxMoj2XMGEH6HTDnbXA9yZA3C0EUwFEMiG-YY6WOcDPthEwaORTglK5O3sP5eMTezuxls610ZDdyrgipeOyTxW4kb9w300YCWUTuSEG4Q7qHBTRr-0mzp1gFdzqbyqtYXAI224I4uU1-nBkU-PhcCupAARcbfEv2xpGf4wPu38LtKwWpQnkbRhNuKgyB8A4QITXL-BAgJyqGbLveh7elqQ0pKsFowNhz9m0NwAjbkfxtopevbTACz43g2Lqb-s5tWLaTrJJwHujfG9no8SEkgO4_FY06o124TOh8OSN9ex7el-s4uKhIlxggUqd9ZreTu3uqfWwtTPzlZX03miJIbk4jEMJjMhdST7QkDRSubBaRq4agJ0BWcZA26MEOMmQ3FMCGE4566nP20ylTgKT8S4D7-5lqpZx637zVbCz3IUICKH9E13bzfaz9BL_Qd4-RgHKpOY0t6K_mzAV-guXridpn-7WaozvgU1xuk5x2BDXdWV2jOru0YPHq2flJ1oxW0pVfSClHHX0rAI8PergZzm9_eVWCvElN3ZPSZxafMhHHSlFrYftDU3GA4eh8gSzvkpvn9LJb6-wH6LCviSpoERT7q_Vj-6vfMs7lUcZAsC59ejwqdMtlm7qUFZI9jq57RbEjNwNj-4ryfu5S9l8NCi3F1VjZfH1TSZUNetSfS180JRoVYJSwir925R2J6nvMwtq11K990U53wRBSOHLpYP8Bt80HUB3EBYM5mM76uxZ81FcfLyhkgu_emZvogFQGG99LveW8cPDS7858tJyhqe1itldhkAH98hfLVE6GHl_v-DzkVaKTItdW1_qEiKKbMoI3cnKiq2KGJQ96vxB-RjlQ07pBS-RJT8bLAn429cRYE5ZUvkJJ1VMjqHKKER0j9xlMlMEATQRSv0NQ7Xe6yBnFNPYxAkwKI4lDzYe75Cejrs-Ndgp4KWNNwDGFUSAsAbTrAQgPiD0Vw-IQUg9bQAKTuUDzGWRNlX2EEPtLq6jNPT3TsupgIDDOKLzW1b3bErOxuAKb2GR1AmoaBW1lqLAF-S5T8KF9VoPFg7tNygnpiQ5urmvk4S_17a1ECg4s_W0M_x-owEWB9MXaOqCaXlDoOlpzr8WC2QqGqjgiykTPPg3BBMWl7Qq003D7z73Cdrw1RO-8YF4XUfQ_fyclB81-E_LzGwkviCjn8eQkvIFW0mf-1yTiurwQcHwHS04CTQsHP0Ke3HSeLTBoqcdfnX9zgp2yP1L5_wiS7z4aoq6wkXMkbZpRkaIekccJYCtWvNAtDFTd27XXLn4o6uACL7cNuFap6t1UvD2v-aJFsX2gy62YEc7WeijMb6GWlxgesGeQPNzk9JcNnvRKhnDKlAy2uZdfK867UGYZYVpkEQLdSqOa-QcFkrBGsQZbjFyJWJSLq_1FZ8Wib3did4SQM_54IHff_C96skBvYk5sD7Y3_xtz2cRU22JKXeIp7OXnfBoZDQas-V1SU8qHwSTKoz6MBIB1hhEy71tAaWn3qt1ixZI3kSe4NzQrNJo4-ioj4oPiRoWybQNXoP5q9gWUTG07Fqu_NPjmtFfuR6Psx8k4031mie3pJL6sRxoA_eBC2j4flHkoKPZJaVBdxdiM5ZN8uJI204SZ9fhQCk4HoJsnEdoDR5Ni96I_F_N2IlqEokAr_v0lj11g9Yb6i4CxnaEerOzvnrHJgvzP_kLk0_UBioAI_raPMALXv3jaxieahBworV3cHzvA4NMsZGGIg7sAFE9QSrbvXcUwTLQB5kUwS51-F9X75480r7XJwbKbneDhOFMN7rnNy9ND13SEeLCx-3Tm6HONmJe_g04iDqluzeLhiRw90ip6p2Gk-p6aT38WMLDDG7IYwKIibg561NmIe7pOYnfIO61Ijalt8Si2vcsDy8RNtyphoezSDsGcCcswmktIg6FCehhGk-r2ZmaE8bcJpGoKSk6py6bxIPpQ_LJZaQDSf1ltkz4&cid=CAASEuRonZ3z0wmEDtM6PQQBcb6rSQ&rfl=1%2Chttps%253A%252F%252Fwww.brightermonday.co.ke%252F%240 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 13 Mar 2021 10:29:31 GMT content-encoding gzip x-content-type-options nosniff age 290587 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Mar 2022 10:29:31 GMT
GET H3-Q050	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame CAAD	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Sat, 13 Mar 2021 10:29:33 GMT expires Sun, 13 Mar 2022 10:29:33 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 290585 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response pagead2.googlesyndication.com/bg/ Frame 08A6	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 16:34:44 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 08 Mar 2021 17:45:00 GMT server sffe age 95874 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5732 x-xss-protection 0 expires Tue, 15 Mar 2022 16:34:44 GMT
GET H3-Q050	200	OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response pagead2.googlesyndication.com/bg/ Frame CAAD	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 16:34:44 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 08 Mar 2021 17:45:00 GMT server sffe age 95874 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5732 x-xss-protection 0 expires Tue, 15 Mar 2022 16:34:44 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 19B9	111 KB 39 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 13:10:13 GMT content-encoding gzip x-content-type-options nosniff age 21745 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 17 Mar 2021 13:10:13 GMT
GET H3-Q050	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210315/r20110914/elements/html/ Frame 19B9	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210315/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25491114.297118267;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0fdBJgNRYOK_A-CCx_AP0pOpsAWyw_3TYZvExLqZDdvZHhABIN6O5Rdg-4GAgIgKoAHi3dvLAsgBCakCsF9xoJcBtD6oAwGqBNgBT9AC0De_uS5aIFaQ_JPNLgHLVI09jCabx8Cpy035wf3_NTTrqlS4aUVmzTmdRN1HYff35coRwnu9mevN_RFESjEWfykWwzG1Soms8djc0tgq3mP6tVBEiEwTEggqk-ybsE-LcgSqNp6syHJbrpIj5mG46UbvWFY8g--ROSNmfWvJSET0meKTYZEK-OicIfk5piSH8SmJWTcn3a4sw-oUAs9oa3IJkNXrl3VCVsBViGp3yneprOlypDbcbjMKELNrzJzyYm1d0Wq8SN69ybhRVNjWEbEOQovJwAT6hPbmvALgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPMvPIK0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRonZ3z0wmEDtM6PQQBcb6rSQ&sig=AOD64_2N6zid9GDsvxHVJnuObiDeJaCGpQ&client=ca-pub-3937286400902984&dbm_c=AKAmf-BNAHqhNx9aHK2Kls5szqOySFCGWeIiBUHagq5caMUVZldDmA4ZyDRJsdYDzvoVTqxKjzBv5TXSKgqIPSRZMqxQHDoWvG-PDd9aLudUC8mJR-dPYlhppPfwniT5bdJeTW3Uq8ASILXZzdqCd1QH1T9MidQVtw&dbm_d=AKAmf-CAla28H8k4nGEFTLtGVcYs9_H9wKOn13BEzeaVscmSFgvDt-bU4vAjBdjrmebnj-b9nLQZ41YdFAgSKB8OgMIwh0zaHGnGKN4SrdnBSrs8zIMTl0SbMsjdKcEc5YiHHuY0di9ST2n-mE3tSKFY9XOInlNCLaUBQABWXSCci613lbVL_Z8r0_cHOQ1CaKD-dxfghLtNYvu4zAFBfii26A0vf6mV5BELwqb2FXz30OTmM4eK9pdtA0xIs5gRpnVTelrhkwHhHKnifzOTnmOyPkJ4YBZAnlu3vpd0DJgatZCkaVelqK77S8D4phOlBOF8AHxX60PWZoch9vfQJpZ0xempwWDQQ2qEFNvjAgE8EubngxmycaYVlnkVWIxzMl_jyDJhjcnipz6IQiEoEmOTaSSAx0qOmkHqok_rHws4ze4kUvnRMhyJ2AT-dxPPhjg-t5_somuXOln6wQIU25pwFucZZhEuzA&adurl=;ord=1615921958057314;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=? Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:10:34 GMT content-encoding gzip x-content-type-options nosniff age 124 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 30 Mar 2021 19:10:34 GMT
GET H3-Q050	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B0AD	1 KB 854 B	6ms 6ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 16 Mar 2021 03:14:09 GMT expires Wed, 17 Mar 2021 03:14:09 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 cache-control public, max-age=86400 age 57509 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 19B9	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash abb0edd7c2376b44ff93193019daf7a160a0382d83a9e0b5eb6aad3aed5ab0b5 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-Q050	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 3E40	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Sat, 13 Mar 2021 10:29:33 GMT expires Sun, 13 Mar 2022 10:29:33 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 290585 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	index.html Show response s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	5 KB 2 KB	34ms 20ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30c368023336ed94c8bdc50141a5f14c96629082ada34e9f8c7cd714c0cf1860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 1509 date Tue, 16 Mar 2021 16:56:46 GMT expires Wed, 17 Mar 2021 16:56:46 GMT last-modified Mon, 21 Dec 2020 09:26:26 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 8152 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 19B9	0 437 B	131ms 65ms	Other image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_UDKfOui_ZtqXFEZ7Aj6rNT5y8HjabMiXTQv8k3_aVNukl-PspueLTLim_EQ-rvlGi03lampuqDHmWbdmVsfPGpjiV_YSRz8pptKcst0a8vr9kHxjuxf4V4Nt48NeFIV6kmbih3ukpUpcZBUn-vsgMazFTPwmWAqbYIa5Pu7pfo86ut1X5mNGz8TL7nqK2UeKY7ld3hw_V3lqtA&sig=Cg0ArKJSzNyJXl3xpiwXEAE&urlfix=1&omid=0&rm=1&ctpt=83&cbvp=1&cstd=81&cisv=r20210315.47097&adurl= Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:38 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame B0AD Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEEKhQgp8dpIZO17gro3kZ3I&google_cver=1&google_push=AQvitUIPHjFOh9Hvgup4oZj6y_twSZN1tqK2nnqz4bJ5tIQu7nqZu5FP0JkRFpni2E8V89XgkbPyH313oTZDB4jYE09rvDMnAsqwhw https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10A203119D5F42439162AC0D3DEFC37D&google_push=AQvitUIPHjFOh9Hvgup4oZj6y_twSZN1tqK2nnqz4bJ5tIQu7nqZu5FP0JkRFpni2E8V89XgkbPyH313oTZDB4j...	170 B 461 B	42ms 40ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10A203119D5F42439162AC0D3DEFC37D&google_push=AQvitUIPHjFOh9Hvgup4oZj6y_twSZN1tqK2nnqz4bJ5tIQu7nqZu5FP0JkRFpni2E8V89XgkbPyH313oTZDB4jYE09rvDMnAsqwhw Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 16 Mar 2021 19:12:38 GMT x-content-type-options nosniff server nginx location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10A203119D5F42439162AC0D3DEFC37D&google_push=AQvitUIPHjFOh9Hvgup4oZj6y_twSZN1tqK2nnqz4bJ5tIQu7nqZu5FP0JkRFpni2E8V89XgkbPyH313oTZDB4jYE09rvDMnAsqwhw strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 154 expires Mon, 15 Mar 2021 19:12:38 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame B0AD	0 135 B	80ms 32ms	Image text/plain	34.96.105.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEq8DtaIaFFfaMZqbAS72tg&google_cver=1&google_push=AQvitUJxIuTLz2EljwKbPr0QPSpgoamA2GV-Ms-RagbSsJ4peT87jd1md4q4X1kmb4PECM7mgApb2xTCCqrXWmnJi-bcUsIKnmWdAw Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT via 1.1 google alt-svc clear
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame B0AD Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDysA1gndEjsErmMqi5SeOM&google_cver=1&google_push=AQvitULwzgF3lxAt5f8kMCLE3F6GDn_QROsYpDuZPm97KBDD40m6wn1ZSbWgPss_KF4iDd7pwqn9PTeneeRNd6... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MDMzMTk2MjUzMzY3MzEwNQ%3D%3D&google_push=AQvitULwzgF3lxAt5f8kMCLE3F6GDn_QROsYpDuZPm97KBDD40m6wn1ZSbWgPss_KF4iDd7pwqn9PTeneeRNd6Atnm...	170 B 190 B	39ms 38ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MDMzMTk2MjUzMzY3MzEwNQ%3D%3D&google_push=AQvitULwzgF3lxAt5f8kMCLE3F6GDn_QROsYpDuZPm97KBDD40m6wn1ZSbWgPss_KF4iDd7pwqn9PTeneeRNd6AtnmOaQ7j0akq- Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MDMzMTk2MjUzMzY3MzEwNQ%3D%3D&google_push=AQvitULwzgF3lxAt5f8kMCLE3F6GDn_QROsYpDuZPm97KBDD40m6wn1ZSbWgPss_KF4iDd7pwqn9PTeneeRNd6AtnmOaQ7j0akq- Date Tue, 16 Mar 2021 19:12:38 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame B0AD Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFEDJ-a5lvsCcT6P2l-YhQAABGoAAAAB&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_push=AQvitUKZFAhWFtw6Q-9JsYrXE3sjibkxTfN3LICu3xSjHG_u4u3...	170 B 213 B	39ms 39ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFEDJ-a5lvsCcT6P2l-YhQAABGoAAAAB&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_push=AQvitUKZFAhWFtw6Q-9JsYrXE3sjibkxTfN3LICu3xSjHG_u4u3bAEZnLfDN2PWmOVJIssCkERG4D5wn-sysMNPdxInLDmoMEmD8Yw&google_cver=1 Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:40 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 16 Mar 2021 19:12:40 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFEDJ-a5lvsCcT6P2l-YhQAABGoAAAAB&google_gid=CAESEH2njPz22FF3q7QZd4gKsis&google_push=AQvitUKZFAhWFtw6Q-9JsYrXE3sjibkxTfN3LICu3xSjHG_u4u3bAEZnLfDN2PWmOVJIssCkERG4D5wn-sysMNPdxInLDmoMEmD8Yw&google_cver=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 462 Expires Tue, 16 Mar 2021 19:12:40 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame B0AD Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFajML3ASfNIHXZQfhOZ-dM&google_cver=1&google_push=AQvitUKQzcPUuFRwxA39FXDk2OMl73xYRy6uwnSPd0_3KxwJG7sZIw1SdRaKa51dGGlmOw6GUYD5wRdw8VvEdchI... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKQzcPUuFRwxA39FXDk2OMl73xYRy6uwnSPd0_3KxwJG7sZIw1SdRaKa51dGGlmOw6GUYD5wRdw8VvEdchIVmJBhz7v2NnK5w	170 B 190 B	42ms 42ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKQzcPUuFRwxA39FXDk2OMl73xYRy6uwnSPd0_3KxwJG7sZIw1SdRaKa51dGGlmOw6GUYD5wRdw8VvEdchIVmJBhz7v2NnK5w Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 16 Mar 2021 19:12:39 GMT via 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop DUS51-C1 x-cache Miss from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKQzcPUuFRwxA39FXDk2OMl73xYRy6uwnSPd0_3KxwJG7sZIw1SdRaKa51dGGlmOw6GUYD5wRdw8VvEdchIVmJBhz7v2NnK5w cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id Ib3B7zqlcmJ5UAkLmquj-GNPFxiglOR4PKkuACjptyxY1XM5-Y9ljA==
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame B0AD Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAs3kU6FpmCoQfom946kmVU&google_cver=1&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXV... https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXVnxHg&go... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczNTc5NTM0NzUyNjU0NjYwOQ%3D%3D&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_...	170 B 213 B	39ms 39ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczNTc5NTM0NzUyNjU0NjYwOQ%3D%3D&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXVnxHg Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczNTc5NTM0NzUyNjU0NjYwOQ%3D%3D&google_push=AQvitULR87GEDEVIWiusX5ozD5gq-tcFb0cwyXo9ezFzxytsIk1BF8U01F2_pxzOh5UstwHTBzHugzO7B4keTzEhX683ITYHXVnxHg date Tue, 16 Mar 2021 19:12:38 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H3-Q050	200	dot.gif s0.2mdn.net/ Frame B0AD	43 B 146 B	15ms 14ms	Image image/gif	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESENtRBW7L567JQIref_MKFqA&google_cver=1&google_push=AQvitUInaXivqYDV2Rn-kixTWyXa8U_tUg2HsqSx6IqYn5N9HTYAHhgzpmEfZUeC0yV5LU6MQI6MCbeur9lYW9ThUAom_wVYRuhsw_E Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Wed, 17 Mar 2021 19:12:38 GMT
GET H3-Q050	204	attr cm.g.doubleclick.net/pixel/ Frame B0AD	0 26 B	38ms 37ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtNkSxjjtbLKt-6Vqn8ngpWbmV7Nj_ExXmiSV01vgin9SJTXGkUJvc2-hSGdGLCEB6G_mGig Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-Q050	200	GHE3nmVSkstokqzvGe9ZJ60ZxJZF7B7kK12a7dcDHRY.js Show response pagead2.googlesyndication.com/bg/ Frame 3E40	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GHE3nmVSkstokqzvGe9ZJ60ZxJZF7B7kK12a7dcDHRY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1871379e655292cb6892acef19ef5927ad19c49645ec1ee42b5d9aedd7031d16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 15:53:52 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 08 Mar 2021 17:45:00 GMT server sffe age 11926 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5634 x-xss-protection 0 expires Wed, 16 Mar 2022 15:53:52 GMT
GET H3-Q050	200	style.css s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	1 KB 563 B	8ms 8ms	Stylesheet text/css	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dedafdfc972139c63fb206e9ca085fcaf45b829ea14b98a1976217f20cd9ec3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 16:56:46 GMT content-encoding gzip x-content-type-options nosniff age 8152 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 526 x-xss-protection 0 last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Wed, 17 Mar 2021 16:56:46 GMT
GET H3-Q050	200	main.js Show response s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	2 KB 591 B	9ms 9ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75b2e1396c095dbb2e40e5b9b9ee64676c20c28e2456eb26619708d826ee139 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 16:56:46 GMT content-encoding gzip x-content-type-options nosniff age 8152 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 549 x-xss-protection 0 last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Wed, 17 Mar 2021 16:56:46 GMT
GET H3-Q050	200	tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 534D	110 KB 37 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37930 x-xss-protection 0 last-modified Tue, 20 Jun 2017 21:14:35 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Tue, 16 Mar 2021 19:12:38 GMT
GET H3-Q050	200	back1.jpg s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	56 KB 56 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/back1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 775ada392c326178bb9af0fb701a6f3d5a87bef07f4e64895c213021f91c9ec0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57261 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	text6.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	16 KB 16 KB	8ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/text6.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 898d371718439642420e6f1c6e75d1715a7620cb42fbcab817f0538c3a29137f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16209 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	cta.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	1 KB 1 KB	11ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8badeefac9aaa45ed810066f51306b5342082b687e666f7f446b781c4340e7f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1249 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	ml.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	775 B 803 B	10ms 7ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ml.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ad98306667710491031e00f0e14f9daac1311fa7f6157a5072e3daa46bf4533 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 775 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	nissan_white.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	1 KB 1 KB	18ms 15ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/nissan_white.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash feceea02aa81e2e25af0fc2ff0108c3e5501f4f10ab810869846893a53f9468b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1099 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	text5.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	10 KB 10 KB	16ms 13ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/text5.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73b64a8ab9ab4ceaaa6b7a96585e88c195c20759324bdfe338a3267fc6c08f0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10299 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	text4.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	16 KB 16 KB	15ms 12ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/text4.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9a1f7bfa81ee4952ed4d1c5f5595ed4b3fe6cabfa1e976ba09c74fd336bcef3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 08:16:12 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 39386 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16262 x-xss-protection 0 expires Wed, 17 Mar 2021 08:16:12 GMT
GET H3-Q050	200	back3.jpg s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	8 KB 8 KB	15ms 12ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/back3.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de5678a3a460417f5407fdc5a642eea4625c65417b42a5a50ac6e47d6df51311 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 08:16:12 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 39386 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8375 x-xss-protection 0 expires Wed, 17 Mar 2021 08:16:12 GMT
GET H3-Q050	200	text3.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	2 KB 2 KB	14ms 12ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/text3.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d33a5a6a0f4d0d207b355ee9e58aaa4c68d22439f2e3e43ba914c9e314128afa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 18:13:46 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 3532 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1693 x-xss-protection 0 expires Wed, 17 Mar 2021 18:13:46 GMT
GET H3-Q050	200	back2.jpg s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	6 KB 6 KB	13ms 10ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/back2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c4eb0a178db7a00654514cd8bd913328f092228dc23c7e41485c1ae2de9853fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5803 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	text2.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	1 KB 1 KB	12ms 10ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/text2.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ac08b247864118cc99a64eae44356fbf38eb15fa346e2f191ee43bff5c5c205 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 15 Mar 2021 21:34:58 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 77860 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1033 x-xss-protection 0 expires Tue, 16 Mar 2021 21:34:58 GMT
GET H3-Q050	200	text1.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	4 KB 4 KB	17ms 15ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/text1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f452ed3e77b67975d5adca41b2b0d3407af23e08a1055d71cf53c65909aecae4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 07:58:46 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 40432 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4106 x-xss-protection 0 expires Wed, 17 Mar 2021 07:58:46 GMT
GET H3-Q050	200	logo.png s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/ Frame 534D	4 KB 4 KB	17ms 15ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4bb271ce06969eeef2be232e99ee93e6512eea09e61e01a6f203bea57fdb2c6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1608542786100/QASHQAI_728x90_CONFIGUREZ_LE/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 17:32:38 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 09:26:26 GMT server sffe age 6000 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3798 x-xss-protection 0 expires Wed, 17 Mar 2021 17:32:38 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 7CF9	0 0	66ms 65ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW7djFwj9JeGTLypsqOgZejVkDEyLe17e9yThjOsMfbKM9Gvh2ynNlgHvW3KPMnMyZ9saN-7OwoHbD6lCGH6Z28tquglRvHpm74lZIYai9RYJB88Cs5Zr0WKRhnjnm-OJVC97aa-m0diwyzM0xhDRUOmNs_Gy862Ol8F4bTTFEv8XDtH-iKNzxPiZyNGPMUnKi84q8ixjU9bxHD1R_pgTGt_p5Zso3MOTtvavoHDgi-GexqmFk6tTsPDyH_MBHKGmhahCmn4_F57Myz8iNCgozk9kDlukJ5D_9VgUl3MFJcmVQM7g-kqo35CZED8RzLY2ecCxfGZ7kxZydNevN5IV-KuJc4DUzqg&sig=Cg0ArKJSzOka-1eKOejEEAE&adurl= Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:38 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame 7CF9	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:11:19 GMT content-encoding gzip x-content-type-options nosniff age 79 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 6751271179024913178 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 30 Mar 2021 19:11:19 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7CF9	112 KB 34 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:38 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1615840882416834" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34604 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:38 GMT
GET H3-Q050	204	l www.google.com/ads/measurement/ Frame 7CF9	0 0	14ms 13ms	Image text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsLmovEx8VQWZiimwUygPuI4rk5WHiFhuZqgtExdCNGzOCQkiPEpoBvLb6GEudUTrEo0cHVHn-wrcUjmCTzugm8n_L0A Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	707302061676958636 tpc.googlesyndication.com/simgad/ Frame 7CF9	111 KB 111 KB	8ms 7ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/707302061676958636 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031101.js?31060464 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09f6cd07615f77b970884952aff379cbbe28a5e0ea16c6db122b1ad904a0fdb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 16:53:36 GMT x-content-type-options nosniff age 8342 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113850 x-xss-protection 0 last-modified Thu, 29 Aug 2019 07:22:39 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Mar 2022 16:53:36 GMT
GET DATA	200 OK	truncated / Frame 7CF9	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9dd1b36e2d39aaef868d99db9a23313897b75a50c8fb55ff9c08568a6f863d69 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 25 B	41ms 40ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031101&jk=53253812222080&bg=!19Sl1JfNAAUO7zDoDjsAKQB2-DxaFOC4BDGCEhgPt4VW0gANET8tlpqAvo1eJaoXzmjqtMC0SVX2AgAAAMVSAAAAMmgBBwoBePvYxqBDSX-eGcrE615qHKVm31OisaH8ObCvb2LvSeOQzDaopCdRjEufpMnkS9m8wkebdgtMQRy3DK1GXXgiy0gVhbYXDhbLMhWPZz7goXaR9E0l8qp63CQvZs3p3FMHXE4AUcTehztf65zWebrl_DBD2xH0tF16DGtv9P6fBsXsKl7Mz72DYG1Du4y0mpv9nZXkIpud5qWkAgeVHx1k520sYluJ7G_3irfZKd6htHWYC3ySgOr-JHgZaqtziMydoYIlA-LwEpdwPd4udNi5hLMQGnnYRpLLxolRjf28A7y9dHcbW6Q2JfZgeNRnMuoXhKT5gjhU6_jFBomZY5anyw4TwGd-w1xzTNPbR-IQMksL7MwjP8sawjTP9tIooVyerS5mTUHDWlwtdj9ZeFyQj5KV30vdzo6YBPLtil_mbHjtnrkdtTlgAFGDzAJgP4_bfP6pB24nIml3t03zxDyuL_CVKJRdqNYrHjD7WdzEfDBalmKx23gVlNyZAeUcVuIBfpZ3reFb7pfHooQz-JcoUEkXRxoC4rfvpkDl62h501jhCDCYDbCYzB32IwI1BVN_lsOzhVkRu4l9rwhS90UV1GL6DfQ9sfSabDDqcoT2nI-xUSrS4sHoUivnLtTIEY8saJUEczmudaC8VkHsCf4EJsQ-FMiHuT5PNDDBCUQLEVdS3j5jEAXzUcE3nE1ro171jDMktz1VdGDxcd6h-5vnwU1ZCwg0Qw-HOhUyLY0AuazWnzi5mARfpmXLUWL_cOpkkAFXEdkSQX0MwZrd3cfLdE-rFzYuVsOLWIVoX8uWdLBEDOb7Oy38qAL0olu4FgNnAK8t2Ies30M9R7eiha7uhJGlgV5YI45Owg88D85NWoL_9LOLY2ukR53S9WcmmJHPk9yvTFhUZcdbL7rHqLKMzK0xgvhJsLgRu5x41ybePX_u9RDhe2dizGHvgZdtRJaGFLb6q_h6YIjPdr37oFuZbIOvZB7RYgwZdhAp67MWSOsXVoqgeA27nJZN_zT524U_5D1BOeV2J66WpXkSMPKUcxrfAojH_T5Y63xYnM4mtNR_ALjHNAAdzT-bBsBFmFF4tyYyDx7MtFRVlS2YXk2IIC_oAwGz_KxxAJ7bOcNODx71287KM21vtmAoWGRhtzkp0Q Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 7CF9	0 0	110ms 72ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_1OcP1vpiNu4m97qaf0SJkTQhTHQfALkkKuYbUVnx_i7DQPsZGUMZI_yxqUIihM1FXYAsDeg2Jgrcd2BbpiW1XVTmpl74B5kslZJxNVTeciMLTMOsKpHwGwxeuJIlUQIlFCJqsLUHSgSoalU2k6-2dtZMCZo_f5kOOUepc1LK-o-DMZobc7bezysZv10NR0bMzzmCIcRa5PIMvO04801xExZm1M0RhOtV7dDr_z07tfxJC_lSxzAkkibH4FQnUcm8vEnRnG1POnELxW2MITaReLPMu_mrdFfTTmXZTo0_nTh-Z9XEHXhLyMQfXS1CEbGIBpEqtxH1Z5UTJSmrq_d1O42r3zpToQZt&sig=Cg0ArKJSzDQuzEprjpbpEAE&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.brightermonday.co.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:39 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Tue, 16 Mar 2021 19:12:39 GMT
POST H3-Q050	200	view googleads4.g.doubleclick.net/pcs/ Frame 19B9	0 424 B	136ms 63ms	Other image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_UDKfOui_ZtqXFEZ7Aj6rNT5y8HjabMiXTQv8k3_aVNukl-PspueLTLim_EQ-rvlGi03lampuqDHmWbdmVsfPGpjiV_YSRz8pptKcst0a8vr9kHxjuxf4V4Nt48NeFIV6kmbih3ukpUpcZBUn-vsgMazFTPwmWAqbYIa5Pu7pfo86ut1X5mNGz8TL7nqK2UeKY7ld3hw_V3lqtA&sig=Cg0ArKJSzNyJXl3xpiwXEAE&urlfix=1&omid=0&rm=1&ctpt=269&vt=11&dtpt=186&dett=3&cstd=81&cisv=r20210315.47097&adurl= Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 16 Mar 2021 19:12:39 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CAAD	0 46 B	41ms 41ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BURUHJgNRYMjsI_-D7_UPhsa64A4AAAAAOAHgBAI&bg=!v7ylvPjNAAYO7zDoDu87ACkAdvg8WgykadYpMR1DzyUVwU096n_49MDVonLFX3ct4_IeuEy7ZryIvwIAAADMUgAAADZoAQcKAQ1f3Js3vG7614E2V7Crl5-RIwo4Oc-mpF-sGhuGByEiH9I3ZeLr8M1_E-sLfBEWOwKDZMDelLRDXGpe3U19qB_ikkuQDyEsT-SiKxanEIVFQZoDPFpQisYwTzXmkdpV3n1uKYA28pf37JwFpziF-77VoZWhQk_PMeETu3QjZrm8CTxQPm613YtN50LpAcp8J2dnawgukaoq91oGMB_JMxbtOrC5O9ViiY5ErvytTixwviEy7DG7sdOpApkVGPAC5BDdNuKxSgElLR4ahqI-uFpmTENAbbmGm58ubdMhSetACoXzhC87Td-pBXkC_X5o6I50PR73y510sYdi3LZBUfkt8AW4fyzjLLHS6F6wBZkCb0jrMFdkXkApfukJZgZ2UExvHr9lo5Au9ag-67PRQqI6iIKvT5NUmbJgwIAxpT-4glHYWcGsh67zT2bcPELSzvNP4oL8M91WTM1orT-jDFm9YssuNR0cm6jXzrcQ3B9Q4oFOc2ISM82Ac-1VPmPC_sLc93aBoAd8a0DLisA9UkJKQYdOgqA4GdmowMJlAWVAx8Dc4dybaJ-sgEYS2kGptzn9JJ1Sz_NhsIUxa5Uuxk-EDLIhhPGMo_Cnh0TKyVjydVZXuskGN9fjUG81gV4V9fxs0ZM0OYm8ZDN8oRS_i9GHNhXfpitCzEydKT0ZWPAm2Z1bk5mPe6n5mIICWb_zz_AyTm-aR9_q4OpB2N1T4EKYulGmQjL7g7wwX6CsQUHzsNRR8SIO73No5ZbFW2f4q-CYi-uIvhUOUpA0PD0eeat2QxLBUl-LolPsP3IWI_1U10W8d9tX5j6VCv7aIy8eTtCYxQM7xPwdHuNu7IDsJwGCfBWHtR_2EotKKtKRcy8PK_exGtk6my6MaEqjdXmunWDKltaVtVmhK5Q-ZxQyunkH6VwKayHplmmJNj5RihzyKivfQshMszr1MxkBwFtY4Gq1ux9a8CO1JMzb_QPgcnfRp3d4K5z9xn1izNZzP17WuLsGxW_Zqpcc3W8T6MfF4kKjbDFimawR592o-f-hbZfo_ZRP_nN_Ur3WMvinLtdyRjpYuAmhYDs9GN98IOpt36qN6nPLy5sjdHZ61uiXg7NxskAnIzs3cLcCU29-w-U2F88sbQe7hxpICvGSpk7DQ9jFZA_TFm60pZ1EWmwwpI5ge9HOfN6ZM8qMrC8Iz50w Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3E40	0 23 B	40ms 39ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwetXJgNRYJ38JvHC7_UPvq2zMAAAAAA4AeAEAg&bg=!m5ilmNzNAAYO7zDoDu87ACkAdvg8WuffTDxM1_0gPGQTnMnOnA2rGJBv2yTNTjeDhgFb3y_j2GeI5wIAAACHUgAAAAhoAQeZApHTNQoKMuiFZYzoDY7qYAlwZL9vjeVu-LeDkepZNre_bEtDbKgSG4ie50XlN9hSfRv0yH1noJTnmbyXJBzUNTfIwGKhvql45Ur8dDovWhm3BC2ixIVyRHIDSoOeCDYRWgzcNkzDJj5_D9FB4swNSrwD7Zfa69K7ZmpdDiX19flY7zzbOELStfVUByc3M5m1hUHPskV8Z-PaVq_RaLNo50pWQyv2Y7lUY1GsTMB8YbE63c7pTC-s7GrBxdIQYBVN9Y8PMwDZHaMhjal3g6WIpTCIezraJVi724InwvH4Q_Uq14f3Lu-I4YYV7JYbv43eCfUEmSYzBwr5Pp_HcK59aKS9OCLKzUg09x5gYGoCJCW7XooVozq7314EgNLdeT9qA-uqCfmGkGhgXzYSgZcTRD1fJjNvnlGNTeG-aB90c5L3MBtKGGGxKojXk_L7qwJdt6EMaS_2N7vEV5W8uZWsV_QzmOgw_D6sUGhe1Zg_EN1XyWfaJvX85McuWcgQpoYYP9Mvh3STTwVuz4aQTbDunnm-oBkl2g_FCAP_8f3XYqNyXiEV8P7eRRe57BHHvLV7I1tzgVo6xQ_H5IxyBjcu3bN1ZnK65JnPskfT-jd2H7WmMqHzfdCVNEVcFBdZNtqLBexKnp-CacuhleadmWGFD03p0BNR3AvUWDO--ayjYwfSDcKy0WJnPkEL9lkA9qb0Q7GMXCiaqIS6jC4MAn7kTmVEj_EudZTsWyCEn3sYOWqrCziqzncaArETi03CoK_PHJg7zLIlODBRSkp_ZJVptMVAUxxi1OeOhoDRFQiHgyYm2mxUqzlT0DSlp-eFLlyOAfZA9Ac9eq8tjzHbmOi50klTmgDGW7NtqQJnBN59eS7hRhY Requested by Host: 5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com URL: https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 19B9	42 B 479 B	67ms 53ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIB3leDZHYYiwNE-6eRof4olm-Qxs28in27h1SNJU0-jqbl34io4-bEaDuqXvJ4cjNOn3RuY-MMoBSe-tM_TVrusVszvZZ1ia5R2RDUeoeRuh2GKOQItlWR0pcUg&sai=AMfl-YS6Nr0j2oakmw2SNptWXqpN9RVYSCKOFzE1PpYpcmTvl39U3tGxijLrBMegkG2TbMD9qd8ET-NjzkQ_2r2z1ktPBAmOIDt8bE7aL7-2s9KKaZe67OI_WvITb4U&sig=Cg0ArKJSzOlT3xEVAaFvEAE&cid=CAASEuRonZ3z0wmEDtM6PQQBcb6rSQ&id=osdim&mcvt=1000&p=895,436,985,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210315&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2963885971&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1615921958503&dlt=37&rpt=256&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 19B9	42 B 66 B	39ms 39ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMjnUwkAbrr--iXtRBJQaCILWSEo6LjOb-iRzC_vwvtaJZ1tm4FxJck098NoJU-5_e70_U9ySgPkUXvcE33R8&sig=Cg0ArKJSzIGkP6CdAt6KEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210315&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5118a85a965a75e820d6fd6aac46b0e0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 16 Mar 2021 19:12:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	complete-your-profile-bee6cac24f.webp www.brightermonday.co.ke/build/static-assets/img/	138 KB 138 KB	17ms 16ms	Image image/webp	2606:4700::6812:8954 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.brightermonday.co.ke/build/static-assets/img/complete-your-profile-bee6cac24f.webp Requested by Host: www.brightermonday.co.ke URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ed581f6db0eecbd99d58599ab2c0924f7ebb56f7d3c38ff6cf5ed25de192106 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.brightermonday.co.ke/build/assets/css/brightermonday/home-3f176c6d91.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 19:12:43 GMT x-content-type-options nosniff cf-cache-status HIT age 1433 vary Accept-Encoding content-length 141238 cf-request-id 08de0d79d100004a9d0d390000000001 x-request-id c1ef450c003d5ef38894f3ff70272cf4 x-ua-compatible IE=Edge last-modified Tue, 16 Mar 2021 15:20:36 GMT server cloudflare etag "6050ccc4-227b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp x-xss-protection 1; mode=block cache-control public, max-age=31536000 accept-ranges bytes cf-ray 63104b6fb8c84a9d-FRA expires Wed, 16 Mar 2022 19:12:43 GMT