www.bonitas.co.za Open in urlscan Pro
102.133.154.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bonitas.co.za/
Effective URL:
https://www.bonitas.co.za/
Submission: On December 01 via api (December 1st 2021, 10:33:52 am UTC) from ZA — Scanned from DE

Summary HTTP 173 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 64 IPs in 10 countries across 70 domains to perform 173 HTTP transactions. The main IP is 102.133.154.32, located in Johannesburg, South Africa and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bonitas.co.za.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 12th 2021. Valid for: a year.

This is the only time www.bonitas.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	102.133.154.32 102.133.154.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
1	34.254.124.164 34.254.124.164	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	17.253.57.201 17.253.57.201	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
1 13	93.90.206.61 93.90.206.61	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	54.78.134.111 54.78.134.111	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 2	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 6	2600:9000:215... 2600:9000:2156:9200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 4	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	108.129.28.215 108.129.28.215	16509 (AMAZON-02) (AMAZON-02)
2 16	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 2	54.246.156.93 54.246.156.93	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.193.208.211 18.193.208.211	16509 (AMAZON-02) (AMAZON-02)
1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	35.157.177.200 35.157.177.200	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.195.177.130 18.195.177.130	16509 (AMAZON-02) (AMAZON-02)
1	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 3	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.211.146.69 52.211.146.69	16509 (AMAZON-02) (AMAZON-02)
1	52.218.65.60 52.218.65.60	16509 (AMAZON-02) (AMAZON-02)
1 2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1 1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
4 5	88.80.189.68 88.80.189.68	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	139.162.147.24 139.162.147.24	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	80.82.217.92 80.82.217.92	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	52.212.131.178 52.212.131.178	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	143.204.98.106 143.204.98.106	16509 (AMAZON-02) (AMAZON-02)
2 2	34.192.120.237 34.192.120.237	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.30.224.0 52.30.224.0	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.154.132 3.120.154.132	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.120.29.221 3.120.29.221	16509 (AMAZON-02) (AMAZON-02)
1 2	54.36.109.47 54.36.109.47	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:215... 2600:9000:2156:2000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
173	64

56 102.133.154.32 (Johannesburg, South Africa) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bonitas.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
allegraprod-bonitasapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.124.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-124-164.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 17.253.57.201 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)
PTR: defra3-vip-bx-001.aaplimg.com

developer.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 93.90.206.61 (United Kingdom) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

vroomf.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.134.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com

coronavirus-19-api.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.247 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

attribution.adclickafrica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:9200:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e8:101::9002:f05 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.28.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-28-215.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.156.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-156-93.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.208.211 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-208-211.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.177.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.177.130 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-177-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Ballerup Municipality, Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.70.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.84.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.146.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-69.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.65.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.80.189.68 (London, United Kingdom) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li700-68.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.92 (Düsseldorf, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.131.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-106.fra50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.120.237 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-120-237.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.224.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-224-0.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.154.132 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.29.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.109.47 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	bonitas.co.za 1 redirects www.bonitas.co.za	5 MB
21	adform.net 4 redirects s2.adform.net track.adform.net c1.adform.net dmp.adform.net	40 KB
13	vroomf.chat 1 redirects vroomf.chat	406 KB
7	adroll.com 2 redirects s.adroll.com d.adroll.com	20 KB
7	doubleclick.net 4 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
6	adsafety.net 5 redirects cm.adsafety.net tags.adsafety.net	10 KB
6	googleapis.com fonts.googleapis.com maps.googleapis.com	171 KB
5	google.com 1 redirects play.google.com www.google.com analytics.google.com	15 KB
4	semasio.net 3 redirects uipglob.semasio.net	3 KB
4	google-analytics.com www.google-analytics.com	75 KB
4	linkedin.com dc.ads.linkedin.com Failed px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	google.de www.google.de	826 B
4	googletagmanager.com www.googletagmanager.com	174 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	67 KB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	eyeota.net 1 redirects ps.eyeota.net	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	facebook.net connect.facebook.net	133 KB
3	bing.com bat.bing.com Failed	11 KB
2	3lift.com 1 redirects eb2.3lift.com	718 B
2	tapad.com 2 redirects pixel.tapad.com	906 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	519 B
2	id5-sync.com 1 redirects id5-sync.com	2 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	1 KB
2	onaudience.com 1 redirects pixel.onaudience.com	733 B
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	1017 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	676 B
2	adscale.de 2 redirects ih.adscale.de	695 B
2	360yield.com 1 redirects ad.360yield.com	826 B
2	yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	1 KB
2	facebook.com www.facebook.com	386 B
2	yimg.com s.yimg.com	7 KB
2	googleadservices.com 1 redirects www.googleadservices.com	15 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	240 B
1	teads.tv sync.teads.tv	172 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	456 B
1	agkn.com 1 redirects aa.agkn.com	341 B
1	userreport.com pdw-adf.userreport.com	444 B
1	pubmatic.com simage2.pubmatic.com	544 B
1	krxd.net beacon.krxd.net	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	openx.net eu-u.openx.net	275 B
1	rlcdn.com idsync.rlcdn.com
1	exelator.com load77.exelator.com Failed loada.exelator.com	861 B
1	gumgum.com rtb.gumgum.com	238 B
1	stickyadstv.com ads.stickyadstv.com	713 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	522 B
1	seadform.net server.seadform.net	344 B
1	t.co t.co	471 B
1	twitter.com analytics.twitter.com	674 B
1	adclickafrica.com attribution.adclickafrica.com
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	herokuapp.com coronavirus-19-api.herokuapp.com	51 KB
1	azurewebsites.net allegraprod-bonitasapi.azurewebsites.net	12 KB
1	apple.com developer.apple.com	12 KB
1	gstatic.com fonts.gstatic.com	116 KB
0	mookie1.com Failed ib.mookie1.com Failed
173	70

	Domain	Requested by
55	www.bonitas.co.za	1 redirects www.bonitas.co.za
13	vroomf.chat	1 redirects www.bonitas.co.za vroomf.chat
12	c1.adform.net	2 redirects s2.adform.net c1.adform.net
6	s.adroll.com	2 redirects www.googletagmanager.com www.bonitas.co.za s.adroll.com
5	cm.adsafety.net	4 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	uipglob.semasio.net	3 redirects c1.adform.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.bonitas.co.za
4	www.google.de	www.googletagmanager.com www.bonitas.co.za
4	www.googletagmanager.com	www.bonitas.co.za www.googletagmanager.com track.adform.net
4	maps.googleapis.com	www.bonitas.co.za maps.googleapis.com
3	secure.adnxs.com	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	ps.eyeota.net	1 redirects c1.adform.net
3	match.adsrvr.org	3 redirects
3	track.adform.net	1 redirects www.bonitas.co.za s2.adform.net
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.bonitas.co.za
3	www.google.com	1 redirects www.bonitas.co.za
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	id5-sync.com	1 redirects c1.adform.net
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	pixel.onaudience.com	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.facebook.com	www.bonitas.co.za
2	stats.g.doubleclick.net	www.googletagmanager.com www.bonitas.co.za
2	px.ads.linkedin.com	2 redirects
2	s.yimg.com	www.bonitas.co.za
2	s2.adform.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	fonts.googleapis.com	www.bonitas.co.za vroomf.chat
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	rtb.gumgum.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	www.bonitas.co.za
1	d.adroll.com	s.adroll.com
1	sp.analytics.yahoo.com	www.bonitas.co.za
1	t.co	www.bonitas.co.za
1	analytics.twitter.com	static.ads-twitter.com
1	analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.bonitas.co.za
1	www.linkedin.com	1 redirects
1	attribution.adclickafrica.com	www.bonitas.co.za
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	coronavirus-19-api.herokuapp.com	www.bonitas.co.za
1	allegraprod-bonitasapi.azurewebsites.net	www.bonitas.co.za
1	developer.apple.com	www.bonitas.co.za
1	play.google.com	www.bonitas.co.za
1	fonts.gstatic.com	fonts.googleapis.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.bonitas.co.za
0	ib.mookie1.com Failed	c1.adform.net
0	load77.exelator.com Failed	c1.adform.net
0	dc.ads.linkedin.com Failed	www.googletagmanager.com
173	88

This site contains links to these domains. Also see Links.

Domain
wa.me
www.facebook.com
www.instagram.com
twitter.com
play.google.com
bonit.as

Subject Issuer	Validity	Valid
bonitas.co.za Go Daddy Secure Certificate Authority - G2	`2021-11-12` - `2022-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
developer.apple.com Apple Public EV Server ECC CA 1 - G1	`2021-11-05` - `2022-12-05`	a year	crt.sh
*.vroomf.chat Sectigo RSA Domain Validation Secure Server CA	`2021-02-26` - `2022-03-28`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
attribution.adclickafrica.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.bonitas.co.za/
Frame ID: 76EBE570DD23F628CB321026A9056CB9
Requests: 107 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 72B1502E87A5A381D49401ED1ECCC56D
Requests: 1 HTTP requests in this frame

Frame: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
Frame ID: 247983A7EF4F0E265A23A98E497D10D6
Requests: 13 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NCQZQ9L
Frame ID: AE2C3EBAE6D58052BA461908D968D84F
Requests: 4 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=1784238&lid=62897859&ctype=0&media=0&PageName=%2f&rnd=1814163024&cpref=&loc=https%3a%2f%2fwww.bonitas.co.za%2f
Frame ID: A3104A251E1C5A96BEAFA567BDBBB585
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Frame ID: 160781BA56BD960FCDD04A7676C69763
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bonitas - Home

Page URL History Show full URLs

http://www.bonitas.co.za/ HTTP 301
https://www.bonitas.co.za/ Page URL

Page Statistics

173
Requests

80 %
HTTPS

24 %
IPv6

70
Domains

88
Subdomains

64
IPs

10
Countries

6390 kB
Transfer

12406 kB
Size

113
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/27600702491

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BonitasMedical/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bonitasmedicalaid/

Search URL Search Domain Scan URL

URL: https://twitter.com/BonitasMedical

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=co.za.bonitas.memberapp&utm_source=www.bonitas.co.za&utm_campaign=Initial%20Release&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://bonit.as/ios

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bonitas.co.za/ HTTP 301
https://www.bonitas.co.za/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://vroomf.chat/bot-public-async?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9 HTTP 301
https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9

Request Chain 79

https://www.googleadservices.com/pagead/conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ik-nYb67DLmrx_APo86AqAQ&random=1967410876&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1967410876&sscte=1&crd=&is_vtc=1&ocp_id=ik-nYb67DLmrx_APo86AqAQ&random=515821336 HTTP 302
https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1967410876&sscte=1&crd=&is_vtc=1&ocp_id=ik-nYb67DLmrx_APo86AqAQ&random=515821336&ipr=y&prhg=0

Request Chain 99

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1344305%26time%3D1638354826376%26url%3Dhttps%253A%252F%252Fwww.bonitas.co.za%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJT-wRopacuMwAAAX11jrcfc7Oq39OBcqSZFRgDRp6UDHCFnAlNeF8qTnh2rklLgN5zd0DI6g

Request Chain 107

https://s.adroll.com/j/exp/LYHCFNKWJ5DUPM22D44OHG/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 108

https://s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 110

https://s2.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F HTTP 301
https://track.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F

Request Chain 125

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6918485967043963585&Expiration=1639564426 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6918485967043963585&Expiration=1639564426

Request Chain 128

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6918485967043963585&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6918485967043963585&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=7739e314bddb4669ad82c5039f981967 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=f27a01362e8a1b82876782e768e7e99db3d3efb27bfb2f887d5c3ce70c2c5d15

Request Chain 130

https://pixel.advertising.com/ups/55944/sync?uid=6918485967043963585&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=6918485967043963585&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6918485967043963585&_origin=1&apid=UP2a1cdcde-5292-11ec-a81f-06c961e645ba

Request Chain 132

https://x.bidswitch.net/sync?dsp_id=70&user_id=6918485967043963585 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6918485967043963585 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=ad26b219-03e4-4b3b-823d-16c3d42e6427

Request Chain 133

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6918485967043963585&expiration=1639564426 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6918485967043963585&expiration=1639564426&C=1

Request Chain 134

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6918485967043963585&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6918485967043963585&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=df5761a7-4f8a-4900-ada7-b6bfb3772e8d&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=1c108d2f-fc11-4761-9a81-2c2478ce459b

Request Chain 135

https://ps.eyeota.net/match?uid=6918485967043963585&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=6918485967043963585&bid=9gdtmu1

Request Chain 136

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6918485967043963585 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6918485967043963585&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 138

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6918485967043963585 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6918485967043963585

Request Chain 141

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 142

https://pixel.onaudience.com/?mapped=6918485967043963585&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1a5a4e5fb98e7169a26be442e6ee06dc

Request Chain 143

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6918485967043963585 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM1202112011032b9561ac639d6fe14d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2f01a83c006424e265aba250101faaf4 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202112011032b9561ac639d6fe14d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2f01a83c006424e265aba250101faaf4&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMDExMDMyYjk1NjFhYzYzOWQ2ZmUxNGQ HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEHpS68nV0qTeMhb18n8mJcI&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202112011032b9561ac639d6fe14d HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6918485967043963585

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjkxODQ4NTk2NzA0Mzk2MzU4NQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJuZ5vk47XbG5CsEfsnp8zo&google_cver=1&google_ula=1641347,0

Request Chain 147

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=7766404590574118329&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6918485967043963585

Request Chain 150

https://a.audrte.com/a?adform_uid=6918485967043963585 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEPryVLTAiWTQOedS2vYHbIg&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=8d114NqZsR2QlmBnjwIXDLSDQ&gdpr=0&gdpr_consent=

Request Chain 151

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6918485967043963585&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6918485967043963585&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=20628860125369636282321699151368774505&noredirect=1

Request Chain 152

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6918485967043963585 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165020803987000155653

Request Chain 153

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7036680401208932506

Request Chain 155

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=df5761a7-4f8a-4900-ada7-b6bfb3772e8d

Request Chain 156

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=4spHA2Yz1MSmVR5

Request Chain 157

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1c108d2f-fc11-4761-9a81-2c2478ce459b

Request Chain 158

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6918485967043963585 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6918485967043963585

Request Chain 159

https://id5-sync.com/s/10/0.gif?puid=6918485967043963585 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6918485967043963585&gdpr=1&gdpr_consent=

Request Chain 160

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4236283687 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=D.MTQIOdKYDgGh.PhqgPke

Request Chain 162

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6918485967043963585 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6918485967043963585&cs=1

Request Chain 164

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6918485967043963585&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6918485967043963585&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=7eeed125-1356-40e0-b096-b31e4b578bb5

Request Chain 166

https://eb2.3lift.com/xuid?mid=7354&xuid=6918485967043963585&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6918485967043963585&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

173 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.bonitas.co.za/
Redirect Chain

http://www.bonitas.co.za/
https://www.bonitas.co.za/

2 KB
1 KB

731ms
190ms

Document
text/html

102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 326dfac91c373be3be582f12d4adf533eea4a9043a3c48f26c28f91150220a69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Length: 996
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 09:20:22 GMT
Accept-Ranges: bytes
ETag: "0f74aa94e6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Dec 2021 10:33:43 GMT

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.bonitas.co.za/
Date: Wed, 01 Dec 2021 10:33:42 GMT
Content-Length: 0

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

faf96279daab880f59aee01a4ad999db2ca6eca9fb1c9d2c15ef07a93e216f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 10:33:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Dec 2021 10:33:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Dec 2021 10:33:43 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 153 KB
51 KB 63ms
38ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

a84a6bcc0d4e00cfb81bedab15b21cc88d011f93b6b1f578bcd4d9621345dd8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:43 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51340
x-xss-protection: 0
expires: Wed, 01 Dec 2021 11:03:43 GMT

GET
H/1.1 200
OK styles.51cccdceed54067508c5.css
www.bonitas.co.za/ 163 KB
21 KB 180ms
180ms Stylesheet
text/css 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/styles.51cccdceed54067508c5.css
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ddb41de27c57d2cce5fa39f961f3c4043b383ba58fc6e33fe322f3e0cc8ae235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:43 GMT
Content-Encoding: gzip
ETag: "0bb897f94e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 21327

GET
H/1.1 200
OK runtime-es2015.34bb8631f7bd4b4398b2.js Show response
www.bonitas.co.za/ 3 KB
2 KB 536ms
180ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7cab4c991eea564dfd98ebeee4c6426947b839258a372d0cec27a06b14af8a3

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:43 GMT
Content-Encoding: gzip
ETag: "06f4e8494e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1626

GET
H/1.1 200
OK polyfills-es2015.e52cf3661877424e89d3.js Show response
www.bonitas.co.za/ 108 KB
36 KB 724ms
180ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/polyfills-es2015.e52cf3661877424e89d3.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1cb20c1933ab8e210f051ddfe697d8c84252a0607f02d89e0b88882f864733c5

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:44 GMT
Content-Encoding: gzip
ETag: "012309694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 36461

GET
H/1.1 200
OK main-es2015.636254eb11a48b8f0d49.js Show response
www.bonitas.co.za/ 1009 KB
234 KB 743ms
194ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/main-es2015.636254eb11a48b8f0d49.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd047663d16315dbe69769777c745a1670a1bc7d64155fb2fa6cf4492164c6a6

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:44 GMT
Content-Encoding: gzip
ETag: "0e5fe9494e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 239209

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 39ms
24ms XHR
application/json 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bonitas.co.za
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 hotjar-1949475.js Show response
static.hotjar.com/c/ 17 KB
5 KB 62ms
42ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1949475.js?sv=6

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

de7886c41a0596710519c151750a969c825fa1ff97eda49380850903c230900d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/3e647eb0db42653a3ed093e0cb8f00a6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: eTe05sJJiMNt-8nCfNZmd8PjSqrOgZVO6oYQtFzk7u61oFjTHqL7iw==
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 30ms
10ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1949475.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 684398
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LlrNcikGEJ0WLJrO1aaxdyVO1pHSZ4OJMQB-H4WBDf3nT6Gu7PIb2Q==

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 72B1 2 KB
1 KB 32ms
7ms Document
text/html 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1949475.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -_2XSXrvactv4_ul9ObeiF4j3nWB3EGChZi6Na0BZgebQGpdEol7mg==
age: 1293458

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1949475/ 146 B
323 B 100ms
36ms XHR
application/json 34.254.124.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1949475/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.376dac12c7cbd03331c3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.124.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-124-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 01 Dec 2021 10:33:44 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK Facit-Light.20ca15603da2262ca8ce.otf
www.bonitas.co.za/ 76 KB
76 KB 353ms
181ms Font
application/x-font-opentype 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/Facit-Light.20ca15603da2262ca8ce.otf
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/styles.51cccdceed54067508c5.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3944efd7e4e5bda036f898b0eff195390ebb7bac69588c61b242a135e1b01ef1

Request headers

Referer: https://www.bonitas.co.za/styles.51cccdceed54067508c5.css
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:44 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: application/x-font-opentype
Accept-Ranges: bytes
Content-Length: 77840

GET
H/1.1 200
OK becomeaMember.png
www.bonitas.co.za/assets/images/icons/ 26 KB
26 KB 184ms
184ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/becomeaMember.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a4406468b3e794fccd0a8e07d601e150dc1fda0d792e85b9f13785a2f51d752e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 26724

GET
H/1.1 200
OK ComparePlans.png
www.bonitas.co.za/assets/images/icons/ 11 KB
11 KB 181ms
180ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/ComparePlans.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1209d77855724a24ef3e4391b6820edfa6055766915f19c31170cb304290e833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11171

GET
H/1.1 200
OK Chat_red.png
www.bonitas.co.za/assets/images/icons/ 8 KB
8 KB 180ms
180ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/Chat_red.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3b04e553ddae6756a8df2b8d05c287096744d5e09f2c24db460d921c807aedf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8190

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v117/ 116 KB
116 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v117/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d100945f5ec292fa9a3bf294212c7de3a425fb856dd4016d20a28110fce02d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 23:33:30 GMT
x-content-type-options: nosniff
age: 39615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118576
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 23:08:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 23:33:30 GMT

GET
H/1.1 200
OK Facit-Bold.e0334499f5bab2901c48.otf
www.bonitas.co.za/ 77 KB
77 KB 184ms
183ms Font
application/x-font-opentype 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/Facit-Bold.e0334499f5bab2901c48.otf
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/styles.51cccdceed54067508c5.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 745c3792deda85051c00a846cdb22e9ae652ed4689f7ff6534799d78ceba0a4c

Request headers

Referer: https://www.bonitas.co.za/styles.51cccdceed54067508c5.css
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: application/x-font-opentype
Accept-Ranges: bytes
Content-Length: 78544

GET
H/1.1 200
OK 2-es2015.42f07686d4340d3104fc.js Show response
www.bonitas.co.za/ 42 KB
15 KB 191ms
190ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/2-es2015.42f07686d4340d3104fc.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c26abcd99d6a6fa61f1bea4d5fe4ff3e2ac33319b5c3f88d8f005656fbdec060

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Content-Encoding: gzip
ETag: "0f6e18794e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 15248

GET
H/1.1 200
OK common-es2015.408cf9bfbb9b321c6969.js Show response
www.bonitas.co.za/ 16 KB
4 KB 339ms
184ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/common-es2015.408cf9bfbb9b321c6969.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5caf4af4d76652327fc41ad9a75e8d1cf225606b09b908818fee1a087858a6f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Content-Encoding: gzip
ETag: "0c9b08694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3550

GET
H/1.1 200
OK 10-es2015.a974c9c44e6e960d109e.js Show response
www.bonitas.co.za/ 358 KB
61 KB 220ms
183ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/10-es2015.a974c9c44e6e960d109e.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 81909ea242f76d6764cd4e62510839e8f6caee108736b25cdb5e3dd9d48b29d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Content-Encoding: gzip
ETag: "099c39994e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 62580

GET
H/1.1 200
OK Bonitas_2020_black.svg
www.bonitas.co.za/assets/images/ 11 KB
5 KB 328ms
180ms Image
image/svg+xml 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/Bonitas_2020_black.svg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 79f1f2ac457d293d5f391f2ea8f6f9201c26da424dbea3d2b798796f05e69798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Content-Encoding: gzip
ETag: "0e8ba8094e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4974

GET
H/1.1 200
OK whatsapp-icon.png
www.bonitas.co.za/assets/images/ 2 KB
3 KB 328ms
180ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/whatsapp-icon.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ee5d5c39b6cb534bea686be729a6d8eeb9c1d6d31c7e667dd36586cba82bae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2438

GET
H2 200 en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 14 KB
14 KB 45ms
16ms Image
image/png 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 05:15:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to: {"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type: image/png
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13957
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/play_google"
expires: Wed, 01 Dec 2021 10:33:45 GMT

GET
H/1.1 200
OK badge-download-on-the-app-store.svg
developer.apple.com/app-store/marketing/guidelines/images/ 11 KB
12 KB 80ms
7ms Image
image/svg+xml 17.253.57.201
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://developer.apple.com/app-store/marketing/guidelines/images/badge-download-on-the-app-store.svg

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

17.253.57.201 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

defra3-vip-bx-001.aaplimg.com

Software

Apple /

Resource Hash

a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://.apple.com http://.apple.com https://.mzstatic.com https://.apple-mapkit.com https://p-events-delivery.akamaized.net http://p-events-delivery.akamaized.net https://apple-events.akamaized.net https://mediaservices.cdn-apple.com http://mediaservices.cdn-apple.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

rqId: 0c9aa309cc9b06b87b17beaf731ec59c
Date: Wed, 01 Dec 2021 10:25:30 GMT
Via: http/1.1 defra3-edge-lx-012.ts.apple.com (ApacheTrafficServer/9.0.3), http/1.1 defra3-edge-bx-005.ts.apple.com (ApacheTrafficServer/9.0.3)
X-Content-Type-Options: nosniff
Age: 495
CDNUUID: f1606460-4be6-475f-b30e-a6afdff71e50-6144759531
X-Cache: hit-fresh, hit-fresh
Connection: keep-alive
Content-Length: 10804
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 29 Oct 2021 17:44:46 GMT
Server: Apple
Host: developer.apple.com
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://developer2.apple.com
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.apple.com http://*.apple.com https://*.mzstatic.com https://*.apple-mapkit.com https://p-events-delivery.akamaized.net http://p-events-delivery.akamaized.net https://apple-events.akamaized.net https://mediaservices.cdn-apple.com http://mediaservices.cdn-apple.com
Accept-Ranges: bytes

GET
H2

200

/ Show response
vroomf.chat/bot-public-async/ Frame 2479
Redirect Chain

https://vroomf.chat/bot-public-async?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MD...
https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2M...

23 KB
5 KB

12ms
12ms

Document
text/html

93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/main-es2015.636254eb11a48b8f0d49.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

974ec71cbaf5ad7deb9fd33f8d15acb4fa1e4a4e25742916fb6b2b12f91d7454

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 09:30:07 GMT
accept-ranges: bytes
etag: "80f94f13dec0d71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
strict-transport-security: max-age=0
date: Wed, 01 Dec 2021 10:32:16 GMT
content-length: 4724

Redirect headers

content-type: text/html; charset=UTF-8
location: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
strict-transport-security: max-age=0
date: Wed, 01 Dec 2021 10:32:16 GMT
content-length: 551

GET
H/1.1 200
OK News Show response
allegraprod-bonitasapi.azurewebsites.net/api/v1/ 26 KB
12 KB 813ms
211ms XHR
application/json 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://allegraprod-bonitasapi.azurewebsites.net/api/v1/News
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills-es2015.e52cf3661877424e89d3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: f626c20e83e617b3408d8ab02238311a8808b7b3a5425947406d5c58c202f95e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
Server: Kestrel
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
AllegraCorrelationId: d40e5041-4a8b-4dc7-a131-59349a995239
Cache-Control: no-store, no-cache, max-age=0
Transfer-Encoding: chunked
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
77 KB 64ms
41ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/main-es2015.636254eb11a48b8f0d49.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9878b15fcd6a25ead8239198c06cdccc7fe3b209039191f7791518932f75a062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78260
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame AE2C 647 B
726 B 51ms
29ms Document
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-NCQZQ9L

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/main-es2015.636254eb11a48b8f0d49.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b088d9c8c9d4653ebef16a3ba3eb424928f5e15fe2a7bf671e849cb0b5b54b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Wed, 01 Dec 2021 10:33:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 18-es2015.b3c7815de17bbdd078b7.js Show response
www.bonitas.co.za/ 1 KB
1 KB 184ms
184ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/18-es2015.b3c7815de17bbdd078b7.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f3560e5a8902bf88c2fdabf10b10c054215562b5afae024dd6cb77574da393b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0f6e18794e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 913

GET
H/1.1 200
OK 5-es2015.31a601ff99196ecde658.js Show response
www.bonitas.co.za/ 1 KB
1 KB 185ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/5-es2015.31a601ff99196ecde658.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 22607cfaa4ac4ff79929252395a88149794e04c34c589d2975dcb841eea7165b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0c9b08694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 743

GET
H/1.1 200
OK 20-es2015.c134f5dacefd21e40a56.js Show response
www.bonitas.co.za/ 22 KB
5 KB 185ms
184ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/20-es2015.c134f5dacefd21e40a56.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 94ed122bcf5296e864e41868640aab1c34602e3bed168a75f0d3d0bb85589639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "023138994e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 5230

GET
H/1.1 200
OK 13-es2015.7091173f47e71d47a408.js Show response
www.bonitas.co.za/ 26 KB
6 KB 182ms
181ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/13-es2015.7091173f47e71d47a408.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa0473a36dfccade7c76beb562f0bfc4f41f8d7a84f14f40164810b03987a79e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0c9b08694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 5363

GET
H/1.1 200
OK 14-es2015.dee858ba2c4b75ca5e76.js Show response
www.bonitas.co.za/ 15 KB
5 KB 182ms
181ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/14-es2015.dee858ba2c4b75ca5e76.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6abfb8daad009dec181e9dcdcfd5798c1fe834023060db5557a3161a71cd1db0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Content-Encoding: gzip
ETag: "0f6e18794e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4611

GET
H/1.1 200
OK 17-es2015.30b4192c005d94bb0002.js Show response
www.bonitas.co.za/ 71 KB
10 KB 195ms
194ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/17-es2015.30b4192c005d94bb0002.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77208c7f2e708a8f48eea6a45475a8a79cb4313c7c44066608ed682373c5010f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "088e0a694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:20:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 10325

GET
H/1.1 200
OK 25-es2015.ab75762b5261188af4e8.js Show response
www.bonitas.co.za/ 17 KB
4 KB 185ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/25-es2015.ab75762b5261188af4e8.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d9aeb01584a940c2b8dab364f2cc8b3a4336eadd9d6aa881119e26aeabf6c5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "023138994e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4217

GET
H/1.1 200
OK 4-es2015.37079ec454c657e82333.js Show response
www.bonitas.co.za/ 10 KB
3 KB 188ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/4-es2015.37079ec454c657e82333.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a82f00fe8983b99c6edf80d2a33909d5d1b5c6e1ecd3c34042785f28404f29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0c9b08694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3021

GET
H/1.1 200
OK 12-es2015.97148a47d49c4d654854.js Show response
www.bonitas.co.za/ 114 KB
21 KB 180ms
180ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/12-es2015.97148a47d49c4d654854.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1efb9d5b56fdcd84084a5a86ce9dedf6b486934a61f69cd69a918ff5b1095b01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "088e0a694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:20:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 21221

GET
H/1.1 200
OK 21-es2015.809e91549356d7262a4a.js Show response
www.bonitas.co.za/ 23 KB
5 KB 386ms
386ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/21-es2015.809e91549356d7262a4a.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 935e08ead999f378e3db95fffc8e6a6bc2af40e29c144f6e92047f2462e80598

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0f6e18794e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4827

GET
H/1.1 200
OK 22-es2015.d00d847c30fe50d59622.js Show response
www.bonitas.co.za/ 146 KB
18 KB 193ms
193ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/22-es2015.d00d847c30fe50d59622.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 946e9f4d139f67f6882b1929c65fec2d22c36e7f333ed7048543cb6ddd1bb93a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0b511a894e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:20:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 17952

GET
H/1.1 200
OK 11-es2015.92ef4d6064015687c106.js Show response
www.bonitas.co.za/ 2 MB
968 KB 194ms
193ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/11-es2015.92ef4d6064015687c106.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a362ec8ea1ee21cb70764d2b95ca3f975bf087884f7d3eb51021bc229fdfb386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "05bafa594e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:20:14 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 990595

GET
H/1.1 200
OK 19-es2015.f1b7f16ecee3d4bef996.js Show response
www.bonitas.co.za/ 58 KB
8 KB 188ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/19-es2015.f1b7f16ecee3d4bef996.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f00cdc539b9230955cb825ad8fe72ae7197a3dd5c58969bd4c512845022dba9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "088e0a694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:20:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 8156

GET
H/1.1 200
OK 1-es2015.8e1ba6b0a4d765a85ea0.js Show response
www.bonitas.co.za/ 207 KB
39 KB 181ms
181ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/1-es2015.8e1ba6b0a4d765a85ea0.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac6d3a8719330f04e0db933d519db4ff6a02e44e9cd0d8d737d971fef0481c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "0f6e18794e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 39955

GET
H/1.1 200
OK 24-es2015.f55165ee9c5693afdb0b.js Show response
www.bonitas.co.za/ 9 KB
3 KB 185ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/24-es2015.f55165ee9c5693afdb0b.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a1635c69133f0a0197c1461f5f0e6751f048d1d7a93217fb4cee0bf60b57f44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "023138994e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2675

GET
H/1.1 200
OK 23-es2015.ee0e52b5438509fae65b.js Show response
www.bonitas.co.za/ 20 KB
5 KB 188ms
188ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/23-es2015.ee0e52b5438509fae65b.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b632825523807c1998c55b85fef462fadf12fbbbaae6cd7a274642ddf30cdc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
ETag: "023138994e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4664

GET
H/1.1 200
OK 16-es2015.eac43d0784de2f39fcc3.js Show response
www.bonitas.co.za/ 11 KB
3 KB 200ms
198ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/16-es2015.eac43d0784de2f39fcc3.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 91aad0abe282eee987b62d4cbe9940ea4fc9d35766d019407b00afcf6b4e0d3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Content-Encoding: gzip
ETag: "0f6e18794e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:19:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3044

GET
H/1.1 200
OK 15-es2015.0a8d46541b51c08a14ad.js Show response
www.bonitas.co.za/ 33 KB
7 KB 188ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/15-es2015.0a8d46541b51c08a14ad.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime-es2015.34bb8631f7bd4b4398b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cb635be1d3fe78f3cdd56d18cfd15caebe8f22cd4622c63f48b70d71898be764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Content-Encoding: gzip
ETag: "088e0a694e6d71:0"
Last-Modified: Wed, 01 Dec 2021 09:20:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 6985

GET
H/1.1 200
OK countries Show response
coronavirus-19-api.herokuapp.com/ 50 KB
51 KB 145ms
38ms XHR
application/json 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-19-api.herokuapp.com/countries
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills-es2015.e52cf3661877424e89d3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 73b53332856ffa41b6557194314337d11896f9399877cc9807cb69063d177d85

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Via: 1.1 vegur
Etag: W/"c9f9-+h5LY8dtUJn8UD8/o+kqd/Z/klM"
Server: Cowboy
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 51705

GET
H/1.1 200
OK become.png
www.bonitas.co.za/assets/images/icons/ 13 KB
14 KB 365ms
194ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/become.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 64a2b5ad446a2647712d60a930f2c237587c505682ca04e5601110909bd1abd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13813

GET
H/1.1 200
OK member.png
www.bonitas.co.za/assets/images/icons/ 23 KB
23 KB 501ms
180ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/member.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 839fefbdb2b03b89119c6dc1ff9d6c66dd10fe2835cef596fd37b5da6346a091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23799

GET
H/1.1 200
OK broker.png
www.bonitas.co.za/assets/images/icons/ 11 KB
11 KB 320ms
183ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/broker.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1ee68bebd775f0121e62c53aadb925deebdb19f79952111b0afa853ebf6826a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11477

GET
H/1.1 200
OK pencil_2.png
www.bonitas.co.za/assets/images/icons/ 8 KB
8 KB 509ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/pencil_2.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7013433e1931b20909c73255d0aa4888c08671cddc71eafb6265087f6087d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7891

GET
H/1.1 200
OK hand.png
www.bonitas.co.za/assets/images/icons/ 10 KB
10 KB 181ms
181ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/hand.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 41845eade630e030c4009cbcdcdcbf28424b8c43b3e3fccf89b5bae69b10cab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9755

GET
H/1.1 200
OK phone.png
www.bonitas.co.za/assets/images/icons/ 6 KB
6 KB 184ms
184ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/phone.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e5a4b3fbfa5d3f9064b7a0e4a30b9bbff6efd0e80cda7d0fd78f3b4826302e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6314

GET
H/1.1 200
OK heart.png
www.bonitas.co.za/assets/images/icons/ 19 KB
19 KB 188ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/heart.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cbe2fb7771425ce457a50d2d6433f7e1773f502cc8464ad93ec61bc1a25bfd9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19535

GET
H/1.1 200
OK family_1.png
www.bonitas.co.za/assets/images/icons/ 30 KB
30 KB 187ms
186ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/family_1.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 27514863c6aba98470374f94dab474ff13511e727f0f4271195f220c47385cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 30552

GET
H/1.1 200
OK pencil.png
www.bonitas.co.za/assets/images/icons/ 8 KB
8 KB 184ms
182ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/pencil.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ffdedc21b585655885ef4f2ef299d6d7388b0d24b5254f29713767665770158

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7952

GET
H/1.1 200
OK page.png
www.bonitas.co.za/assets/images/icons/ 5 KB
5 KB 180ms
180ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/page.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c480de58f48b0f6a9a60e3babb0685dad925029863e979e2d65de6acef66e5d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5221

GET
H/1.1 200
OK whatsapp.png
www.bonitas.co.za/assets/images/icons/ 19 KB
19 KB 211ms
211ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/whatsapp.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5ed9e9d957a4d5501bc133a57c9fce04a7f8d16b444b2b6a25e8de2a6decbb64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19071

GET
H/1.1 200
OK app.png
www.bonitas.co.za/assets/images/icons/ 27 KB
27 KB 188ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/app.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f9142887fe8a25c736700c28b55830afd32b88b1bac357cea778ae8a257bf89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27143

GET
H/1.1 200
OK doc.png
www.bonitas.co.za/assets/images/icons/ 12 KB
12 KB 185ms
184ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/doc.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28d166edeac9c9678740436619af0e7f624944dfe33044078595f049ebf0626e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12236

GET
H/1.1 200
OK 2022_Banner.9b928fd11f2ea7a74639.png
www.bonitas.co.za/ 2 MB
2 MB 323ms
186ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/2022_Banner.9b928fd11f2ea7a74639.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de518464e7f9cf3679e05c4fbd7e1ece765544fd8d4c834f05710275aaac1f31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2341881

GET
H/1.1 200
OK Primary-Select.f254f936ac5d03eda215.jpg
www.bonitas.co.za/ 59 KB
59 KB 315ms
179ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/Primary-Select.f254f936ac5d03eda215.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d7f1792c7c9474b10f5c8d24c0ac2c42560d34544a4fb4a004cd6c1cbf6ea509

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:45 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 60543

GET
H/1.1 200
OK BonStart-Plus.9991893c04e4b237b6c9.jpg
www.bonitas.co.za/ 50 KB
50 KB 320ms
183ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/BonStart-Plus.9991893c04e4b237b6c9.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99703529d4a0753bbde04159d5896dba874cd2af61f4d08e7c9974133a48cb0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 51211

GET
H/1.1 200
OK running.9e6b631d297b21674ae9.jpg
www.bonitas.co.za/ 81 KB
82 KB 318ms
182ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/running.9e6b631d297b21674ae9.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f1ed18c3388b389184887a08a7957f5f5b8e8af344c0889cb82da2efe21e0163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 83269

GET
H/1.1 200
OK Standard-Select.4ec12dcd5a6e5fe44286.jpg
www.bonitas.co.za/ 44 KB
44 KB 182ms
181ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/Standard-Select.4ec12dcd5a6e5fe44286.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a035d5b1ed882690304692c7a8e4f7e850a4c37441e2329dcf966f29504ad58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 44757

GET
H/1.1 200
OK BonSave-BonFit.3fe7f04939b81fc500a6.jpg
www.bonitas.co.za/ 45 KB
46 KB 183ms
183ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/BonSave-BonFit.3fe7f04939b81fc500a6.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 43bcb72d28205b375fd5c665d8ffaaf2638c9a07098ffba0e0db643cff98ef4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 46359

GET
H/1.1 200
OK BonEssential-Select.280286d5dc9046d6b81e.jpg
www.bonitas.co.za/ 61 KB
61 KB 180ms
180ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/BonEssential-Select.280286d5dc9046d6b81e.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dfb4fef5fcd3ab6498ef0e06ebeec7cb3a8b168ed35d056c3e4309260f4bedb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bb897f94e6d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 62293

GET
H/1.1 200
OK covid.png
www.bonitas.co.za/assets/images/icons/ 528 KB
528 KB 187ms
187ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/covid.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4b20cdee3e0928113e52b5f47160a4519898c94f0ec2f8e3b843877ec59bbfab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 09:19:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0e8ba8094e6d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 540499

GET
H3 200 css
fonts.googleapis.com/ Frame 2479 708 B
367 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: vroomf.chat
URL: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41fca96ec6e235b3dcff4bc97f90e036a6063d578eeec6a8a035f31e3b78eccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 10:26:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Dec 2021 10:33:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 dropzone.min.css
vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/ Frame 2479 9 KB
2 KB 12ms
11ms Stylesheet
text/css 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/dropzone.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0b5b87c980c6ad00c093521b9ad9e45e75d3feedcf90cf70874864a4b321cbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8087672d94edd51:0"
vary: Accept-Encoding
content-type: text/css
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 1528

GET
H2 200 basic.min.css
vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/ Frame 2479 752 B
808 B 13ms
12ms Stylesheet
text/css 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/basic.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

34c3c9a77a061dc645fa3084b964bce8e8880f002fc4131e23bc3be7bfec1061

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "226782d94edd51:0"
content-type: text/css
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 752

GET
H2 200 jquery.min.js Show response
vroomf.chat/dark/vendors/bower_components/jquery/dist/ Frame 2479 82 KB
29 KB 15ms
14ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/jquery/dist/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8087672d94edd51:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 29628

GET
H2 200 dropzone.min.js Show response
vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/ Frame 2479 33 KB
10 KB 21ms
20ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/dropzone.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c2a99600e5492bff4c8c7f7f3715bdebc310a5196de915b5534dd2bf4e269481

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8087672d94edd51:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 10035

GET
H2 200 angular.js Show response
vroomf.chat/js/ Frame 2479 1 MB
320 KB 29ms
28ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/js/angular.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e7b2df78ad81bcea1b6105f65c8d5c9ba1fe6ea04f28482bd4a815ff3772712b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 07:55:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0ccd6a21efd61:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 327437

GET
H2 200 angular-route.js Show response
vroomf.chat/js/ Frame 2479 46 KB
12 KB 21ms
21ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/js/angular-route.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f565c417645339fadd3f9be2c40b4ba791405064c1e6a434ea3dc8dfa4cf6b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 07:55:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0aeb961efd61:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 12264

GET
H2 200 angular-sanitize.js Show response
vroomf.chat/js/ Frame 2479 33 KB
10 KB 22ms
21ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/js/angular-sanitize.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f4e4b2d52bf0f106ab135f3fb62bff84afd9a891b437f012c739f07da8d9ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 07:55:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80caf8ac1efd61:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 10037

GET
H2 200 attach.png
vroomf.chat/bot-public-async/ Frame 2479 2 KB
2 KB 16ms
15ms Image
image/png 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vroomf.chat/bot-public-async/attach.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5cdb092fb9de6b7622f5ff47b1260b4958c5e9884a3c87eb6d5f40c682e8cd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Tue, 18 Aug 2020 09:43:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "fafb6724475d61:0"
content-type: image/png
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 2295

GET
H2 200 end.png
vroomf.chat/bot-public-async/ Frame 2479 4 KB
4 KB 11ms
11ms Image
image/png 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vroomf.chat/bot-public-async/end.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a0226b9e22040f6eeb6f263e74d56da81c7cd19900a7296529fa44d87fe67815

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Tue, 18 Aug 2020 09:43:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "5a4b7624475d61:0"
content-type: image/png
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 4231

GET
H2 200 powered-by-cagan-tech.png
vroomf.chat/img/ Frame 2479 9 KB
9 KB 12ms
12ms Image
image/png 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vroomf.chat/img/powered-by-cagan-tech.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d33846530edc2da1abbf19b8264d40287170bd90178ac75c517b6c715abb36a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Mon, 14 Jun 2021 11:21:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0677273f61d71:0"
content-type: image/png
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 9537

GET
H2

200

/
www.google.de/pagead/1p-conversion/696255034/ Frame AE2C
Redirect Chain

https://www.googleadservices.com/pagead/conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ik-n...
https://www.google.com/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1967410876&sscte=1&crd=&i...
https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1967410876&sscte=1&crd=&is...

42 B
108 B

38ms
38ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1967410876&sscte=1&crd=&is_vtc=1&ocp_id=ik-nYb67DLmrx_APo86AqAQ&random=515821336&ipr=y&prhg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-NCQZQ9L

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1967410876&sscte=1&crd=&is_vtc=1&ocp_id=ik-nYb67DLmrx_APo86AqAQ&random=515821336&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
dc.ads.linkedin.com/collect/ Frame AE2C 0
0

GET 0
bat.bing.com/action/ Frame AE2C 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5559
date: Wed, 01 Dec 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 01 Dec 2021 11:01:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 60ms
43ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4RGMBCREE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4541d5f8214a1ddf4db8d5287ece46d78760c5b15ac17ad72817183cc7f8ce39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62225
x-xss-protection: 0
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 32ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200105-IAD, cache-hhn11553-HHN

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 79 KB
28 KB 88ms
30ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:16 GMT
server: nginx
etag: W/"613888fc-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 20ms
19ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ofRfSM5sstd77z1kbPgWHTVQftpX8GHNSmzpeDnkLMjIqit4Sa0QhL6dpQ9opv/Wm+v5Ij0ZpCfeHdXE9w6DpQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Dec 2021 10:33:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 39ms
8ms Script
application/x-javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33583
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 31ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 37A4B10E76C040C59F3CB2A8CC4B52CD Ref B: FRAEDGE1516 Ref C: 2021-12-01T10:33:46Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10442

GET
H2 400 .js
attribution.adclickafrica.com/d/ 0
0 252ms
10ms Script
text/html 18.195.123.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://attribution.adclickafrica.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.bonitas.co.za%2F&opt=Bonitas%20-%20Home&t=1638354826217
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 33ms
8ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 01 Dec 2021 09:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2255
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: NbGQYqQWC63ugrKk07XpKuVrbRNJEXA55S7DQRxVBXtK9IflW7bJ5BaKPgUKTNlrSGx1AcpBYAY=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 3GGJAFTT143KXRAC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 47 KB
16 KB 31ms
11ms Script
text/javascript 2600:9000:2156:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 206743f5a27b61f302352bf4452f78f13aa34bee7589b306e24677dc3a3e875e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: ehOkSJ.OYcbGtirOxrQzIxqoPEiLDyhY
Content-Encoding: gzip
Etag: W/"6d3e5545a63a8b2ad24684d3213523eb"
Age: 2806
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Nov 2021 22:19:15 GMT
Server: AmazonS3
Date: Wed, 01 Dec 2021 09:47:01 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gs2ebtaeMbqDx_aTYON_H4Zqu9N7hXBL4TufudfEH8JW4lU1KNnoTw==

GET
H2 200 bonitas.css
vroomf.chat/custom-css/ Frame 2479 7 KB
1 KB 12ms
11ms Stylesheet
text/css 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/custom-css/bonitas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5be438eaa50c4f307373cb60e784ca61a583b0833d75c9e555aa69a161b94188

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 12:34:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8082551e498d71:0"
vary: Accept-Encoding
content-type: text/css
date: Wed, 01 Dec 2021 10:32:16 GMT
accept-ranges: bytes
content-length: 1366

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/ 2 KB
1023 B 38ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/?random=1638354826336&cv=9&fst=1638354826336&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bonitas.co.za%2F&tiba=Bonitas%20-%20Home&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ee63a6c91ae14ad61666f884c999e8214418ea151eccc636b378c8120fa3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 997
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: nNmCoW8rVzTB+U3KaQr12HYp4zg4lM94c8oj3ANqORUDAKwzFqknTzeVdTsiEPOxwvcDeofDuQcNLSL0sAgX0A==
x-frame-options: DENY
date: Wed, 01 Dec 2021 10:33:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2426838540956198 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 23ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2426838540956198?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ea73e867471e61734d77e381e5110efccc887e97e86953d1157be7d455cd3b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88927
x-xss-protection: 0
pragma: public
x-fb-debug: BBDP6Dc0vg39PF3EvGyUPhf0i7I+VvOR9eWKPTFeTtiZ3eHbENmsu+4keE6tYpMHSIh6A+whGs7Zhg1WWHSvTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Dec 2021 10:33:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 47ms
32ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KNGHR3B&t=gtm4&cid=1959042063.1638354826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27ed910f4f37da108352099bf510c91975361a3a3024894ad4ec78764f693234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36041
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 10091852.json Show response
s.yimg.com/wi/config/ 2 B
448 B 136ms
121ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10091852.json

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills-es2015.e52cf3661877424e89d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:20:04 GMT
x-content-type-options: nosniff
age: 822
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: ZT2N3VS1EMAK27TY
x-amz-id-2: Lglf2JxKZwJPFzJGGpv1PQns7awGHxw/mBlu+tvSYNlMiJ68UQSVH50H/LSHdbf1FO6JEfG0tsM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1344305%26time%3D1638354826376%26url%3Dhttps%253A%252F%252Fwww.bonitas.co.za%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJT-wRopacuMwAAAX11jrcfc7Oq39OBcqSZFRgDRp6UDHCFnAlNeF8qTnh2...

0
155 B

411ms
217ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJT-wRopacuMwAAAX11jrcfc7Oq39OBcqSZFRgDRp6UDHCFnAlNeF8qTnh2rklLgN5zd0DI6g
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:47 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 39Ie/AibvBZg1MrXeSsAAA==

Redirect headers

date: Wed, 01 Dec 2021 10:33:47 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1638354826376&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJT-wRopacuMwAAAX11jrcfc7Oq39OBcqSZFRgDRp6UDHCFnAlNeF8qTnh2rklLgN5zd0DI6g
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: RhMR6QibvBZgqs4aKisAAA==

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 38ms
14ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y4RGMBCREE&gtm=2oeba1&_p=1618794770&sr=1600x1200&_gaz=1&ul=en-us&cid=1959042063.1638354826&_s=1&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&dt=Bonitas%20-%20Home&sid=1638354826&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4RGMBCREE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 50ms
16ms Ping
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4RGMBCREE&cid=1959042063.1638354826&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4RGMBCREE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4RGMBCREE&cid=1959042063.1638354826&gtm=2oeba1&aip=1&z=330697864

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 149ms
116ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o245m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0de616ba-69ff-4764-809f-cddfe8c129fa&tw_document_href=https%3A%2F%2Fwww.bonitas.co.za%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Wed, 01 Dec 2021 10:33:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fd0b0092c65f2989265ec5973c8d650c9597f4a126ef510bd45b36c969ff8488
x-transaction: 1f90b611a6129842
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
471 B 137ms
120ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o245m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0de616ba-69ff-4764-809f-cddfe8c129fa&tw_document_href=https%3A%2F%2Fwww.bonitas.co.za%2F

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Wed, 01 Dec 2021 10:33:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a03cc969f36d089780bfe80bc3a98301d32fbc76eb83f8c7c60f4b33c1fa3761
x-transaction: 9a5d901e442908e4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 137002139.js Show response
bat.bing.com/p/action/ 0
111 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/137002139.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Dec 2021 10:33:46 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 659387677FD647E09C14E04B39839083 Ref B: FRAEDGE1516 Ref C: 2021-12-01T10:33:46Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=137002139&tm=gtm002&Ver=2&mid=deebf60b-aaab-49b7-98b6-8b32dd7b7ea5&sid=29f10c20529211ecb16a17282da8dc5e&vid=29f13270529211ecad101d81a11fe65f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bonitas%20-%20Home&p=https%3A%2F%2Fwww.bonitas.co.za%2F&r=&lt=2817&evt=pageLoad&msclkid=N&sv=1&rn=551665
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 080B620201F24C56B466D62678FC2157 Ref B: FRAEDGE1516 Ref C: 2021-12-01T10:33:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/LYHCFNKWJ5DUPM22D44OHG/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

23ms
18ms

Script
application/javascript

2600:9000:2156:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Server: 2600:9000:2156:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 96536
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Wed, 01 Dec 2021 06:38:08 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: rZPIz4tUDgWVOy5euNu3resfpjxmKGxx3-oA8V-6Pyf509Y8m-nlsw==

Redirect headers

Date: Wed, 01 Dec 2021 08:29:28 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Age: 7457
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uhsCDfAfKRTpJYO-J6yow1piJQKq2IGsjuHi7Uktz7hRKo8yDmECqg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

9ms
8ms

Script
application/javascript

2600:9000:2156:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Server: 2600:9000:2156:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 48634
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Wed, 01 Dec 2021 05:04:23 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ENlKzBPN06HvawbTxsOuEPElqxon0_M4Wl5TvbjQXbYE3510brsTbQ==

Redirect headers

Date: Wed, 01 Dec 2021 09:31:07 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Age: 3759
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NQhHk1GbB1uAvI6jwBOpZptMAeCddRr50YySwAyDg1IBjgVahAXX3w==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/ 0
785 B 27ms
10ms Script
text/javascript 2600:9000:2156:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: IiMYXbWNhwcE732CV08T_IyS2CHB0iET
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 136
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Fri, 19 Nov 2021 21:51:07 GMT
Server: AmazonS3
Date: Wed, 01 Dec 2021 10:31:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bG49JuLJ_5LmnPtD9oqBq4IXXPgIQQ-PzY-ffJLuY8ekNU-pRVVKZA==

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://s2.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F
https://track.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co...

1 KB
1 KB

20ms
20ms

Script
text/javascript

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

852862cd8ae073180fbf63bc9da8c6791a7c233a65011d2349910866746a5d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 787
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 /
www.google.com/pagead/1p-user-list/696255034/ 42 B
64 B 35ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696255034/?random=1638354826336&cv=9&fst=1638352800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.bonitas.co.za%2F&tiba=Bonitas%20-%20Home&async=1&fmt=3&is_vtc=1&random=2792186904&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/696255034/ 42 B
154 B 23ms
22ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696255034/?random=1638354826336&cv=9&fst=1638352800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.bonitas.co.za%2F&tiba=Bonitas%20-%20Home&async=1&fmt=3&is_vtc=1&random=2792186904&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1618794770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&ul=en-us&de=UTF-8&dt=Bonitas%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=1814724170&gjid=1247165549&cid=1959042063.1638354826&tid=UA-143011272-1&_gid=502796914.1638354826&_r=1&gtm=2wgba1NCQZQ9L&z=667420439

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills-es2015.e52cf3661877424e89d3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2426838540956198&ev=PageView&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&rl=&if=false&ts=1638354826455&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1638354826454.1501924548&it=1638354826349&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 01 Dec 2021 10:33:46 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 34ms
17ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143011272-1&cid=1959042063.1638354826&jid=1814724170&gjid=1247165549&_gid=502796914.1638354826&_u=aGDACEACRAAAAC~&z=1366055917

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills-es2015.e52cf3661877424e89d3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Dec 2021 10:33:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-143011272-1&cid=1959042063.1638354826&jid=1814724170&_u=aGDACEACRAAAAC~&z=1785165282

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-143011272-1&cid=1959042063.1638354826&jid=1814724170&_u=aGDACEACRAAAAC~&z=1785165282

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 119ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2001%20Dec%202021%2010%3A33%3A46%20GMT&n=0&b=Bonitas%20-%20Home&.yp=10091852&f=https%3A%2F%2Fwww.bonitas.co.za%2F&enc=UTF-8&yv=1.10.2&tagmgr=gtm

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 LYHCFNKWJ5DUPM22D44OHG Show response
d.adroll.com/consent/check/ 396 B
489 B 97ms
32ms Script
application/javascript 108.129.28.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LYHCFNKWJ5DUPM22D44OHG?arrfrr=https%3A%2F%2Fwww.bonitas.co.za%2F&_s=97a0d65272a58d2adfefa75811b4a0d1&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.28.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-28-215.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: a2f7aa96be3282b8b3b348787fe4c77b295f8d2f308f542044c1b4b2226a7e5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx/1.20.0
content-length: 396
content-type: application/javascript

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame A310 1 KB
904 B 19ms
19ms Document
text/html 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=1784238&lid=62897859&ctype=0&media=0&PageName=%2f&rnd=1814163024&cpref=&loc=https%3a%2f%2fwww.bonitas.co.za%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

231299ebbbc92dc45a3cd9700ef4bff0c10d307f903d35ef4716146a62f40d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

server: nginx
date: Wed, 01 Dec 2021 10:33:46 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 1607 5 KB
2 KB 65ms
19ms Document
text/html 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=438221236401&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

240a3c3af781ddf9df8bec28362befa779a1ba63b47fcb5091b80a9269438d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

server: nginx
date: Wed, 01 Dec 2021 10:33:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
344 B 67ms
19ms Image
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=6918485967043963585&stamp=jAdW7BP82HwDvP-67D9Y4w2

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Dec 2021 10:33:46 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A310 90 KB
35 KB 83ms
83ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115464984-2

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=1784238&lid=62897859&ctype=0&media=0&PageName=%2f&rnd=1814163024&cpref=&loc=https%3a%2f%2fwww.bonitas.co.za%2f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5221121927058914c6a245a6db28019397a113ea8ff569ca22bbc7dfd33204e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36141
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 1607 0
261 B 18ms
17ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 1607
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6918485967043963585&Expiration=1639564426
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6918485967043963585&Expiration=1639564426

43 B
422 B

34ms
34ms

Image
image/gif

54.246.156.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6918485967043963585&Expiration=1639564426
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Server: 54.246.156.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-156-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Dec 2021 10:33:46 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6918485967043963585&Expiration=1639564426
date: Wed, 01 Dec 2021 10:33:46 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 1607 0
522 B 64ms
18ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=6918485967043963585

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 30 Nov 2021 10:33:46 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 1607 0
214 B 51ms
10ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1607
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6918485967043963585&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6918485967043963585&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=7739e314bddb4669a...
https://c1.adform.net/serving/cookie/match?party=9&uid=f27a01362e8a1b82876782e768e7e99db3d3efb27bfb2f887d5c3ce70c2c5d15

35 B
477 B

19ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=f27a01362e8a1b82876782e768e7e99db3d3efb27bfb2f887d5c3ce70c2c5d15

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=f27a01362e8a1b82876782e768e7e99db3d3efb27bfb2f887d5c3ce70c2c5d15
date: Wed, 01 Dec 2021 10:33:46 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1607 43 B
163 B 613ms
117ms Image
image/gif 199.187.193.193
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6918485967043963585&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 1607
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=6918485967043963585&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=6918485967043963585&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6918485967043963585&_origin=1&apid=UP2a1cdcde-5292-11ec-a81f-06c961e645ba

0
689 B

49ms
13ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=6918485967043963585&_origin=1&apid=UP2a1cdcde-5292-11ec-a81f-06c961e645ba

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=6918485967043963585&_origin=1&apid=UP2a1cdcde-5292-11ec-a81f-06c961e645ba
date: Wed, 01 Dec 2021 10:33:46 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 1607 43 B
713 B 84ms
30ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1638354826128027-529
Expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 1607
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6918485967043963585
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6918485967043963585
https://rtb.gumgum.com/usersync?b=bsw&i=ad26b219-03e4-4b3b-823d-16c3d42e6427

35 B
238 B

106ms
33ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=ad26b219-03e4-4b3b-823d-16c3d42e6427
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: //rtb.gumgum.com/usersync?b=bsw&i=ad26b219-03e4-4b3b-823d-16c3d42e6427
Date: Wed, 01 Dec 2021 10:33:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1607
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6918485967043963585&expiration=1639564426
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6918485967043963585&expiration=1639564426&C=1

43 B
1006 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6918485967043963585&expiration=1639564426&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Dec 2021 10:33:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6918485967043963585&expiration=1639564426&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/tradedesk/1/ Frame 1607
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6918485967043963585&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6918485967043963585&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=df5761a7-4f8a-4900-ada7-b6bfb3772e8d&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=1c108d2f-fc11-4761-9a81-2c2478ce459b

42 B
604 B

23ms
23ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=1c108d2f-fc11-4761-9a81-2c2478ce459b
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 77.243.60.138 Ballerup Municipality, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:45 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=1c108d2f-fc11-4761-9a81-2c2478ce459b
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 1607
Redirect Chain

https://ps.eyeota.net/match?uid=6918485967043963585&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=6918485967043963585&bid=9gdtmu1

70 B
440 B

10ms
10ms

Image
image/gif

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=6918485967043963585&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=6918485967043963585&bid=9gdtmu1
Date: Wed, 01 Dec 2021 10:33:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET

pixel.gif
load77.exelator.com/ Frame 1607
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6918485967043963585
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6918485967043963585&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

0
0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 1607 0
0 32ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

tpid=6918485967043963585
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 1607
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6918485967043963585
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6918485967043963585

49 B
737 B

41ms
41ms

Image
image/gif

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.28
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6918485967043963585
cache-control: no-cache
x-server: 10.45.13.44
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 1607 62 B
304 B 194ms
154ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 1607 43 B
275 B 40ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 1607
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

133ms
38ms

Image
image/gif

52.218.65.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 52.218.65.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: AJDBQTAM7G5K65HV
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: S8eAk7EEIMuSWnFOKyGQHBGre7uGhBEbdRS26RZS28+2fTRxgBKJEu9HQ8CFHHAstdUZ5extWWQ=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 01 Dec 2021 10:33:46 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 1607
Redirect Chain

https://pixel.onaudience.com/?mapped=6918485967043963585&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1a5a4e5fb98e7169a26be442e6ee06dc

35 B
247 B

99ms
98ms

Image
image/gif

51.222.80.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1a5a4e5fb98e7169a26be442e6ee06dc
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-4.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1a5a4e5fb98e7169a26be442e6ee06dc
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 1607
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6918485967043963585
https://tags.adsafety.net/v1/cm?cm_uid=CM1202112011032b9561ac639d6fe14d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2f01a83c006424e265aba250101faaf4
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202112011032b9561ac639d6fe14d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2f01a83c006424e265aba250101faaf4&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMDExMDMyYjk1NjFhYzYzOWQ2ZmUxNGQ
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEHpS68nV0qTeMhb18n8mJcI&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202112011032b9561ac639d6fe14d
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6918485967043963585

43 B
2 KB

29ms
29ms

Image
image/gif

88.80.189.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 88.80.189.68 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li700-68.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:47 GMT
Last-Modified: Wed, 01 Dec 2021 10:33:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6918485967043963585
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1607 0
338 B 96ms
31ms Image
text/plain 52.212.131.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.131.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1638354826
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 1607
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjkxODQ4NTk2NzA0Mzk2MzU4NQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJuZ5vk47XbG5CsEfsnp8zo&google_cver=1&google_ula=1641347,0

35 B
468 B

17ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJuZ5vk47XbG5CsEfsnp8zo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJuZ5vk47XbG5CsEfsnp8zo&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 1607 0
261 B 23ms
19ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 1607
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=7766404590574118329&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6918485967043963585

43 B
996 B

7ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6918485967043963585

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 16cc8fe2-1b33-4457-818a-2bf9e73858fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=6918485967043963585
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1607 42 B
544 B 76ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:45 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 1607 43 B
444 B 59ms
7ms Image
image/gif 143.204.98.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-106.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 23:46:22 GMT
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 38844
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 43
X-Amz-Cf-Id: bGq6_mwDGlUFtfyU5x7Ty0kXFNrL-zjQkoHXHlp2nK7g2UlCkYlqYg==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 1607
Redirect Chain

https://a.audrte.com/a?adform_uid=6918485967043963585
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEPryVLTAiWTQOedS2vYHbIg&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=8d114NqZsR2QlmBnjwIXDLSDQ&gdpr=0&gdpr_consent=

70 B
440 B

8ms
8ms

Image
image/gif

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=8d114NqZsR2QlmBnjwIXDLSDQ&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=8d114NqZsR2QlmBnjwIXDLSDQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1607
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6918485967043963585&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6918485967043963585&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=20628860125369636282321699151368774505&noredirect=1

35 B
468 B

17ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=20628860125369636282321699151368774505&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v020-0b509e3c1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: shZ+ZarXRZo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=20628860125369636282321699151368774505&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 1607
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6918485967043963585
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165020803987000155653

35 B
468 B

38ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165020803987000155653

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:46 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165020803987000155653
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 1607
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7036680401208932506

35 B
477 B

17ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7036680401208932506

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7036680401208932506
Date: Wed, 01 Dec 2021 10:33:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 1607 62 B
725 B 148ms
147ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 73ae
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1607
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=df5761a7-4f8a-4900-ada7-b6bfb3772e8d

35 B
468 B

19ms
19ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=df5761a7-4f8a-4900-ada7-b6bfb3772e8d

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 01 Dec 2021 10:33:47 GMT
Server: MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=df5761a7-4f8a-4900-ada7-b6bfb3772e8d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 01 Dec 2021 10:33:46 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1607
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=4spHA2Yz1MSmVR5

35 B
477 B

17ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=4spHA2Yz1MSmVR5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 01 Dec 2021 10:33:46 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=4spHA2Yz1MSmVR5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 1607
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1c108d2f-fc11-4761-9a81-2c2478ce459b

35 B
468 B

17ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1c108d2f-fc11-4761-9a81-2c2478ce459b

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1c108d2f-fc11-4761-9a81-2c2478ce459b
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET

image.sbmx
ib.mookie1.com/ Frame 1607
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6918485967043963585
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6918485967043963585

0
0

GET
H/1.1

200

1.gif
id5-sync.com/c/10/10/2/ Frame 1607
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6918485967043963585
https://id5-sync.com/c/10/10/2/1.gif?puid=6918485967043963585&gdpr=1&gdpr_consent=

43 B
1009 B

8ms
8ms

Image
image/gif

54.36.109.47
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/10/2/1.gif?puid=6918485967043963585&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

HTTP/1.1

Server

54.36.109.47 , France, ASN16276 (OVH, FR),

Reverse DNS

p02.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 01 Dec 2021 10:33:46 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/10/10/2/1.gif?puid=6918485967043963585&gdpr=1&gdpr_consent=
Date: Wed, 01 Dec 2021 10:33:46 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 1607
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4236283687
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=D.MTQIOdKYDgGh.PhqgPke

35 B
468 B

19ms
18ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=D.MTQIOdKYDgGh.PhqgPke

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
via: 1.1 google
last-modified: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=D.MTQIOdKYDgGh.PhqgPke
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 1607 23 B
172 B 79ms
36ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Dec 2021 10:33:47 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 1607
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6918485967043963585
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6918485967043963585&cs=1

35 B
376 B

6ms
6ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6918485967043963585&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:47 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6918485967043963585&cs=1
date: Wed, 01 Dec 2021 10:33:47 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 1607 0
240 B 40ms
8ms Image
text/plain 2600:9000:2156:2000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6918485967043963585
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:47 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KxrnNmpuiNVc9Yqa4z7lXwdnnDRX7M-P93jnTqhxga5_PCAuFchxkg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1607
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6918485967043963585&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6918485967043963585&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=7eeed125-1356-40e0-b096-b31e4b578bb5

35 B
468 B

17ms
17ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=7eeed125-1356-40e0-b096-b31e4b578bb5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Dec 2021 10:33:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=7eeed125-1356-40e0-b096-b31e4b578bb5
date: Wed, 01 Dec 2021 10:33:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 6918485967043963585
match.contentexchange.me/adform/ Frame 1607 0
49 B 88ms
23ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6918485967043963585?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:47 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 1607
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6918485967043963585&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6918485967043963585&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

11ms
11ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6918485967043963585&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6918485967043963585&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 01 Dec 2021 10:33:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 1607 0
261 B 21ms
20ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6918485967043963585&agencyId=6995&advertiserId=2048901&src=tp&rnd=157398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A310 49 KB
20 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115464984-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5559
date: Wed, 01 Dec 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 01 Dec 2021 11:01:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2426838540956198&ev=Microdata&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&rl=&if=false&ts=1638354827959&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bonitas%20-%20Home%22%2C%22meta%3Adescription%22%3A%22Bonitas%20-%20Medical%20aid%20for%20South%20Africa%2C%20We%20were%20voted%20the%20best%20Medical%20Aid%20when%20it%20comes%20to%20service%20excellence%20in%20the%202019%2F2020%20Ask%20Afrika%20Orange%20Index%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1638354826454.1501924548&it=1638354826349&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:33:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 01 Dec 2021 10:33:47 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/ 77 KB
28 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4411f1435a7f33383c99665b4c0a2df3c01a21e9525a8260a42aa91cda2b553f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28785
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 17:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 20:06:54 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/ 298 KB
91 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd16e548033de3f5738579b6aebc6a9ec86e61b0300aa2561a3b610660adecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92915
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 17:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 20:06:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc.ads.linkedin.com
URL: https://dc.ads.linkedin.com/collect/?pid=1344305&fmt=gif

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=137002139&Ver=2

Domain: load77.exelator.com
URL: https://load77.exelator.com/pixel.gif

Domain: ib.mookie1.com
URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6918485967043963585

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

113 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bonitas.co.za/	1970-01-20 07:51:30	Name: _hjSessionUser_1949475 Value: eyJpZCI6IjhlZGJmOTQ5LWNjMzgtNWI3Yy05Njg5LWIwMGMxODllMzNhNiIsImNyZWF0ZWQiOjE2MzgzNTQ4MjQxNDAsImV4aXN0aW5nIjpmYWxzZX0=
.bonitas.co.za/	1970-01-19 23:05:56	Name: _hjFirstSeen Value: 1
.bonitas.co.za/	1970-01-19 23:05:56	Name: _hjSession_1949475 Value: eyJpZCI6ImIwZjZjY2EzLTI1ZWItNGRkNi05NTIwLWFjMjE2YTQ5Y2Y0NyIsImNyZWF0ZWQiOjE2MzgzNTQ4MjQyMDJ9
www.bonitas.co.za/	1970-01-19 23:05:54	Name: _hjIncludedInPageviewSample Value: 1
.bonitas.co.za/	1970-01-19 23:05:56	Name: _hjAbsoluteSessionInProgress Value: 0
.bonitas.co.za/	1970-01-20 01:15:30	Name: _gcl_au Value: 1.1.1768861692.1638354826
.bing.com/	1970-01-20 08:27:30	Name: MUID Value: 3B13F7A01C4067C6224FE6A01D2B66A7
.bonitas.co.za/	1970-01-19 23:07:21	Name: _gid Value: GA1.3.502796914.1638354826
.doubleclick.net/	1970-01-20 08:27:30	Name: IDE Value: AHWqTUmAngaIrZzW_UbHj9oLxQKgSqISEDafoswJC77BB3_h3PH8NyJUool05AVZ
.bonitas.co.za/	1970-01-20 16:37:06	Name: _ga_Y4RGMBCREE Value: GS1.1.1638354826.1.0.1638354826.60
.bonitas.co.za/	1970-01-19 23:07:21	Name: _uetsid Value: 29f10c20529211ecb16a17282da8dc5e
.bonitas.co.za/	1970-01-20 08:27:30	Name: _uetvid Value: 29f13270529211ecad101d81a11fe65f
.bonitas.co.za/	1970-01-20 16:37:06	Name: _ga Value: GA1.3.1959042063.1638354826
.bonitas.co.za/	1970-01-19 23:05:54	Name: _gat_UA-143011272-1 Value: 1
.bonitas.co.za/	1970-01-20 01:15:30	Name: _fbp Value: fb.2.1638354826454.1501924548
.adform.net/	1970-01-19 23:50:33	Name: C Value: 1
.twitter.com/	1970-01-20 16:37:06	Name: personalization_id Value: "v1_1JB3RP9Eba32DFVXZOJ0ww=="
.adform.net/	1970-01-20 00:32:18	Name: uid Value: 6918485967043963585
.adform.net/	1970-01-19 23:07:21	Name: CM Value: 1\|1
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-19 23:07:21	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2169:u=1:x=1:i=1638354826:t=1638441226:v=2:sig=AQGnxi4w8ss9082PlGuoY1uSNWp7zvFg"
.adform.net/	1970-01-19 23:26:04	Name: CM14 Value: 1638441226_1638354826_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.seadform.net/	1970-01-20 00:32:18	Name: uid Value: 6918485967043963585
.yahoo.com/	1970-01-20 07:51:52	Name: A3 Value: d=AQABBIpPp2ECEDDJ9HPMSqEdj7Ql97irRnkFEgEBAQGhqGGxYQAAAAAA_eMAAA&S=AQAAAlg78PNc_oVpfe3qA7YSq5w
.adscale.de/	1970-01-20 07:48:10	Name: uu Value: 7739e314bddb4669ad82c5039f981967
.adscale.de/	1970-01-20 07:48:10	Name: cct Value: 1638354826670
.bidswitch.net/	1970-01-20 07:51:30	Name: tuuid Value: ad26b219-03e4-4b3b-823d-16c3d42e6427
.bidswitch.net/	1970-01-20 07:51:30	Name: c Value: 1638354826
.bidswitch.net/	1970-01-20 07:51:30	Name: tuuid_lu Value: 1638354826
.casalemedia.com/	1970-01-20 07:51:30	Name: CMID Value: YadPisKLYeVKRCpnkAaf7QAA
.casalemedia.com/	1970-01-20 01:15:30	Name: CMPS Value: 5207
.ih.adscale.de/	1970-01-20 07:48:10	Name: tu Value: 4#3443874028#42~6918485967043963585~455098~0~0
.advertising.com/	1970-01-20 07:52:57	Name: APID Value: UP2a1cdcde-5292-11ec-a81f-06c961e645ba
.yieldlab.net/	1970-01-20 07:51:30	Name: id Value: 7075e858-3775-48d0-b409-9e94053a1fb3
.casalemedia.com/	1970-01-20 01:15:30	Name: CMPRO Value: 1111
.casalemedia.com/	1970-01-19 23:07:21	Name: CMST Value: YadPimGnT4oA
.casalemedia.com/	1970-01-20 07:51:30	Name: CMRUM3 Value: 6f61a74f8a27606918485967043963585
ads.stickyadstv.com/	1970-01-20 00:32:18	Name: uid-bp-617 Value: 6918485967043963585
ads.stickyadstv.com/	1970-01-19 23:49:06	Name: UID Value: a3e14647e8197a88c72cef819fcfa89
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 4d2181416afe6e53f2bff3673637136
.eyeota.net/	1970-01-20 07:51:30	Name: mako_uid Value: 17d758eb5de-34280000010f4343
.eyeota.net/	1970-01-19 23:05:55	Name: SERVERID Value: 17219~DM
.semasio.net/	1970-01-20 07:51:30	Name: SEUNCY Value: C73F23387765A609
.360yield.com/	1970-01-20 01:15:30	Name: tuuid Value: 22ecc3ef-df6e-4601-be14-696131246310
.360yield.com/	1970-01-20 01:15:30	Name: tuuid_lu Value: 1638354826
.analytics.yahoo.com/	1970-01-20 07:52:57	Name: IDSYNC Value: 1760~21ua
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP2a1cdcde-5292-11ec-a81f-06c961e645ba
.yahoo.com/	1970-01-19 23:07:21	Name: APIDTS Value: 1638354826
.linkedin.com/	1970-01-19 23:49:06	Name: UserMatchHistory Value: AQKCgKjeHuxQXwAAAX11jrXdMlNB42h8tWwOpK6kKncLOypyxO7hGZNHzh3kIpM3cj_GtVxshJlxDw
.linkedin.com/	1970-01-19 23:49:06	Name: AnalyticsSyncHistory Value: AQIZziPCkYg6iQAAAX11jrXdsuNQ559O8740TRjVROE4C9jPhdN5y081lhbn2a4PqVBz0jbp4E4UW8embQr4kg
.linkedin.com/	1970-01-20 16:37:48	Name: bcookie Value: "v=2&9a734a02-5960-46ee-8e06-39ea6446e6e3"
.360yield.com/	1970-01-20 01:15:30	Name: um Value: !42,9qoveQ0l7epPADiYctWD-lXPhE0usd26K5dVf5bMKrb0,1639564426
.360yield.com/	1970-01-20 01:15:30	Name: umeh Value: !42,0,1700562826,-1
.exelator.com/	1970-01-20 01:58:42	Name: EE Value: "1a5a4e5fb98e7169a26be442e6ee06dc"
.exelator.com/	1970-01-20 01:58:42	Name: ud Value: "eJxrXxzq6XKLQcEw0TTRJNU0LcnSItXc0Mwy0cgsKdXExCjVLDXVwCwleXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F79t1HACfRisR"
.mathtag.com/	1970-01-20 08:31:50	Name: uuid Value: df5761a7-4f8a-4900-ada7-b6bfb3772e8d
.crwdcntrl.net/	1970-01-20 05:34:41	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:34:41	Name: _cc_id Value: b6978e69f5c6fb419d33ea58cf6693e1
.crwdcntrl.net/	1970-01-20 05:34:42	Name: _cc_cc Value: "ACZ4XmNQSDKzNLdINbNMM002S0syMbRMMTZOTTS1SE4zM7M0TjVkAILE5f5dIBoKAFwxCuQ%3D"
.crwdcntrl.net/	1970-01-20 05:34:42	Name: _cc_aud Value: "ABR4XmNgYGBIXO7fBaSgAAAXfQHi"
cm.adsafety.net/	1970-01-20 07:51:30	Name: UID Value: CM1202112011032b9561ac639d6fe14d
.adsafety.net/	1970-01-20 07:51:30	Name: cm_uid Value: CM1202112011032b9561ac639d6fe14d
.krxd.net/	1970-01-20 03:25:06	Name: _kuid_ Value: Og7bRQUq
tags.adsafety.net/	1970-01-20 07:51:30	Name: UID Value: 2f01a83c006424e265aba250101faaf4
tags.adsafety.net/	1970-01-20 07:51:30	Name: DID Value: 2f01a83c006424e265aba250101faaf4
tags.adsafety.net/	1970-01-20 07:51:30	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 07:51:30	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-19 23:49:06	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 07:51:30	Name: ct_uid Value: 2f01a83c006424e265aba250101faaf4
.adsafety.net/	1970-01-20 07:51:30	Name: ct_did Value: 2f01a83c006424e265aba250101faaf4
.adsafety.net/	1970-01-20 07:51:30	Name: ct_idt Value: 100
.adnxs.com/	1970-01-20 01:15:30	Name: uuid2 Value: 7766404590574118329
cm.adsafety.net/	1970-01-20 07:51:30	Name: permanent Value: 1
.adnxs.com/	1970-01-20 01:15:30	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2C$Kmqc-I!]tbPl1M66+q([OUezrWXsWB[[QU$sNZl^1VFeeJ[Fk+8aa5jq%nugO%v4VB%nms!(3d+W
.pubmatic.com/	1970-01-19 23:49:06	Name: KRTBCOOKIE_391 Value: 22924-6918485967043963585&KRTB&23263-6918485967043963585
.pubmatic.com/	1970-01-19 23:49:06	Name: PugT Value: 1638354825
.pubmatic.com/	1970-01-20 01:15:30	Name: PUBMDCID Value: 3
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:37:48	Name: bscookie Value: "v=1&20211201103346419bd1c0-06ba-4809-86c9-597c8681001bAQG_Z16rzm2G6ep4Ip0RfWkzBlYw8iN9"
.linkedin.com/	1970-01-20 16:19:14	Name: li_gc Value: MTswOzE2MzgzNTQ4MjY7MjswMjGbvofOJkHKDfm5W9EtcAha9yO6bVqBakfWbUJZJ/3XSQ==
.adsrvr.org/	1970-01-20 07:51:30	Name: TDID Value: 1c108d2f-fc11-4761-9a81-2c2478ce459b
.agkn.com/	1970-01-20 07:51:30	Name: ab Value: 0001%3Al9OFoIWl%2B3zd6523909IX69FLtCdns6m
ads.smartstream.tv/	1970-01-20 07:51:30	Name: DID Value: 2f01a83c006424e265aba250101faaf4
ads.smartstream.tv/	1970-01-20 07:51:30	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 07:51:30	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-19 23:49:06	Name: cm_uid Value: CM1202112011032b9561ac639d6fe14d
.adfarm1.adition.com/	1970-01-20 01:15:30	Name: UserID1 Value: 7036680401208932506
.adsrvr.org/	1970-01-20 07:51:30	Name: TDCPM Value: CAESFgoHc2VtYXNpbxILCL7HyeyCsJo6EAUYASABKAIyCwji8paambCaOhAFOAFaBzcxZWk5cnJgAg..
.onaudience.com/	1970-01-20 07:51:30	Name: cookie Value: 390d402dbcfb108f
.onaudience.com/	1970-01-19 23:07:21	Name: done_redirects161 Value: 1
.w55c.net/	1970-01-20 08:36:09	Name: wfivefivec Value: 4spHA2Yz1MSmVR5
.demdex.net/	1970-01-20 03:25:06	Name: demdex Value: 20628860125369636282321699151368774505
.w55c.net/	1970-01-19 23:49:06	Name: matchadform Value: 5
.id5-sync.com/	1970-01-19 23:05:55	Name: cf Value:
.id5-sync.com/	1970-01-19 23:05:55	Name: cip Value:
.id5-sync.com/	1970-01-19 23:05:55	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:05:55	Name: car Value:
.id5-sync.com/	1970-01-19 23:05:55	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:05:55	Name: id5 Value: 3ace1ac6-8bba-44d6-9820-8708bb55c0e5#1638354827112#1
.id5-sync.com/	1970-01-19 23:05:55	Name: callback Value:
.dpm.demdex.net/	1970-01-20 03:25:06	Name: dpm Value: 20628860125369636282321699151368774505
cm.adsafety.net/	1970-01-20 07:51:30	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaempEeEd1YmFLNzkyWXVIU2o3TE5IUytMSHpSdFk1Q1k1b1g1OHBtN3A0SzhEbEhrWVBjZjZqd2ZIVHIzS08yNjdWcmxsMi9Gd3ZUR1VaWTVXeHRWdUJGRVNxUGY5Z3d3UExZUG9heFdlKzBlUUE0M1E4SXQweEVLMEcwVEczUTBxN2JOM2JVYkgyR3dFa2NsbUZ4amU4YmdBa0FEUlZWTitLMDFRM2Z3WURpeFpCS1lKYkUrZ20rVUVER1V2T1RmNXlQQ0xwRzdWR0k4aTAxMkJDSno3OEFyV3dPTXhEMnp0OHpKb3ZjRVROYi9iN1lPQnV0cC9yQXY1Y3FLQTYrV0xUK1MycU5SYlVibk5EcGNzNjJIL3pFT3VONW92UEdIKzNZM091UTJPTU9mTDEzbmRFTEU3STEyZUZQaHRQUEgyQXh0anJNWkxBUXd5bEdGOE9kNVhPbFEzdHZKU0xKWVRCQUJ6ajJISFNVRnVsWjNFYUUvZy9JVlE2TENNcVlKVWc4TldncmtTbjNMT1cySUFiMW9Ub3Fscjc0cVVzVzRwSWFZRXQ1YlVJaVB0bzNROEZ0M29lUDIrYS80anJ0bjZFZ21SOTZndWtJYXRoVWVncUZ4RDBWUko0TCtZOU05WnZ6MENLV3V3NHo3UENaMjZWWlUzaUxnSEFSY2lQM3dxQkMwd1hTa2FlcWZhRmdPdXJEQzlVSzV6TFQ1MFZtTnhOeW5KOE9NZXlubWE5ckJtZlplRXh3Z3RxMmJpdjdVTEdGOGhmV0RUV3pjOFRRNmpZZisva1lTVEowajNMTC9vOFR5aE5DNlRJN0RQdE04Z3VBWWgvakM4UGpBdlRrNzNLb0RPZHpkVXRPOFpVdEY1aG8xWmxmZGx4WmU3eUQ2L0hJQTRhNGo0YWQxZFZhUndscnJoaTZOQ2xESmJmRnpVS29EYnVGWGxBbmF3dVppWmlJZ2RlSFJETlptRDF5TjhPZW1KYzY0c3NWMFkrcElBTEJ2Q3ZBR2x0Z1luUkE5UFBZOGw4U3JJdis2TFhQdEFqZnRMSnRtVUhXZ1lVVzY2MzAxbGU4bng0YVFNTllhTGJVSGh0cnB1cTlFNWVpbWc9PQ%3D%3D
.weborama.fr/	1970-01-20 08:37:35	Name: AFFICHE_W Value: KuU-NcuCvu4q75
.bluekai.com/	1970-01-20 03:25:06	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 03:25:06	Name: bkpa Value: KJpEnXTLu5DlBMRt1nnwEnWNLpu61nWy+ExpBp9h+MxpBgDyOxYKAxCu
.bluekai.com/	1970-01-20 03:25:06	Name: bku Value: aG/99/+wotWw811I
.1dmp.io/	1970-01-20 07:51:30	Name: uid Value: 2a666820-5292-11ec-8677-901b0e934d81
.tapad.com/	1970-01-20 00:32:18	Name: TapAd_TS Value: 1638354827202
.tapad.com/	1970-01-20 00:32:18	Name: TapAd_DID Value: 7eeed125-1356-40e0-b096-b31e4b578bb5
.3lift.com/	1970-01-20 01:15:30	Name: tluid Value: 16117421552881834578
.tapad.com/	1970-01-20 00:32:18	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: 8d114NqZsR2QlmBnjwIXDLSDQ!20210804!1638354827296
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hcwu1hvfqjdeyzqj25sdz15k

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bat.bing.com/action/0?ti=137002139&Ver=2 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://attribution.adclickafrica.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.bonitas.co.za%2F&opt=Bonitas%20-%20Home&t=1638354826217 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.ads.linkedin.com/collect/?pid=1344305&fmt=gif Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6918485967043963585 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6918485967043963585 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
allegraprod-bonitasapi.azurewebsites.net
analytics.google.com
analytics.twitter.com
api.adrtx.net
attribution.adclickafrica.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
coronavirus-19-api.herokuapp.com
d.adroll.com
dc.ads.linkedin.com
developer.apple.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.mookie1.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
in.hotjar.com
load77.exelator.com
loada.exelator.com
maps.googleapis.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
play.google.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rtb.gumgum.com
s.ad.smaato.net
s.adroll.com
s.yimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
t.co
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
vars.hotjar.com
vroomf.chat
www.bonitas.co.za
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
bat.bing.com
dc.ads.linkedin.com
ib.mookie1.com
load77.exelator.com
102.133.154.32
104.111.215.191
104.111.218.85
104.111.242.245
104.244.42.3
104.244.42.69
108.129.28.215
108.174.10.14
139.162.147.24
142.250.185.130
142.250.186.162
143.204.98.106
143.204.98.33
143.204.98.69
143.204.98.76
15.197.193.217
17.253.57.201
18.156.0.31
18.193.208.211
18.195.123.247
18.195.177.130
185.64.189.110
199.187.193.193
199.232.136.157
2.18.233.201
2.18.234.21
2.18.234.233
212.82.100.181
2600:9000:2156:2000:1b:5138:8a40:93a1
2600:9000:2156:9200:6:9280:1080:93a1
2620:119:50e8:101::9002:f05
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c01::9d
2a02:26f0:6c00::210:ba23
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.120.154.132
3.120.29.221
3.125.70.222
34.192.120.237
34.254.124.164
34.254.143.3
35.157.177.200
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.234
37.157.2.247
37.157.4.39
37.252.173.27
46.19.11.36
51.222.80.231
52.17.84.146
52.208.210.171
52.211.146.69
52.212.131.178
52.218.65.60
52.30.224.0
54.246.156.93
54.36.109.47
54.78.134.111
69.173.144.165
76.223.111.18
77.243.60.138
78.46.100.125
80.82.217.92
85.114.159.118
88.80.189.68
93.90.206.61
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b5b87c980c6ad00c093521b9ad9e45e75d3feedcf90cf70874864a4b321cbc5
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1209d77855724a24ef3e4391b6820edfa6055766915f19c31170cb304290e833
13ee63a6c91ae14ad61666f884c999e8214418ea151eccc636b378c8120fa3d6
1cb20c1933ab8e210f051ddfe697d8c84252a0607f02d89e0b88882f864733c5
1efb9d5b56fdcd84084a5a86ce9dedf6b486934a61f69cd69a918ff5b1095b01
1ffdedc21b585655885ef4f2ef299d6d7388b0d24b5254f29713767665770158
206743f5a27b61f302352bf4452f78f13aa34bee7589b306e24677dc3a3e875e
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
22607cfaa4ac4ff79929252395a88149794e04c34c589d2975dcb841eea7165b
231299ebbbc92dc45a3cd9700ef4bff0c10d307f903d35ef4716146a62f40d31
240a3c3af781ddf9df8bec28362befa779a1ba63b47fcb5091b80a9269438d0f
27514863c6aba98470374f94dab474ff13511e727f0f4271195f220c47385cee
27ed910f4f37da108352099bf510c91975361a3a3024894ad4ec78764f693234
28d166edeac9c9678740436619af0e7f624944dfe33044078595f049ebf0626e
2b632825523807c1998c55b85fef462fadf12fbbbaae6cd7a274642ddf30cdc1
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
326dfac91c373be3be582f12d4adf533eea4a9043a3c48f26c28f91150220a69
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c3c9a77a061dc645fa3084b964bce8e8880f002fc4131e23bc3be7bfec1061
3944efd7e4e5bda036f898b0eff195390ebb7bac69588c61b242a135e1b01ef1
41845eade630e030c4009cbcdcdcbf28424b8c43b3e3fccf89b5bae69b10cab4
41fca96ec6e235b3dcff4bc97f90e036a6063d578eeec6a8a035f31e3b78eccb
43bcb72d28205b375fd5c665d8ffaaf2638c9a07098ffba0e0db643cff98ef4b
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
4411f1435a7f33383c99665b4c0a2df3c01a21e9525a8260a42aa91cda2b553f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4541d5f8214a1ddf4db8d5287ece46d78760c5b15ac17ad72817183cc7f8ce39
4b20cdee3e0928113e52b5f47160a4519898c94f0ec2f8e3b843877ec59bbfab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5221121927058914c6a245a6db28019397a113ea8ff569ca22bbc7dfd33204e2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5be438eaa50c4f307373cb60e784ca61a583b0833d75c9e555aa69a161b94188
5caf4af4d76652327fc41ad9a75e8d1cf225606b09b908818fee1a087858a6f4
5cdb092fb9de6b7622f5ff47b1260b4958c5e9884a3c87eb6d5f40c682e8cd77
5ed9e9d957a4d5501bc133a57c9fce04a7f8d16b444b2b6a25e8de2a6decbb64
64a2b5ad446a2647712d60a930f2c237587c505682ca04e5601110909bd1abd8
6abfb8daad009dec181e9dcdcfd5798c1fe834023060db5557a3161a71cd1db0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ea73e867471e61734d77e381e5110efccc887e97e86953d1157be7d455cd3b2
6f9142887fe8a25c736700c28b55830afd32b88b1bac357cea778ae8a257bf89
73b53332856ffa41b6557194314337d11896f9399877cc9807cb69063d177d85
745c3792deda85051c00a846cdb22e9ae652ed4689f7ff6534799d78ceba0a4c
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
77208c7f2e708a8f48eea6a45475a8a79cb4313c7c44066608ed682373c5010f
79f1f2ac457d293d5f391f2ea8f6f9201c26da424dbea3d2b798796f05e69798
7a035d5b1ed882690304692c7a8e4f7e850a4c37441e2329dcf966f29504ad58
7a82f00fe8983b99c6edf80d2a33909d5d1b5c6e1ecd3c34042785f28404f29c
7ee5d5c39b6cb534bea686be729a6d8eeb9c1d6d31c7e667dd36586cba82bae4
81909ea242f76d6764cd4e62510839e8f6caee108736b25cdb5e3dd9d48b29d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839fefbdb2b03b89119c6dc1ff9d6c66dd10fe2835cef596fd37b5da6346a091
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852862cd8ae073180fbf63bc9da8c6791a7c233a65011d2349910866746a5d8e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91aad0abe282eee987b62d4cbe9940ea4fc9d35766d019407b00afcf6b4e0d3f
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
935e08ead999f378e3db95fffc8e6a6bc2af40e29c144f6e92047f2462e80598
946e9f4d139f67f6882b1929c65fec2d22c36e7f333ed7048543cb6ddd1bb93a
94ed122bcf5296e864e41868640aab1c34602e3bed168a75f0d3d0bb85589639
974ec71cbaf5ad7deb9fd33f8d15acb4fa1e4a4e25742916fb6b2b12f91d7454
9878b15fcd6a25ead8239198c06cdccc7fe3b209039191f7791518932f75a062
99703529d4a0753bbde04159d5896dba874cd2af61f4d08e7c9974133a48cb0d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0226b9e22040f6eeb6f263e74d56da81c7cd19900a7296529fa44d87fe67815
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1635c69133f0a0197c1461f5f0e6751f048d1d7a93217fb4cee0bf60b57f44a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a2f7aa96be3282b8b3b348787fe4c77b295f8d2f308f542044c1b4b2226a7e5a
a362ec8ea1ee21cb70764d2b95ca3f975bf087884f7d3eb51021bc229fdfb386
a4406468b3e794fccd0a8e07d601e150dc1fda0d792e85b9f13785a2f51d752e
a5d100945f5ec292fa9a3bf294212c7de3a425fb856dd4016d20a28110fce02d
a84a6bcc0d4e00cfb81bedab15b21cc88d011f93b6b1f578bcd4d9621345dd8e
ac6d3a8719330f04e0db933d519db4ff6a02e44e9cd0d8d737d971fef0481c21
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b088d9c8c9d4653ebef16a3ba3eb424928f5e15fe2a7bf671e849cb0b5b54b2a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ee68bebd775f0121e62c53aadb925deebdb19f79952111b0afa853ebf6826a
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3b04e553ddae6756a8df2b8d05c287096744d5e09f2c24db460d921c807aedf
b7013433e1931b20909c73255d0aa4888c08671cddc71eafb6265087f6087d18
b7cab4c991eea564dfd98ebeee4c6426947b839258a372d0cec27a06b14af8a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd047663d16315dbe69769777c745a1670a1bc7d64155fb2fa6cf4492164c6a6
c26abcd99d6a6fa61f1bea4d5fe4ff3e2ac33319b5c3f88d8f005656fbdec060
c2a99600e5492bff4c8c7f7f3715bdebc310a5196de915b5534dd2bf4e269481
c480de58f48b0f6a9a60e3babb0685dad925029863e979e2d65de6acef66e5d7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb635be1d3fe78f3cdd56d18cfd15caebe8f22cd4622c63f48b70d71898be764
cbe2fb7771425ce457a50d2d6433f7e1773f502cc8464ad93ec61bc1a25bfd9d
cdd16e548033de3f5738579b6aebc6a9ec86e61b0300aa2561a3b610660adecd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33846530edc2da1abbf19b8264d40287170bd90178ac75c517b6c715abb36a2
d7f1792c7c9474b10f5c8d24c0ac2c42560d34544a4fb4a004cd6c1cbf6ea509
d9aeb01584a940c2b8dab364f2cc8b3a4336eadd9d6aa881119e26aeabf6c5a6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb41de27c57d2cce5fa39f961f3c4043b383ba58fc6e33fe322f3e0cc8ae235
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de518464e7f9cf3679e05c4fbd7e1ece765544fd8d4c834f05710275aaac1f31
de7886c41a0596710519c151750a969c825fa1ff97eda49380850903c230900d
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfb4fef5fcd3ab6498ef0e06ebeec7cb3a8b168ed35d056c3e4309260f4bedb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4b3fbfa5d3f9064b7a0e4a30b9bbff6efd0e80cda7d0fd78f3b4826302e56
e7b2df78ad81bcea1b6105f65c8d5c9ba1fe6ea04f28482bd4a815ff3772712b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00cdc539b9230955cb825ad8fe72ae7197a3dd5c58969bd4c512845022dba9c
f1ed18c3388b389184887a08a7957f5f5b8e8af344c0889cb82da2efe21e0163
f3560e5a8902bf88c2fdabf10b10c054215562b5afae024dd6cb77574da393b4
f4e4b2d52bf0f106ab135f3fb62bff84afd9a891b437f012c739f07da8d9ea46
f565c417645339fadd3f9be2c40b4ba791405064c1e6a434ea3dc8dfa4cf6b35
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f626c20e83e617b3408d8ab02238311a8808b7b3a5425947406d5c58c202f95e
fa0473a36dfccade7c76beb562f0bfc4f41f8d7a84f14f40164810b03987a79e
faf96279daab880f59aee01a4ad999db2ca6eca9fb1c9d2c15ef07a93e216f48
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.bonitas.co.za Open in urlscan Pro 102.133.154.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

173 Requests

80 %HTTPS

24 %IPv6

70 Domains

88 Subdomains

64 IPs

10 Countries

6390 kBTransfer

12406 kBSize

113 Cookies

6 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.bonitas.co.za Open in urlscan Pro
102.133.154.32 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

80 %
HTTPS

24 %
IPv6

70
Domains

88
Subdomains

64
IPs

10
Countries

6390 kB
Transfer

12406 kB
Size

113
Cookies

173 HTTP transactions
0 data transactions