www.bonitas.co.za Open in urlscan Pro
102.133.154.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bonitas.co.za/
Effective URL:
https://www.bonitas.co.za/
Submission: On December 22 via api (December 22nd 2021, 8:07:14 am UTC) from ZA — Scanned from DE

Summary HTTP 178 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 69 IPs in 10 countries across 72 domains to perform 178 HTTP transactions. The main IP is 102.133.154.32, located in Johannesburg, South Africa and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bonitas.co.za.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 12th 2021. Valid for: a year.

This is the only time www.bonitas.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	102.133.154.32 102.133.154.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
1	54.78.108.238 54.78.108.238	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	17.253.57.201 17.253.57.201	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	34.241.115.67 34.241.115.67	16509 (AMAZON-02) (AMAZON-02)
1 13	93.90.206.61 93.90.206.61	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 2	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 6	2600:9000:215... 2600:9000:2156:1600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 3	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.35.87.185 63.35.87.185	16509 (AMAZON-02) (AMAZON-02)
2 16	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1 2	34.240.183.205 34.240.183.205	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.68.168.178 3.68.168.178	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.195.140.97 18.195.140.97	16509 (AMAZON-02) (AMAZON-02)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.184.229.61 18.184.229.61	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
4 4	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	52.211.146.69 52.211.146.69	16509 (AMAZON-02) (AMAZON-02)
1	52.218.118.80 52.218.118.80	16509 (AMAZON-02) (AMAZON-02)
1 2	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
5 5	139.162.147.254 139.162.147.254	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.176 51.77.65.176	16276 (OVH) (OVH)
1 1	80.82.217.92 80.82.217.92	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	85.90.245.27 85.90.245.27	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.19.142.33 52.19.142.33	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	143.204.98.106 143.204.98.106	16509 (AMAZON-02) (AMAZON-02)
2 2	3.213.248.174 3.213.248.174	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.19.78.71 52.19.78.71	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.154.132 3.120.154.132	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.135.60 35.156.135.60	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.183 216.46.185.183	13649 (ASN-VINS) (ASN-VINS)
1	54.36.109.156 54.36.109.156	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:215... 2600:9000:2156:4000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	52.239.232.68 52.239.232.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
178	69

59 102.133.154.32 (Johannesburg, South Africa) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bonitas.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
allegraprod-bonitasapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.108.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 17.253.57.201 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)
PTR: defra3-vip-bx-001.aaplimg.com

developer.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.115.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-115-67.eu-west-1.compute.amazonaws.com

coronavirus-19-api.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 93.90.206.61 (United Kingdom) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

vroomf.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.73 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

attribution.adclickafrica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:1600:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.252 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.87.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-87-185.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.183.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-183-205.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.168.178 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-168-178.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.140.97 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-140-97.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.229.61 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-229-61.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.143.3 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.102.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.146.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-69.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.118.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.147.254 (Frankfurt am Main, Germany) 5 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1414-254.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.176 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags12.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.92 (Krefeld, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.90.245.27 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1428-27.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.142.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-106.fra50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.248.174 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-248-174.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.78.71 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.154.132 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.135.60 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (Broomfield, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.156 (France)

ASN16276 (OVH, FR)
PTR: p07.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.214.77 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.239.232.68 (Johannesburg, South Africa)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

allegradocstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	bonitas.co.za 1 redirects www.bonitas.co.za	12 MB
21	adform.net 4 redirects s2.adform.net track.adform.net c1.adform.net dmp.adform.net	40 KB
13	vroomf.chat 1 redirects vroomf.chat	406 KB
8	doubleclick.net 5 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
7	adroll.com 2 redirects s.adroll.com d.adroll.com	19 KB
6	adsafety.net 6 redirects cm.adsafety.net tags.adsafety.net	10 KB
5	exelator.com 4 redirects loadm.exelator.com load77.exelator.com loada.exelator.com	4 KB
5	semasio.net 4 redirects uipglob.semasio.net	3 KB
5	google.com 1 redirects play.google.com www.google.com analytics.google.com	15 KB
5	googleapis.com maps.googleapis.com fonts.googleapis.com	171 KB
4	google-analytics.com www.google-analytics.com	74 KB
4	linkedin.com dc.ads.linkedin.com Failed px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	googletagmanager.com www.googletagmanager.com	174 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	67 KB
3	windows.net allegradocstorage.blob.core.windows.net	4 MB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	facebook.net connect.facebook.net	133 KB
3	bing.com bat.bing.com Failed	11 KB
3	google.de www.google.de	719 B
2	3lift.com 1 redirects eb2.3lift.com	714 B
2	tapad.com 2 redirects pixel.tapad.com	906 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	519 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	913 B
2	smartstream.tv 1 redirects ads.smartstream.tv cm.smartstream.tv	849 B
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	545 B
2	eyeota.net ps.eyeota.net	688 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	676 B
2	adscale.de 2 redirects ih.adscale.de	692 B
2	360yield.com 1 redirects ad.360yield.com	825 B
2	facebook.com www.facebook.com	385 B
2	yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	1 KB
2	yimg.com s.yimg.com	7 KB
2	googleadservices.com 1 redirects www.googleadservices.com	15 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	240 B
1	teads.tv sync.teads.tv	172 B
1	id5-sync.com id5-sync.com	1009 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	agkn.com 1 redirects aa.agkn.com	342 B
1	userreport.com pdw-adf.userreport.com	444 B
1	pubmatic.com simage2.pubmatic.com	543 B
1	krxd.net beacon.krxd.net	337 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	openx.net eu-u.openx.net	274 B
1	rlcdn.com idsync.rlcdn.com
1	emxdgt.com e1.emxdgt.com	59 B
1	stickyadstv.com ads.stickyadstv.com	712 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	522 B
1	seadform.net server.seadform.net	344 B
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	672 B
1	adclickafrica.com attribution.adclickafrica.com
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	herokuapp.com coronavirus-19-api.herokuapp.com	51 KB
1	azurewebsites.net allegraprod-bonitasapi.azurewebsites.net	47 KB
1	apple.com developer.apple.com	12 KB
1	gstatic.com fonts.gstatic.com	117 KB
1	hotjar.io vc.hotjar.io	256 B
178	72

	Domain	Requested by
58	www.bonitas.co.za	1 redirects www.bonitas.co.za
13	vroomf.chat	1 redirects www.bonitas.co.za vroomf.chat
12	c1.adform.net	2 redirects s2.adform.net c1.adform.net
6	s.adroll.com	2 redirects www.googletagmanager.com www.bonitas.co.za s.adroll.com
5	cm.adsafety.net	5 redirects
5	uipglob.semasio.net	4 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.bonitas.co.za
4	www.googletagmanager.com	www.bonitas.co.za www.googletagmanager.com track.adform.net
4	maps.googleapis.com	www.bonitas.co.za maps.googleapis.com
3	allegradocstorage.blob.core.windows.net	www.bonitas.co.za
3	secure.adnxs.com	2 redirects c1.adform.net
3	match.adsrvr.org	3 redirects
3	track.adform.net	1 redirects www.bonitas.co.za s2.adform.net
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.bonitas.co.za
3	www.google.de	www.googletagmanager.com www.bonitas.co.za
3	www.google.com	1 redirects www.bonitas.co.za
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.facebook.com	www.bonitas.co.za
2	stats.g.doubleclick.net	www.googletagmanager.com www.bonitas.co.za
2	px.ads.linkedin.com	2 redirects
2	s.yimg.com	www.bonitas.co.za
2	s2.adform.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	www.bonitas.co.za
1	d.adroll.com	s.adroll.com
1	sp.analytics.yahoo.com	www.bonitas.co.za
1	fonts.googleapis.com	vroomf.chat
1	analytics.google.com	www.googletagmanager.com
1	t.co	www.bonitas.co.za
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	www.bonitas.co.za
1	www.linkedin.com	1 redirects
1	attribution.adclickafrica.com	www.bonitas.co.za
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	coronavirus-19-api.herokuapp.com	www.bonitas.co.za
1	allegraprod-bonitasapi.azurewebsites.net	www.bonitas.co.za
1	developer.apple.com	www.bonitas.co.za
1	play.google.com	www.bonitas.co.za
1	fonts.gstatic.com	www.bonitas.co.za
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.bonitas.co.za
0	dc.ads.linkedin.com Failed	www.googletagmanager.com
178	92

This site contains links to these domains. Also see Links.

Domain
wa.me
www.facebook.com
www.instagram.com
twitter.com
play.google.com
bonit.as

Subject Issuer	Validity	Valid
bonitas.co.za Go Daddy Secure Certificate Authority - G2	`2021-11-12` - `2022-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
developer.apple.com Apple Public EV Server ECC CA 1 - G1	`2021-11-05` - `2022-12-05`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.vroomf.chat Sectigo RSA Domain Validation Secure Server CA	`2021-02-26` - `2022-03-28`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-01` - `2021-12-29`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
attribution.adclickafrica.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-20` - `2022-02-09`	2 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-12-09` - `2022-12-09`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.bonitas.co.za/
Frame ID: EEA5D21A542A5B8B288790DBD0BB907A
Requests: 112 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 6FD205B858FA214E996C8233193C0389
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NCQZQ9L
Frame ID: 0E4A5486BB9FAA4EA419056B8662F919
Requests: 4 HTTP requests in this frame

Frame: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
Frame ID: 022C4F0DBF34A9BE599E17273BA0B3C8
Requests: 13 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=1784238&lid=62897859&ctype=0&media=0&PageName=%2f&rnd=1447821465&cpref=&loc=https%3a%2f%2fwww.bonitas.co.za%2f
Frame ID: 79BD21919B4BC3A04141F328A81C7072
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Frame ID: 50770CDEB863147601763E1A12E9B23A
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bonitas - Home

Page URL History Show full URLs

http://www.bonitas.co.za/ HTTP 301
https://www.bonitas.co.za/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

178
Requests

83 %
HTTPS

23 %
IPv6

72
Domains

92
Subdomains

69
IPs

10
Countries

17424 kB
Transfer

22889 kB
Size

107
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/27600702491

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BonitasMedical/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bonitasmedicalaid/

Search URL Search Domain Scan URL

URL: https://twitter.com/BonitasMedical

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=co.za.bonitas.memberapp&utm_source=www.bonitas.co.za&utm_campaign=Initial%20Release&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://bonit.as/ios

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bonitas.co.za/ HTTP 301
https://www.bonitas.co.za/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://vroomf.chat/bot-public-async?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9 HTTP 301
https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9

Request Chain 70

https://www.googleadservices.com/pagead/conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=qtzCYdjYO6_Fx_APxfSUqAw&random=445498009&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445498009&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=qtzCYdjYO6_Fx_APxfSUqAw&random=2893941736 HTTP 302
https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445498009&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=qtzCYdjYO6_Fx_APxfSUqAw&random=2893941736&ipr=y&prhg=0

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1344305%26time%3D1640160427057%26url%3Dhttps%253A%252F%252Fwww.bonitas.co.za%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJql0SgodebJgAAAX3hLf29afMdKrIATjTO8GVnsY4CPzWRo6plWMNGYl8z8dWKMGYqzZo

Request Chain 108

https://s.adroll.com/j/exp/LYHCFNKWJ5DUPM22D44OHG/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 109

https://s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 111

https://s2.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F HTTP 301
https://track.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F

Request Chain 127

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2368857601535687282&Expiration=1641370027 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2368857601535687282&Expiration=1641370027

Request Chain 130

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2368857601535687282&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2368857601535687282&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=215b82bfc7dd487c8ef0c88aa6ecdfd0 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=715557576788096bc6dbc7d078c02a336efd2a90ddbdde20a2c3eba198b1a7f5

Request Chain 132

https://pixel.advertising.com/ups/55944/sync?uid=2368857601535687282&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=2368857601535687282&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2368857601535687282&_origin=1&apid=UP28151bea-62fe-11ec-ab10-06719bfa7d96

Request Chain 134

https://x.bidswitch.net/sync?dsp_id=70&user_id=2368857601535687282 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2368857601535687282 HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=b9cb1d2d-0bca-4950-843d-e4f52a7d8280&gdpr=&gdpr_consent=

Request Chain 135

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2368857601535687282&expiration=1641370027 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2368857601535687282&expiration=1641370027&C=1

Request Chain 136

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2368857601535687282&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2368857601535687282&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=ef4c61c2-dcab-4d00-8c44-e191872c803d&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RjBGRUE1MTNCNkRBODYyQg&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEDd7mLoMz7Jgr7-Gs03rlOA&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 138

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2368857601535687282 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2368857601535687282&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 140

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2368857601535687282 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2368857601535687282

Request Chain 143

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 144

https://pixel.onaudience.com/?mapped=2368857601535687282&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e87589f83fcbef0e430858d85e446665

Request Chain 145

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2368857601535687282 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12021122208497bf7dffacea542747&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=a1bd1b47ee9d075a9683818b80f1f180 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021122208497bf7dffacea542747&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=a1bd1b47ee9d075a9683818b80f1f180&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMjIwODQ5N2JmN2RmZmFjZWE1NDI3NDc HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEF_J2WoSfYKErKDCUFYyRJk&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021122208497bf7dffacea542747 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2368857601535687282 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7044435394174646413

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjM2ODg1NzYwMTUzNTY4NzI4Mg HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMCKHo5Iw-EtjeS6-fsZg&google_cver=1&google_ula=1641347,0

Request Chain 149

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=6397985625492573019&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2368857601535687282

Request Chain 152

https://a.audrte.com/a?adform_uid=2368857601535687282 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEKfe5PfpztwldfufRe5v1d0&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=6d3ogrgcWSmSJaByYlKr-4PQQ&gdpr=0&gdpr_consent=

Request Chain 153

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2368857601535687282&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2368857601535687282&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=57544888270214458482492210611733389820&noredirect=1

Request Chain 154

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2368857601535687282 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000304008000106926

Request Chain 155

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7044435394174646413

Request Chain 157

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=ef4c61c2-dcab-4d00-8c44-e191872c803d

Request Chain 158

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=LJloyVC61MZWEr5

Request Chain 159

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2

Request Chain 162

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3704542060 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TtALoL71Qk6YXv6SK8yvru

Request Chain 164

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2368857601535687282 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2368857601535687282&cs=1

Request Chain 166

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2368857601535687282&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2368857601535687282&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=94c6690a-0077-4762-b783-38d67ab99a5e

Request Chain 168

https://eb2.3lift.com/xuid?mid=7354&xuid=2368857601535687282&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2368857601535687282&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

178 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.bonitas.co.za/
Redirect Chain

http://www.bonitas.co.za/
https://www.bonitas.co.za/

3 KB
2 KB

748ms
197ms

Document
text/html

102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0843ac69ebc1702b76b63d686c50d51c2ff87e8954f11e20bd2aa5b6f4afa27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Length: 1513
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 14:27:50 GMT
Accept-Ranges: bytes
ETag: "0f719f0bff1d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 22 Dec 2021 08:07:04 GMT

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.bonitas.co.za/
Date: Wed, 22 Dec 2021 08:07:02 GMT
Content-Length: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 155 KB
51 KB 71ms
48ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c7c8d61d7bf271f8bec16e596eea722269fc0d437e9d97514de7f6b571b90eaf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:04 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51800
x-xss-protection: 0
expires: Wed, 22 Dec 2021 08:37:04 GMT

GET
H/1.1 200
OK runtime.9b0d84f95424ed33.js Show response
www.bonitas.co.za/ 4 KB
2 KB 185ms
184ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02807ddfc207f8bebcf48bb3bcc4b5b24443245cb1f5d13d8358ace71f35c20a

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:04 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2083

GET
H/1.1 200
OK polyfills.c40ca61c3ecc6dbe.js Show response
www.bonitas.co.za/ 65 KB
23 KB 748ms
197ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/polyfills.c40ca61c3ecc6dbe.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a91089616f0e25161efb2efb13fdd1767835a8724dd1cc7f971df2f86fc84716

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:04 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 23437

GET
H/1.1 200
OK main.fe2abe9d16e20ae7.js Show response
www.bonitas.co.za/ 717 KB
189 KB 737ms
186ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/main.fe2abe9d16e20ae7.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8914cd09482b7496bf327639f526b384da9183873289e46a86dbe48963deedc0

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:04 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 193400

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 35ms
18ms XHR
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bonitas.co.za
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 hotjar-1949475.js Show response
static.hotjar.com/c/ 17 KB
5 KB 59ms
39ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1949475.js?sv=6

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

cc4d6ac1638f8a7464dc98f643bd3502dec0fdb86d4c8fb5df0b66fe39139874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/98aca4556e904c3b663c7ff1ae49cb16
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0OuXtEHbhB1o_f9VJ7G4bQTbBjtUJloyLs7ywqfFicbvw0VQ2no6Kg==
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)

GET
H/1.1 200
OK styles.9e98e6c2aaf24bab.css
www.bonitas.co.za/ 164 KB
20 KB 750ms
184ms Stylesheet
text/css 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/styles.9e98e6c2aaf24bab.css
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7705a2a83ae73b7228735c72e017b51b5b8521129bdcbabe79728976d749b3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:04 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19834

GET
H/1.1 200
OK Facit-Light.ec86bffe005047cf.otf
www.bonitas.co.za/ 76 KB
76 KB 267ms
184ms Font
application/x-font-opentype 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/Facit-Light.ec86bffe005047cf.otf
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3944efd7e4e5bda036f898b0eff195390ebb7bac69588c61b242a135e1b01ef1

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:04 GMT
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bcc1e7bff1d71:0"
Content-Type: application/x-font-opentype
Accept-Ranges: bytes
Content-Length: 77840

GET
H2 200 modules.6d5409da698bc5e020b1.js Show response
script.hotjar.com/ 228 KB
60 KB 28ms
9ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d5409da698bc5e020b1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1949475.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 16:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57418
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61259
access-control-allow-origin: *
last-modified: Tue, 21 Dec 2021 16:09:54 GMT
etag: "a250696209ae851dce97a4101057f333"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: PSW4tI_le_BDlrE6vATaAielqURKyrMsCwctPw6WwY3GCtfLGfFcwA==

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 6FD2 2 KB
1 KB 26ms
7ms Document
text/html 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1949475.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 36G7Skig0bxX43cG_NGQ-T9_DzoACSbwJWdKR1stcq2zCBaXz9aOig==
age: 1700038

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1949475/ 146 B
323 B 95ms
33ms XHR
application/json 54.78.108.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1949475/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.108.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 22 Dec 2021 08:07:05 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1949475 Show response
vc.hotjar.io/sessions/ 0
256 B 51ms
33ms XHR
text/plain 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1949475?s=0.25&r=0.1897921504812745
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:04 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: VpLogMg2xdxMl2VaY_Gp52UtL2EktpwUOgNXrrpdfzOCqWcBK93s5g==

GET
H/1.1 200
OK becomeaMember.png
www.bonitas.co.za/assets/images/icons/ 26 KB
26 KB 186ms
186ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/becomeaMember.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a4406468b3e794fccd0a8e07d601e150dc1fda0d792e85b9f13785a2f51d752e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 26724

GET
H/1.1 200
OK ComparePlans.png
www.bonitas.co.za/assets/images/icons/ 11 KB
11 KB 185ms
185ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/ComparePlans.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1209d77855724a24ef3e4391b6820edfa6055766915f19c31170cb304290e833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11171

GET
H/1.1 200
OK Chat_red.png
www.bonitas.co.za/assets/images/icons/ 8 KB
8 KB 186ms
185ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/Chat_red.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3b04e553ddae6756a8df2b8d05c287096744d5e09f2c24db460d921c807aedf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8190

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v118/ 117 KB
117 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c67479abb64a499bf624ccac92a3c813fb2630e8d8a81325ddda62231e0da82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 21:16:09 GMT
x-content-type-options: nosniff
age: 39057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119332
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:45:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 21:16:09 GMT

GET
H/1.1 200
OK Facit-Bold.6dbc034833e078b3.otf
www.bonitas.co.za/ 77 KB
77 KB 183ms
183ms Font
application/x-font-opentype 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/Facit-Bold.6dbc034833e078b3.otf
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 745c3792deda85051c00a846cdb22e9ae652ed4689f7ff6534799d78ceba0a4c

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bcc1e7bff1d71:0"
Content-Type: application/x-font-opentype
Accept-Ranges: bytes
Content-Length: 78544

GET
H/1.1 200
OK 162.877d2aa61ed4622d.js Show response
www.bonitas.co.za/ 42 KB
15 KB 196ms
195ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/162.877d2aa61ed4622d.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6c1ea6271c36d2ccdf1d2da4ff7b901382e08420026579dab60be8d433076d3b

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 15314

GET
H/1.1 200
OK common.6598674a15eec445.js Show response
www.bonitas.co.za/ 640 B
863 B 283ms
186ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/common.6598674a15eec445.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 88a6fde816b28717ac9014e0c1d93cace2e7822072a6962ff54d3d90771523b0

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 554

GET
H/1.1 200
OK 819.1afdfea40c3d9a45.js Show response
www.bonitas.co.za/ 296 KB
54 KB 286ms
183ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/819.1afdfea40c3d9a45.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51b909f3c39c4a74aef028e78bae8714d2dc233864c83a1bf9581d3ddb947082

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 55331

GET
H/1.1 200
OK Bonitas_2020_black.svg
www.bonitas.co.za/assets/images/ 11 KB
5 KB 384ms
188ms Image
image/svg+xml 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/Bonitas_2020_black.svg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 79f1f2ac457d293d5f391f2ea8f6f9201c26da424dbea3d2b798796f05e69798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0aa2c30bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4974

GET
H/1.1 200
OK whatsapp-icon.png
www.bonitas.co.za/assets/images/ 2 KB
3 KB 289ms
183ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/whatsapp-icon.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ee5d5c39b6cb534bea686be729a6d8eeb9c1d6d31c7e667dd36586cba82bae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:05 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0d75d31bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2438

GET
H2 200 en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 14 KB
14 KB 455ms
15ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 05:15:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to: {"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type: image/png
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13957
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/play_google"
expires: Wed, 22 Dec 2021 08:07:06 GMT

GET
H/1.1 200
OK badge-download-on-the-app-store.svg
developer.apple.com/app-store/marketing/guidelines/images/ 11 KB
12 KB 475ms
16ms Image
image/svg+xml 17.253.57.201
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://developer.apple.com/app-store/marketing/guidelines/images/badge-download-on-the-app-store.svg

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

17.253.57.201 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

defra3-vip-bx-001.aaplimg.com

Software

Apple /

Resource Hash

a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://.apple.com http://.apple.com https://.mzstatic.com https://.apple-mapkit.com https://p-events-delivery.akamaized.net http://p-events-delivery.akamaized.net https://apple-events.akamaized.net https://mediaservices.cdn-apple.com http://mediaservices.cdn-apple.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

rqId: 73ee4c3906d1bad36e9588583c0c46ef
Date: Wed, 22 Dec 2021 07:58:43 GMT
Via: http/1.1 defra3-edge-lx-012.ts.apple.com (ApacheTrafficServer/9.0.3), http/1.1 defra3-edge-bx-003.ts.apple.com (ApacheTrafficServer/9.0.3)
X-Content-Type-Options: nosniff
Age: 503
CDNUUID: 62c04a6b-8a2c-4e7e-b07b-5e0a58f00c8f-6103459172
X-Cache: hit-fresh, hit-fresh
Connection: keep-alive
Content-Length: 10804
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 29 Oct 2021 17:44:46 GMT
Server: Apple
Host: developer.apple.com
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://developer2.apple.com
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.apple.com http://*.apple.com https://*.mzstatic.com https://*.apple-mapkit.com https://p-events-delivery.akamaized.net http://p-events-delivery.akamaized.net https://apple-events.akamaized.net https://mediaservices.cdn-apple.com http://mediaservices.cdn-apple.com
Accept-Ranges: bytes

GET
H/1.1 200
OK News Show response
allegraprod-bonitasapi.azurewebsites.net/api/v1/ 110 KB
47 KB 831ms
215ms XHR
application/json 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://allegraprod-bonitasapi.azurewebsites.net/api/v1/News
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills.c40ca61c3ecc6dbe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: bd2694cb9eadc437edd37fb7a2d2df68f829a6910234e5741999698ea649d6f7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
Content-Encoding: gzip
Server: Kestrel
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
AllegraCorrelationId: e09693d7-0aa0-48c4-8028-dbdc6e0765ee
Cache-Control: no-store, no-cache, max-age=0
Transfer-Encoding: chunked
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
77 KB 66ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/main.fe2abe9d16e20ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a367a391a2a9b0021113bc350629ea056b9dc46c5ac7f8832d303998f40de26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78406
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Dec 2021 08:07:06 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 0E4A 647 B
726 B 40ms
17ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-NCQZQ9L

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/main.fe2abe9d16e20ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b088d9c8c9d4653ebef16a3ba3eb424928f5e15fe2a7bf671e849cb0b5b54b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Wed, 22 Dec 2021 08:07:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 106.e95b33a2b29633cc.js Show response
www.bonitas.co.za/ 678 B
803 B 192ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/106.e95b33a2b29633cc.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ef952d1e14f1312ee0e870a3836639640090ddef88a752d0f49fb1dcf41b0e2

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 494

GET
H/1.1 200
OK 904.b1267f890f7448ff.js Show response
www.bonitas.co.za/ 21 KB
5 KB 193ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/904.b1267f890f7448ff.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96138a0a29f44a2b5053c2bbad34dc114ffdcdac779c05e78be5fee11f7e164c

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4917

GET
H/1.1 200
OK 205.3d7233eb71b1ab34.js Show response
www.bonitas.co.za/ 20 KB
5 KB 190ms
183ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/205.3d7233eb71b1ab34.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28a02e821466fe4f2e6bb7062c3ca6c9ec84287505d81d640f6e311d0f62e544

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4506

GET
H/1.1 200
OK 976.d4609df01fac5f6e.js Show response
www.bonitas.co.za/ 22 KB
6 KB 191ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/976.d4609df01fac5f6e.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a45ea61ec46130e3a6ee9cbced04d51f52d3bf7be442b776718d152e1a6fe15

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 5325

GET
H/1.1 200
OK 649.9e1e019d52170010.js Show response
www.bonitas.co.za/ 13 KB
5 KB 190ms
183ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/649.9e1e019d52170010.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 05399a97465dbfd9fdad187023d3398664bb110b7ee6f59559f25f68d1112947

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4463

GET
H/1.1 200
OK 52.b44697963fa3a90a.js Show response
www.bonitas.co.za/ 55 KB
10 KB 194ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/52.b44697963fa3a90a.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec22ebed27d1fcb5cbf3dccb8f1f35d6cdece4db6fe2a02114572a9683f6e9b7

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 9804

GET
H/1.1 200
OK 921.0846e3feb44df85d.js Show response
www.bonitas.co.za/ 14 KB
4 KB 380ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/921.0846e3feb44df85d.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2a0bf9365234106a3df5c55d7180577255200be17ed591013f08f4cf56078106

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4021

GET
H/1.1 200
OK 129.5f288976c4790fde.js Show response
www.bonitas.co.za/ 4 KB
2 KB 379ms
184ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/129.5f288976c4790fde.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7e634f731923bd14d1cd08e4c01f37e8539f911751e67b4ce943178f3ab92964

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1230

GET
H/1.1 200
OK 125.7f21335ce6a05d22.js Show response
www.bonitas.co.za/ 15 KB
5 KB 379ms
183ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/125.7f21335ce6a05d22.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1505d58f4f98e920029a243d66fc9ae368cd206ad776f859e72eb0f6ec7a2658

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4627

GET
H/1.1 200
OK 190.88be6595dd26e80f.js Show response
www.bonitas.co.za/ 70 KB
17 KB 388ms
193ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/190.88be6595dd26e80f.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 87f28dc9b0006ea0e2a93f2230d241a814ba15d4dabe2b207440e6ee4a25fddc

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 17230

GET
H/1.1 200
OK 901.9082f2b3d3fa6cb4.js Show response
www.bonitas.co.za/ 19 KB
5 KB 385ms
190ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/901.9082f2b3d3fa6cb4.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 61847304339fb69360e0213db76c2eb1fc68fa4626a5b9919b2fe7fbb670f91d

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4841

GET
H/1.1 200
OK 919.c4f50254449232f5.js Show response
www.bonitas.co.za/ 93 KB
17 KB 385ms
190ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/919.c4f50254449232f5.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b20dab8c88aa0b7b0d8abda105f6ff08fb7cd06ec3cf532871734b3bfcb58ebf

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 16904

GET
H/1.1 200
OK 858.6de2b90fa5b116d9.js Show response
www.bonitas.co.za/ 2 MB
999 KB 567ms
186ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/858.6de2b90fa5b116d9.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc38dd34bef7c2328f4e6af8ee0c7c1d63989addc8f6ae3774648835fea79378

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1022751

GET
H/1.1 200
OK 783.1234f9e007bf3cdc.js Show response
www.bonitas.co.za/ 51 KB
8 KB 566ms
184ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/783.1234f9e007bf3cdc.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a31038ffb654086a842132ecf4af54c6253834bb9126fbf32d4fee5e67b685c4

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 8035

GET
H/1.1 200
OK 879.e3ef00f98e7ee867.js Show response
www.bonitas.co.za/ 150 KB
37 KB 567ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/879.e3ef00f98e7ee867.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bb4402f2da02bf096efbf8dc465cfb290bc3cf52052eda6009de7e8bc21b795b

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 37965

GET
H/1.1 200
OK 701.577d3a90c26f47eb.js Show response
www.bonitas.co.za/ 8 KB
3 KB 573ms
188ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/701.577d3a90c26f47eb.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e976c2a1f5b7232f9059a62e4119e2e51a5910e72ac70897a16c95b3ea1a95f0

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2546

GET
H/1.1 200
OK 514.c25fadee3345e895.js Show response
www.bonitas.co.za/ 18 KB
5 KB 575ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/514.c25fadee3345e895.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4b649d17f3d7a8ab0f74ffcc25134664ac9c481bab977fb700df2c844dfebdac

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 4453

GET
H/1.1 200
OK 220.38ea89f14b4d2a56.js Show response
www.bonitas.co.za/ 9 KB
3 KB 573ms
185ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/220.38ea89f14b4d2a56.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 11eb8a5c07871ec5540cf7724f99669c0872dc9d42ce462c52ebe5d2c7db5d90

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2897

GET
H/1.1 200
OK 651.5a58fcfd166541aa.js Show response
www.bonitas.co.za/ 21 KB
7 KB 754ms
187ms Script
application/x-javascript 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonitas.co.za/651.5a58fcfd166541aa.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/runtime.9b0d84f95424ed33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 383a9878a15ced7cbc9067d7df5398ff1046be7c61cbedfbf843623470f681ef

Request headers

Referer: https://www.bonitas.co.za/
Origin: https://www.bonitas.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Content-Encoding: gzip
ETag: "0bcc1e7bff1d71:0"
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 7045

GET
H/1.1 200
OK countries Show response
coronavirus-19-api.herokuapp.com/ 50 KB
51 KB 244ms
58ms XHR
application/json 34.241.115.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-19-api.herokuapp.com/countries
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills.c40ca61c3ecc6dbe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-115-67.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 8fb31fedd88595031fad6a5a2b2e5b51fe85b61bb8481414f4132437775580fe

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Via: 1.1 vegur
Etag: W/"c9e8-3dEnhowKyzgGBcuF8urdfqZfytY"
Server: Cowboy
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 51688

GET
H/1.1 200
OK become.png
www.bonitas.co.za/assets/images/icons/ 13 KB
14 KB 683ms
189ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/become.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 64a2b5ad446a2647712d60a930f2c237587c505682ca04e5601110909bd1abd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13813

GET
H/1.1 200
OK member.png
www.bonitas.co.za/assets/images/icons/ 23 KB
23 KB 1062ms
193ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/member.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 839fefbdb2b03b89119c6dc1ff9d6c66dd10fe2835cef596fd37b5da6346a091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23799

GET
H/1.1 200
OK broker.png
www.bonitas.co.za/assets/images/icons/ 11 KB
11 KB 682ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/broker.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1ee68bebd775f0121e62c53aadb925deebdb19f79952111b0afa853ebf6826a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11477

GET
H/1.1 200
OK pencil_2.png
www.bonitas.co.za/assets/images/icons/ 8 KB
8 KB 873ms
187ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/pencil_2.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7013433e1931b20909c73255d0aa4888c08671cddc71eafb6265087f6087d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7891

GET
H/1.1 200
OK hand.png
www.bonitas.co.za/assets/images/icons/ 10 KB
10 KB 195ms
194ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/hand.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 41845eade630e030c4009cbcdcdcbf28424b8c43b3e3fccf89b5bae69b10cab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9755

GET
H/1.1 200
OK phone.png
www.bonitas.co.za/assets/images/icons/ 6 KB
6 KB 185ms
185ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/phone.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e5a4b3fbfa5d3f9064b7a0e4a30b9bbff6efd0e80cda7d0fd78f3b4826302e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6314

GET
H/1.1 200
OK heart.png
www.bonitas.co.za/assets/images/icons/ 19 KB
19 KB 188ms
187ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/heart.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cbe2fb7771425ce457a50d2d6433f7e1773f502cc8464ad93ec61bc1a25bfd9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19535

GET
H/1.1 200
OK family_1.png
www.bonitas.co.za/assets/images/icons/ 30 KB
30 KB 189ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/family_1.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 27514863c6aba98470374f94dab474ff13511e727f0f4271195f220c47385cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 30552

GET
H/1.1 200
OK pencil.png
www.bonitas.co.za/assets/images/icons/ 8 KB
8 KB 195ms
194ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/pencil.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ffdedc21b585655885ef4f2ef299d6d7388b0d24b5254f29713767665770158

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7952

GET
H/1.1 200
OK page.png
www.bonitas.co.za/assets/images/icons/ 5 KB
5 KB 185ms
184ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/page.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c480de58f48b0f6a9a60e3babb0685dad925029863e979e2d65de6acef66e5d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5221

GET
H/1.1 200
OK whatsapp.png
www.bonitas.co.za/assets/images/icons/ 19 KB
19 KB 188ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/whatsapp.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5ed9e9d957a4d5501bc133a57c9fce04a7f8d16b444b2b6a25e8de2a6decbb64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19071

GET
H/1.1 200
OK app.png
www.bonitas.co.za/assets/images/icons/ 27 KB
27 KB 188ms
188ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/app.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f9142887fe8a25c736700c28b55830afd32b88b1bac357cea778ae8a257bf89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27143

GET
H/1.1 200
OK doc.png
www.bonitas.co.za/assets/images/icons/ 12 KB
12 KB 185ms
184ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/doc.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28d166edeac9c9678740436619af0e7f624944dfe33044078595f049ebf0626e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12236

GET
H/1.1 200
OK 2022_Banner.e591ac0b32df022c.png
www.bonitas.co.za/ 2 MB
2 MB 676ms
189ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/2022_Banner.e591ac0b32df022c.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de518464e7f9cf3679e05c4fbd7e1ece765544fd8d4c834f05710275aaac1f31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bcc1e7bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2341881

GET
H/1.1 200
OK Banner_2.1358563f73237b51.png
www.bonitas.co.za/ 186 KB
187 KB 870ms
184ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/Banner_2.1358563f73237b51.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b93392783f8c3940f7d6267a8d16cc48976992f496379dd669b0c5fd9352736b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:06 GMT
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bcc1e7bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 190864

GET
H/1.1 200
OK Banner_1.10f2abafaac224c4.png
www.bonitas.co.za/ 2 MB
2 MB 861ms
186ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/Banner_1.10f2abafaac224c4.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8fbbd65998c3565174682d1a80dea049c341bffd0de489693fc68f69d0193692

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bcc1e7bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2402061

GET
H/1.1 200
OK running.87c74297ae4bd106.jpg
www.bonitas.co.za/ 81 KB
82 KB 684ms
188ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/running.87c74297ae4bd106.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f1ed18c3388b389184887a08a7957f5f5b8e8af344c0889cb82da2efe21e0163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:27:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0bcc1e7bff1d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 83269

GET
H/1.1 200
OK BonStart.jpg
www.bonitas.co.za/assets/plans-2022/plans/ 2 MB
2 MB 186ms
186ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/plans-2022/plans/BonStart.jpg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f7e2c0a599f33b8dd7324284ef0a33c0c54f934ae8d754e3c0cc60aea63c53f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0d75d31bff1d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1745568

GET
H/1.1 200
OK Primary.jpeg
www.bonitas.co.za/assets/plans-2022/plans/ 1 MB
1 MB 186ms
185ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/plans-2022/plans/Primary.jpeg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8b4ed4afd776eb5926fe34a60658a50b7144e517e50ad1c7c756b33f39082d0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0d75d31bff1d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1350810

GET
H/1.1 200
OK BonFit.jpeg
www.bonitas.co.za/assets/plans-2022/plans/ 1020 KB
1020 KB 191ms
190ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/plans-2022/plans/BonFit.jpeg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 665c9e17cbf7805a04cae6c8c7fc50927eb63f6658a4cdcad23bcf43cfce6a33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:08 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0d75d31bff1d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1044155

GET
H/1.1 200
OK BonEssential.jpeg
www.bonitas.co.za/assets/plans-2022/plans/ 557 KB
558 KB 191ms
191ms Image
image/jpeg 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/plans-2022/plans/BonEssential.jpeg
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3bf32e5c803aea454ce4120293f7aed6c5dc33efd6f88855cb40adfa6f46f9b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:08 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0d75d31bff1d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 570878

GET
H/1.1 200
OK covid.png
www.bonitas.co.za/assets/images/icons/ 528 KB
528 KB 192ms
191ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/covid.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4b20cdee3e0928113e52b5f47160a4519898c94f0ec2f8e3b843877ec59bbfab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 540499

GET
H2

200

/ Show response
vroomf.chat/bot-public-async/ Frame 022C
Redirect Chain

https://vroomf.chat/bot-public-async?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MD...
https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2M...

23 KB
5 KB

11ms
11ms

Document
text/html

93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/main.fe2abe9d16e20ae7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bcfe8e04f38284480eb9797b45616b25206c047d2e3d14dfad8d9a4124980ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 11:38:39 GMT
accept-ranges: bytes
etag: "804954fa5eebd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
strict-transport-security: max-age=0
date: Wed, 22 Dec 2021 08:06:33 GMT
content-length: 4768

Redirect headers

content-type: text/html; charset=UTF-8
location: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
strict-transport-security: max-age=0
date: Wed, 22 Dec 2021 08:06:33 GMT
content-length: 551

GET
H2

200

/
www.google.de/pagead/1p-conversion/696255034/ Frame 0E4A
Redirect Chain

https://www.googleadservices.com/pagead/conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=qtzC...
https://www.google.com/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445498009&sscte=1&crd=CNP...
https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445498009&sscte=1&crd=CNPg...

42 B
154 B

20ms
20ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445498009&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=qtzCYdjYO6_Fx_APxfSUqAw&random=2893941736&ipr=y&prhg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-NCQZQ9L

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/696255034/?url=https%3A%2F%2Fwww.bonitas.co.za%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445498009&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=qtzCYdjYO6_Fx_APxfSUqAw&random=2893941736&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
dc.ads.linkedin.com/collect/ Frame 0E4A 0
0

GET 0
bat.bing.com/action/ Frame 0E4A 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3961
date: Wed, 22 Dec 2021 07:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Dec 2021 09:01:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4RGMBCREE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88ea777c28c6968f779850842ce81426b9a4720252b17c491414c3877c67d21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62365
x-xss-protection: 0
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 33ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000063-IAD, cache-hhn11558-HHN

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 79 KB
28 KB 126ms
23ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:16 GMT
server: nginx
etag: W/"613888fc-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 39ms
17ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: RpBT1URhAGvjB4BZvoZ9MEoP9ZpiGo+5WLD2MOvPX8GQ8ciQVssWcOHADQiTp4Fk4a8ga4uw5ewjVRR64+05Ww==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Dec 2021 08:07:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 30ms
9ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=20824
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 37ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:06 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 308CC3EDDFAB4352AEC9E1D172AD7A66 Ref B: FRAEDGE1413 Ref C: 2021-12-22T08:07:07Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 400 .js
attribution.adclickafrica.com/d/ 0
0 482ms
11ms Script
text/html 18.195.123.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://attribution.adclickafrica.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.bonitas.co.za%2F&opt=Bonitas%20-%20Home&t=1640160427001
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 41ms
15ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 22 Dec 2021 07:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1594
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: 89NFelfnVoiaYpDmN3jfcYKMSU6/tf234jeP9eviwYggIG6vwo2pQ2fwJBGaNTpthXceWVv9Ddw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: PQN7ASG9CKVAHC8Z
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 45 KB
15 KB 60ms
9ms Script
text/javascript 2600:9000:2156:1600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCQZQ9L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3f2ab52b3d6c9aa91f70abee6b043536572dbd61df0a4692fae2ea3fa370ae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: MWqkRO6_H6LFWMG7znvACDwpQU7EEcnz
Content-Encoding: gzip
Etag: W/"c74adc5a38d928e9ea66fc212e89e1a7"
Age: 3576
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Dec 2021 16:55:15 GMT
Server: AmazonS3
Date: Wed, 22 Dec 2021 07:07:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fqVBauTjrcHe0Bu_lbZFa4MFU3_GK89aAAm7jHDrN_axsGDgS312KQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1344305%26time%3D1640160427057%26url%3Dhttps%253A%252F%252Fwww.bonitas.co.za%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJql0SgodebJgAAAX3hLf29afMdKrIATjTO8GVnsY4CPzWRo6plWMNGYl8z...

0
155 B

319ms
119ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJql0SgodebJgAAAX3hLf29afMdKrIATjTO8GVnsY4CPzWRo6plWMNGYl8z8dWKMGYqzZo
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: M2lLFzgFwxawVMSt7ioAAA==

Redirect headers

date: Wed, 22 Dec 2021 08:07:07 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1426917038FC4FABB260E9D5A907BD60 Ref B: FRAEDGE1416 Ref C: 2021-12-22T08:07:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1344305&time=1640160427057&url=https%3A%2F%2Fwww.bonitas.co.za%2F&liSync=true&e_ipv6=AQJql0SgodebJgAAAX3hLf29afMdKrIATjTO8GVnsY4CPzWRo6plWMNGYl8z8dWKMGYqzZo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTt5um6BE0lgYukD63TQ==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: VGGoa+NHi88px4iqo4RoXjN5drSGVTZH0Fz3NMiz7trn7Or+xnnUC4LrJAWc3DX32PM9okmCLS/fCDZCaCkrmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Dec 2021 08:07:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2426838540956198 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 82ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2426838540956198?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ea73e867471e61734d77e381e5110efccc887e97e86953d1157be7d455cd3b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6tOsDqhxusL2YgLISw1YSOTPyoud2u8nyMqM+efC5+VJ0tptvm+IBQ55AKVHkpCZzKnhg4kqp93ObNb0Tex2VA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Dec 2021 08:07:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
672 B 142ms
124ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o245m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6a469417-1965-4411-9675-5e1e4e30d44a&tw_document_href=https%3A%2F%2Fwww.bonitas.co.za%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Wed, 22 Dec 2021 08:07:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0cedfc9607a3dad6810ca2e2aeaff5d7be97a3fd527605564d93d9730acff540
x-transaction: 04bab04e121b8c54
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 145ms
121ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o245m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6a469417-1965-4411-9675-5e1e4e30d44a&tw_document_href=https%3A%2F%2Fwww.bonitas.co.za%2F

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Wed, 22 Dec 2021 08:07:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b4dee612e5e323ef3593b2d90c780c76325cbc54a7c6a290268970e2c5a05173
x-transaction: 9d73a2fd5d3b8beb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 34ms
19ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KNGHR3B&t=gtm4&cid=2104091567.1640160427

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a70afe08e0c4b8b207255f4d8da450b8eeeb6b1e0d29393e7d770815f2f0b809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34934
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/ 2 KB
1016 B 42ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696255034/?random=1640160427147&cv=9&fst=1640160427147&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bonitas.co.za%2F&tiba=Bonitas%20-%20Home&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06dc0d91b07e0506364d4ae864bb817e6125b4cef0d48fd82d439e898e8c60ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 990
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 56ms
14ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y4RGMBCREE&gtm=2oec10&_p=1659384158&sr=1600x1200&_gaz=1&ul=en-us&cid=2104091567.1640160427&_s=1&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&dt=Bonitas%20-%20Home&sid=1640160426&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4RGMBCREE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 48ms
14ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4RGMBCREE&cid=2104091567.1640160427&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4RGMBCREE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 47ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4RGMBCREE&cid=2104091567.1640160427&gtm=2oec10&aip=1&z=1298749581

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 022C 708 B
869 B 46ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: vroomf.chat
URL: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41fca96ec6e235b3dcff4bc97f90e036a6063d578eeec6a8a035f31e3b78eccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 06:41:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Dec 2021 08:07:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H2 200 dropzone.min.css
vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/ Frame 022C 9 KB
2 KB 13ms
12ms Stylesheet
text/css 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/dropzone.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0b5b87c980c6ad00c093521b9ad9e45e75d3feedcf90cf70874864a4b321cbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8087672d94edd51:0"
vary: Accept-Encoding
content-type: text/css
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 1528

GET
H2 200 basic.min.css
vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/ Frame 022C 752 B
808 B 14ms
13ms Stylesheet
text/css 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/basic.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

34c3c9a77a061dc645fa3084b964bce8e8880f002fc4131e23bc3be7bfec1061

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "226782d94edd51:0"
content-type: text/css
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 752

GET
H2 200 jquery.min.js Show response
vroomf.chat/dark/vendors/bower_components/jquery/dist/ Frame 022C 82 KB
29 KB 15ms
14ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/jquery/dist/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8087672d94edd51:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 29628

GET
H2 200 dropzone.min.js Show response
vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/ Frame 022C 33 KB
10 KB 21ms
20ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/dark/vendors/bower_components/dropzone/dist/min/dropzone.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c2a99600e5492bff4c8c7f7f3715bdebc310a5196de915b5534dd2bf4e269481

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 17:34:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8087672d94edd51:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 10035

GET
H2 200 angular.js Show response
vroomf.chat/js/ Frame 022C 1 MB
320 KB 26ms
26ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/js/angular.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e7b2df78ad81bcea1b6105f65c8d5c9ba1fe6ea04f28482bd4a815ff3772712b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 07:55:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0ccd6a21efd61:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 327437

GET
H2 200 angular-route.js Show response
vroomf.chat/js/ Frame 022C 46 KB
12 KB 21ms
21ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/js/angular-route.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f565c417645339fadd3f9be2c40b4ba791405064c1e6a434ea3dc8dfa4cf6b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 07:55:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0aeb961efd61:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 12264

GET
H2 200 angular-sanitize.js Show response
vroomf.chat/js/ Frame 022C 33 KB
10 KB 21ms
21ms Script
application/javascript 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/js/angular-sanitize.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f4e4b2d52bf0f106ab135f3fb62bff84afd9a891b437f012c739f07da8d9ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 07:55:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80caf8ac1efd61:0"
vary: Accept-Encoding
content-type: application/javascript
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 10037

GET
H2 200 attach.png
vroomf.chat/bot-public-async/ Frame 022C 2 KB
2 KB 11ms
11ms Image
image/png 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vroomf.chat/bot-public-async/attach.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5cdb092fb9de6b7622f5ff47b1260b4958c5e9884a3c87eb6d5f40c682e8cd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Tue, 18 Aug 2020 09:43:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "fafb6724475d61:0"
content-type: image/png
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 2295

GET
H2 200 end.png
vroomf.chat/bot-public-async/ Frame 022C 4 KB
4 KB 11ms
11ms Image
image/png 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vroomf.chat/bot-public-async/end.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a0226b9e22040f6eeb6f263e74d56da81c7cd19900a7296529fa44d87fe67815

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Tue, 18 Aug 2020 09:43:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "5a4b7624475d61:0"
content-type: image/png
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 4231

GET
H2 200 powered-by-cagan-tech.png
vroomf.chat/img/ Frame 022C 9 KB
9 KB 12ms
11ms Image
image/png 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vroomf.chat/img/powered-by-cagan-tech.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d33846530edc2da1abbf19b8264d40287170bd90178ac75c517b6c715abb36a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
last-modified: Mon, 14 Jun 2021 11:21:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0677273f61d71:0"
content-type: image/png
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 9537

GET
H2 200 10091852.json Show response
s.yimg.com/wi/config/ 2 B
451 B 27ms
10ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10091852.json

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills.c40ca61c3ecc6dbe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 07:39:12 GMT
x-content-type-options: nosniff
age: 1675
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: M3W5F5ZKXBYDJHY1
x-amz-id-2: z2aCpzel42jmlRpEZIpIWoYyuaHYXpHWXVsRwCxCEv8bsyy9HkOCtdiA/wIoLF9m3+Qb+/FCEh8=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 204 137002139.js Show response
bat.bing.com/p/action/ 0
92 B 37ms
37ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/137002139.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Dec 2021 08:07:06 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E0A5768078D64A388933044D2615A556 Ref B: FRAEDGE1413 Ref C: 2021-12-22T08:07:07Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
95 B 37ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=137002139&tm=gtm002&Ver=2&mid=902d3788-6664-4cb7-bc41-431f92fc58a1&sid=27e1add062fe11ecbe2cb1bfac7be8b9&vid=27e27ca062fe11ec8f1bebaafaf46c1f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bonitas%20-%20Home&p=https%3A%2F%2Fwww.bonitas.co.za%2F&r=&lt=3021&evt=pageLoad&msclkid=N&sv=1&rn=15155
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A02DD5AEEF6401BAEF765106FC309EB Ref B: FRAEDGE1413 Ref C: 2021-12-22T08:07:07Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/LYHCFNKWJ5DUPM22D44OHG/index.js
https://s.adroll.com/j/exp/index.js

28 B
763 B

9ms
9ms

Script
application/javascript

2600:9000:2156:1600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Server: 2600:9000:2156:1600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 185632
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Tue, 21 Dec 2021 09:38:17 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: PPSFPNW51tctPD4QSq0XHkc0MEGtdCj4VXXgBC8XtjGd_bSSRA59TA==

Redirect headers

Date: Wed, 22 Dec 2021 01:56:54 GMT
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Age: 22212
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: arsUtsZjShRxGfZxv3PVJfddmvNzrgKwYXymK6_lmYaDwg7TnBMQGQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
734 B

9ms
8ms

Script
application/javascript

2600:9000:2156:1600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Server: 2600:9000:2156:1600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 100631
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 21 Dec 2021 18:20:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: I1iPgad68XBg-J-67oB7RXo8a7nOsHitPGwWaJzrfwrKUg1Sx_3PGw==

Redirect headers

Date: Wed, 22 Dec 2021 01:56:55 GMT
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Age: 22212
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Jc9YRMshsJ61jGFinXhrvrLZm3Qv2EwVAUem-tpm6qILOCZKpk2-gQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/ 0
786 B 30ms
12ms Script
text/javascript 2600:9000:2156:1600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/LYHCFNKWJ5DUPM22D44OHG/S2WAFVC6W5CCPAMAY56KKM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: 3.PrWiv.DOfXLJCcn9PKToCwYNmjL2TZ
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 3489
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sun, 19 Dec 2021 23:54:56 GMT
Server: AmazonS3
Date: Wed, 22 Dec 2021 07:08:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yC7n_LAr-TxwdIkc6CmMIbkHmFkqduv9aY9RJYDB7a8jPUd4_VuXMQ==

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://s2.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F
https://track.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co...

1 KB
1 KB

22ms
21ms

Script
text/javascript

37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

c3bc29b13200918889e84ed615a4975b5e735851637fc1d330d258e95cc515de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 792
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
716 B 106ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2022%20Dec%202021%2008%3A07%3A07%20GMT&n=0&b=Bonitas%20-%20Home&.yp=10091852&f=https%3A%2F%2Fwww.bonitas.co.za%2F&enc=UTF-8&yv=1.10.2&tagmgr=gtm

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 277ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2426838540956198&ev=PageView&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&rl=&if=false&ts=1640160427243&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1640160427241.585060769&it=1640160427070&coo=false&tm=1&rqm=GET

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/696255034/ 42 B
64 B 38ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696255034/?random=1640160427147&cv=9&fst=1640160000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.bonitas.co.za%2F&tiba=Bonitas%20-%20Home&async=1&fmt=3&is_vtc=1&random=1363181201&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/696255034/ 42 B
64 B 36ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696255034/?random=1640160427147&cv=9&fst=1640160000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.bonitas.co.za%2F&tiba=Bonitas%20-%20Home&async=1&fmt=3&is_vtc=1&random=1363181201&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bonitas.css
vroomf.chat/custom-css/ Frame 022C 7 KB
1 KB 12ms
11ms Stylesheet
text/css 93.90.206.61
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vroomf.chat/custom-css/bonitas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.90.206.61 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5be438eaa50c4f307373cb60e784ca61a583b0833d75c9e555aa69a161b94188

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vroomf.chat/bot-public-async/?p=eyJjaGF0VXJsIjoid3NzOi8vc29ja2V0MS52cm9vbWYuY2hhdC9hd3MiLCJib3RJZCI6IkJvbml0YXMtbGVhZHMiLCJzdWJzY3JpcHRpb24iOiJmZGE5OTgxZC1lZDhiLTRiYzItOTAxOS1jYjhlNmE3ZjE2MDUiLCJwb3J0IjoiNTAwNSIsImRlZmF1bHRUZW1wbGF0ZUlkIjoiIiwic291cmNlIjoiQ2hhdCIsInRlYW0iOiIiLCJzdXBwb3J0VHlwZSI6ImUxYTkxMWEzLWU2ZmYtNDRkNS1iNGI3LWU1OWM4MmIyMGM2NyIsImNzc1VybCI6Imh0dHBzOi8vdnJvb21mLmNoYXQvY3VzdG9tLWNzcy9ib25pdGFzLmNzcyJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 12:34:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8082551e498d71:0"
vary: Accept-Encoding
content-type: text/css
date: Wed, 22 Dec 2021 08:06:33 GMT
accept-ranges: bytes
content-length: 1366

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1659384158&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&ul=en-us&de=UTF-8&dt=Bonitas%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=1378502239&gjid=780443413&cid=2104091567.1640160427&tid=UA-143011272-1&_gid=818444096.1640160427&_r=1&gtm=2wgc10NCQZQ9L&z=495867769

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills.c40ca61c3ecc6dbe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LYHCFNKWJ5DUPM22D44OHG Show response
d.adroll.com/consent/check/ 396 B
489 B 105ms
33ms Script
application/javascript 63.35.87.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LYHCFNKWJ5DUPM22D44OHG?arrfrr=https%3A%2F%2Fwww.bonitas.co.za%2F&_s=12e906ce4d07ed0196641eba152c71a9&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.87.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-87-185.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 0d90995269315242539c67f5aaa4d1845a7703e1869d45bfe28b1f260e514ded

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx/1.20.0
content-length: 396
content-type: application/javascript

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 31ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143011272-1&cid=2104091567.1640160427&jid=1378502239&gjid=780443413&_gid=818444096.1640160427&_u=aGDACEACRAAAAC~&z=679738024

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/polyfills.c40ca61c3ecc6dbe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bonitas.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Dec 2021 08:07:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.bonitas.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame 79BD 1 KB
904 B 20ms
20ms Document
text/html 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=1784238&lid=62897859&ctype=0&media=0&PageName=%2f&rnd=1447821465&cpref=&loc=https%3a%2f%2fwww.bonitas.co.za%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

231299ebbbc92dc45a3cd9700ef4bff0c10d307f903d35ef4716146a62f40d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

server: nginx
date: Wed, 22 Dec 2021 08:07:07 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 5077 5 KB
2 KB 66ms
22ms Document
text/html 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/Serving/TrackPoint/?pm=1784238&ADFPageName=%2F&ADFdivider=%7C&ord=697952634108&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fwww.bonitas.co.za%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c7f135b68d38c9176e535083076f30e534ae7c0e22b4e441b6577ab69947602c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/

Response headers

server: nginx
date: Wed, 22 Dec 2021 08:07:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
344 B 66ms
18ms Image
image/gif 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=2368857601535687282&stamp=J6eeUssbWicDvP-67D9Y4w2

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Dec 2021 08:07:07 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-143011272-1&cid=2104091567.1640160427&jid=1378502239&_u=aGDACEACRAAAAC~&z=1536712891

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 79BD 90 KB
35 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115464984-2

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=1784238&lid=62897859&ctype=0&media=0&PageName=%2f&rnd=1447821465&cpref=&loc=https%3a%2f%2fwww.bonitas.co.za%2f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

597a6317675c478966b8c116b051aab667384bb6c74720d86cf026338d0d5e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36181
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 79BD 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115464984-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3961
date: Wed, 22 Dec 2021 07:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Dec 2021 09:01:06 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 5077 0
261 B 20ms
20ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 5077
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2368857601535687282&Expiration=1641370027
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2368857601535687282&Expiration=1641370027

43 B
423 B

33ms
33ms

Image
image/gif

34.240.183.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2368857601535687282&Expiration=1641370027
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Server: 34.240.183.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-183-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Dec 2021 08:07:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2368857601535687282&Expiration=1641370027
date: Wed, 22 Dec 2021 08:07:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 5077 0
522 B 50ms
21ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=2368857601535687282

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 21 Dec 2021 08:07:07 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5077 0
214 B 33ms
10ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5077
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2368857601535687282&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2368857601535687282&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=215b82bfc7dd487c8...
https://c1.adform.net/serving/cookie/match?party=9&uid=715557576788096bc6dbc7d078c02a336efd2a90ddbdde20a2c3eba198b1a7f5

35 B
468 B

23ms
23ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=715557576788096bc6dbc7d078c02a336efd2a90ddbdde20a2c3eba198b1a7f5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=715557576788096bc6dbc7d078c02a336efd2a90ddbdde20a2c3eba198b1a7f5
date: Wed, 22 Dec 2021 08:07:07 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 5077 43 B
163 B 72ms
18ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2368857601535687282&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 5077
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=2368857601535687282&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=2368857601535687282&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2368857601535687282&_origin=1&apid=UP28151bea-62fe-11ec-ab10-06719bfa7d96

0
689 B

39ms
19ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2368857601535687282&_origin=1&apid=UP28151bea-62fe-11ec-ab10-06719bfa7d96

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=2368857601535687282&_origin=1&apid=UP28151bea-62fe-11ec-ab10-06719bfa7d96
date: Wed, 22 Dec 2021 08:07:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 5077 43 B
712 B 44ms
16ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1640160427624061-529
Expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H2

204

put
e1.emxdgt.com/ Frame 5077
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=2368857601535687282
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2368857601535687282
https://e1.emxdgt.com/put?d=d21&uid=b9cb1d2d-0bca-4950-843d-e4f52a7d8280&gdpr=&gdpr_consent=

0
59 B

105ms
36ms

Image
text/html

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=b9cb1d2d-0bca-4950-843d-e4f52a7d8280&gdpr=&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:06 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d21&uid=b9cb1d2d-0bca-4950-843d-e4f52a7d8280&gdpr=&gdpr_consent=
Date: Wed, 22 Dec 2021 08:07:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5077
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2368857601535687282&expiration=1641370027
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2368857601535687282&expiration=1641370027&C=1

43 B
1006 B

25ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2368857601535687282&expiration=1641370027&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 22 Dec 2021 08:07:07 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2368857601535687282&expiration=1641370027&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Wed, 22 Dec 2021 08:07:07 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/dbm/1/ Frame 5077
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2368857601535687282&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2368857601535687282&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=ef4c61c2-dcab-4d00-8c44-e191872c803d&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RjBGRUE1MTNCNkRBODYyQg&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEDd7mLoMz7Jgr7-Gs03rlOA&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

42 B
604 B

23ms
23ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEDd7mLoMz7Jgr7-Gs03rlOA&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:06 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEDd7mLoMz7Jgr7-Gs03rlOA&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 5077 0
344 B 58ms
9ms Image
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2368857601535687282&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 5077
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2368857601535687282
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2368857601535687282&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
334 B

60ms
9ms

Image
image/gif

2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1ry9FyFD/8xcFAA==
x-accel-expires: @1640863416
date: Wed, 22 Dec 2021 08:07:07 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6p1Hg+HonQk=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 333811
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 5077 0
0 48ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

tpid=2368857601535687282
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 5077
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2368857601535687282
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2368857601535687282

49 B
264 B

39ms
38ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.247
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2368857601535687282
cache-control: no-cache
x-server: 10.45.23.239
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 5077 62 B
304 B 190ms
146ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 5077 43 B
274 B 45ms
20ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 5077
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

147ms
40ms

Image
image/gif

52.218.118.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Server: 52.218.118.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:08 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: DB9TGTDGV6E68BVN
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: PafZdctMoADztrZlRrLAvml4DnZffGgtGtunAcKhagMPzAwsWaQGh0S60bKS10PhaQBOFYRJXmE=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 5077
Redirect Chain

https://pixel.onaudience.com/?mapped=2368857601535687282&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e87589f83fcbef0e430858d85e446665

35 B
248 B

19ms
17ms

Image
image/gif

141.94.170.77
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e87589f83fcbef0e430858d85e446665
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Server: 141.94.170.77 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-6.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e87589f83fcbef0e430858d85e446665
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H/1.1

403
Forbidden

/
cm.smartstream.tv/ Frame 5077
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2368857601535687282
https://tags.adsafety.net/v1/cm?cm_uid=CM12021122208497bf7dffacea542747&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=a1bd1b47ee9d075a9683818b80f1f180
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021122208497bf7dffacea542747&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=a1bd1b47ee9d075a9683818b80f1f180&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMjIwODQ5N2JmN2RmZmFjZWE1NDI3NDc
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEF_J2WoSfYKErKDCUFYyRJk&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021122208497bf7dffacea542747
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2368857601535687282
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7044435394174646413

0
0

34ms
6ms

Image
text/html

85.90.245.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7044435394174646413
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Server: 85.90.245.27 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1428-27.members.linode.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Location: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7044435394174646413
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5077 0
337 B 100ms
33ms Image
text/plain 52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1640160427
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 5077
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjM2ODg1NzYwMTUzNTY4NzI4Mg
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMCKHo5Iw-EtjeS6-fsZg&google_cver=1&google_ula=1641347,0

35 B
468 B

20ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMCKHo5Iw-EtjeS6-fsZg&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMTMCKHo5Iw-EtjeS6-fsZg&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 5077 0
261 B 24ms
21ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 5077
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=6397985625492573019&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2368857601535687282

43 B
994 B

23ms
23ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2368857601535687282

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 704331e7-96d8-4ba6-b57c-a32e334c67b8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=2368857601535687282
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 5077 42 B
543 B 60ms
21ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:346
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 5077 43 B
444 B 50ms
17ms Image
image/gif 143.204.98.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-106.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 09:20:35 GMT
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 81992
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 43
X-Amz-Cf-Id: NTiIKfSQB9xBxG9Ao81EX-jgfwNrVi30yXgEYpsmIx9Buuz89dqpaQ==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 5077
Redirect Chain

https://a.audrte.com/a?adform_uid=2368857601535687282
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEKfe5PfpztwldfufRe5v1d0&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=6d3ogrgcWSmSJaByYlKr-4PQQ&gdpr=0&gdpr_consent=

0
344 B

12ms
11ms

Image
text/plain

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=6d3ogrgcWSmSJaByYlKr-4PQQ&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:08 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 22 Dec 2021 08:07:08 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=6d3ogrgcWSmSJaByYlKr-4PQQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5077
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2368857601535687282&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2368857601535687282&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=57544888270214458482492210611733389820&noredirect=1

35 B
468 B

26ms
23ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=57544888270214458482492210611733389820&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v026-095a919c8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IceIvxXaSZ4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=57544888270214458482492210611733389820&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5077
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2368857601535687282
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000304008000106926

35 B
477 B

21ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000304008000106926

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000304008000106926
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5077
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7044435394174646413

35 B
468 B

20ms
20ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7044435394174646413

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7044435394174646413
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 5077 62 B
725 B 148ms
148ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 43b4
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5077
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=ef4c61c2-dcab-4d00-8c44-e191872c803d

35 B
477 B

20ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=ef4c61c2-dcab-4d00-8c44-e191872c803d

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: MT3 4133 baa842e master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=ef4c61c2-dcab-4d00-8c44-e191872c803d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 22 Dec 2021 08:07:06 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5077
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=LJloyVC61MZWEr5

35 B
468 B

21ms
20ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=LJloyVC61MZWEr5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 22 Dec 2021 08:07:07 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=LJloyVC61MZWEr5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5077
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2

35 B
468 B

20ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 5077 0
72 B 534ms
132ms Image
text/plain 216.46.185.183
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 Broomfield, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 5077 43 B
1009 B 81ms
19ms Image
image/gif 54.36.109.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=2368857601535687282

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.156 , France, ASN16276 (OVH, FR),

Reverse DNS

p07.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:07 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5077
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3704542060
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TtALoL71Qk6YXv6SK8yvru

35 B
468 B

19ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TtALoL71Qk6YXv6SK8yvru

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
via: 1.1 google
last-modified: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TtALoL71Qk6YXv6SK8yvru
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5077 23 B
172 B 91ms
42ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 22 Dec 2021 08:07:07 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 5077
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2368857601535687282
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2368857601535687282&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2368857601535687282&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:08 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2368857601535687282&cs=1
date: Wed, 22 Dec 2021 08:07:07 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 5077 0
240 B 56ms
8ms Image
text/plain 2600:9000:2156:4000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2368857601535687282
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:08 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Lg-Y2ggLGKah0i6oKQMyiKOrtPbICKxgLOZI-b5bsQsNXNBiFHNcoQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5077
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2368857601535687282&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2368857601535687282&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=94c6690a-0077-4762-b783-38d67ab99a5e

35 B
468 B

20ms
20ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=94c6690a-0077-4762-b783-38d67ab99a5e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 08:07:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=94c6690a-0077-4762-b783-38d67ab99a5e
date: Wed, 22 Dec 2021 08:07:08 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 2368857601535687282
match.contentexchange.me/adform/ Frame 5077 0
49 B 161ms
46ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2368857601535687282?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:08 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 5077
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=2368857601535687282&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2368857601535687282&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

16ms
16ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2368857601535687282&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=2368857601535687282&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 22 Dec 2021 08:07:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 5077 0
261 B 23ms
22ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2368857601535687282&agencyId=6995&advertiserId=2048901&src=tp&rnd=318876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:07 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK book.png
www.bonitas.co.za/assets/images/icons/ 5 KB
5 KB 187ms
185ms Image
image/png 102.133.154.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonitas.co.za/assets/images/icons/book.png
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.133.154.32 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cd2dc444378a4bd4c06f90814c93766cc9a2c70a81250570b61aa7a85b1ded1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 08:07:08 GMT
Last-Modified: Wed, 15 Dec 2021 14:22:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0aa2c30bff1d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5379

GET
H/1.1 200
OK 2021-09-16_07-16_f656a023-0c17-43ca-bf29-a12e3cc04092
allegradocstorage.blob.core.windows.net/bonitas-documents-production/ 2 MB
2 MB 908ms
237ms Image
application/octet-stream 52.239.232.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allegradocstorage.blob.core.windows.net/bonitas-documents-production/2021-09-16_07-16_f656a023-0c17-43ca-bf29-a12e3cc04092?sv=2019-02-02&sr=b&sig=z2QbGUUm1L%2BkbA6Ge5Tkg%2B5rnH1s3QMl6aobuXYGsp8%3D&se=2071-09-04T07%3A16%3A13Z&sp=r
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.232.68 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e1b2760c90fb1c2fb88f2580c61fbbf5971bf1b56b302e673c0bf3af71176795

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Wed, 22 Dec 2021 08:07:07 GMT
Content-MD5: FoKz1avpTZ+mas0USnqz/Q==
x-ms-server-encrypted: true
Content-Length: 2442394
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 16 Sep 2021 07:16:13 GMT
Last-Modified: Thu, 16 Sep 2021 07:16:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D978E1DDDA2239"
Vary: Origin
Content-Type: application/octet-stream
x-ms-request-id: f7b95422-101e-001c-640a-f7bf3e000000
x-ms-version: 2019-02-02
Accept-Ranges: bytes

GET
H/1.1 200
OK 2021-10-07_08-11_740fa1db-e954-4481-967b-d76fbe2e2f1e
allegradocstorage.blob.core.windows.net/bonitas-documents-production/ 1 MB
1 MB 908ms
223ms Image
application/octet-stream 52.239.232.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allegradocstorage.blob.core.windows.net/bonitas-documents-production/2021-10-07_08-11_740fa1db-e954-4481-967b-d76fbe2e2f1e?sv=2019-02-02&sr=b&sig=kBsTWllmt%2BUr%2F2T8WQh8QfthPj2YwRM3Bekwx9zssWA%3D&se=2071-09-25T08%3A11%3A04Z&sp=r
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.232.68 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0c9ee4fdedcbb6ad92f4b04203eebe54206f6a0e3d3d0573af91b592d6213eab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Wed, 22 Dec 2021 08:07:08 GMT
Content-MD5: kELK73ePZWMa+8vwWHv0BA==
x-ms-server-encrypted: true
Content-Length: 1113201
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 07 Oct 2021 08:11:04 GMT
Last-Modified: Thu, 07 Oct 2021 08:11:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D9896A02002B02"
Vary: Origin
Content-Type: application/octet-stream
x-ms-request-id: e0d59018-f01e-0004-6d0a-f76059000000
x-ms-version: 2019-02-02
Accept-Ranges: bytes

GET
H/1.1 200
OK 2021-10-07_08-08_4c34820e-de84-4c18-ad14-59dbf0dcd812
allegradocstorage.blob.core.windows.net/bonitas-documents-production/ 686 KB
686 KB 927ms
241ms Image
application/octet-stream 52.239.232.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allegradocstorage.blob.core.windows.net/bonitas-documents-production/2021-10-07_08-08_4c34820e-de84-4c18-ad14-59dbf0dcd812?sv=2019-02-02&sr=b&sig=gA241Yc4aJYSLjFilcwogEchR0Fbtm7PBZZYeHF3ttE%3D&se=2071-09-25T08%3A08%3A08Z&sp=r
Requested by: Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.232.68 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b052fc6e96bb181cf154d153c7c6e6327ed726408c716428aa549bb3ab11f108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Wed, 22 Dec 2021 08:07:08 GMT
Content-MD5: RfptJW/MENzZNSONs9S2hw==
x-ms-server-encrypted: true
Content-Length: 702263
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 07 Oct 2021 08:08:08 GMT
Last-Modified: Thu, 07 Oct 2021 08:08:08 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D9896999059B23"
Vary: Origin
Content-Type: application/octet-stream
x-ms-request-id: e5714596-e01e-0008-170a-f7f751000000
x-ms-version: 2019-02-02
Accept-Ranges: bytes

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 75ms
59ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2426838540956198&ev=Microdata&dl=https%3A%2F%2Fwww.bonitas.co.za%2F&rl=&if=false&ts=1640160428746&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bonitas%20-%20Home%22%2C%22meta%3Adescription%22%3A%22Bonitas%20-%20Medical%20aid%20for%20South%20Africa%2C%20We%20were%20voted%20the%20best%20Medical%20Aid%20when%20it%20comes%20to%20service%20excellence%20in%20the%202019%2F2020%20Ask%20Afrika%20Orange%20Index%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1640160427241.585060769&it=1640160427070&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.bonitas.co.za
URL: https://www.bonitas.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:07:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Dec 2021 08:07:08 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/ 77 KB
28 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53151b27d3fe0aee685683cbe17655b3211283291e189219412694165053950e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28790
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:54:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:34:35 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/ 297 KB
91 KB 22ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAZExNzENhyCNJ7paVo8PECMw0PqG7r1Uo&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

078316556d1ea20ac469d50ac1313f3837b5d00001e6cce069d3fb1a0c5e96c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bonitas.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 16:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92718
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:54:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 16:07:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc.ads.linkedin.com
URL: https://dc.ads.linkedin.com/collect/?pid=1344305&fmt=gif

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=137002139&Ver=2

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

107 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bonitas.co.za/	1970-01-20 08:21:36	Name: _hjSessionUser_1949475 Value: eyJpZCI6IjgyOTI2OGQxLTJlYTAtNWQxMy04YTM0LTY0MTFmYTI4Nzg4NiIsImNyZWF0ZWQiOjE2NDAxNjA0MjQ4NjMsImV4aXN0aW5nIjpmYWxzZX0=
.bonitas.co.za/	1970-01-19 23:36:02	Name: _hjFirstSeen Value: 1
.bonitas.co.za/	1970-01-19 23:36:02	Name: _hjSession_1949475 Value: eyJpZCI6ImJhNjZkNTMxLWViNTAtNDRiNi1iYTNlLWI5NDhlMWE5MTczYiIsImNyZWF0ZWQiOjE2NDAxNjA0MjQ5Mjd9
www.bonitas.co.za/	1970-01-19 23:36:00	Name: _hjIncludedInPageviewSample Value: 1
.bonitas.co.za/	1970-01-19 23:36:02	Name: _hjAbsoluteSessionInProgress Value: 1
.bonitas.co.za/	1970-01-20 01:45:36	Name: _gcl_au Value: 1.1.1495615627.1640160427
.bing.com/	1970-01-20 08:57:36	Name: MUID Value: 3FBCA2DB64D26EBC3EABB3CE65B96F3F
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-19 23:37:26	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2597:u=1:x=1:i=1640160427:t=1640246827:v=2:sig=AQHdw0WVI32Y_79w4eHdQcQzGnhgoPV8"
.bonitas.co.za/	1970-01-19 23:37:26	Name: _gid Value: GA1.3.818444096.1640160427
.bonitas.co.za/	1970-01-20 17:07:12	Name: _ga_Y4RGMBCREE Value: GS1.1.1640160426.1.0.1640160426.60
.linkedin.com/	1970-01-20 00:19:12	Name: UserMatchHistory Value: AQJ9aLwNN6LwJQAAAX3hLfx66u-BXzPBJKz-lIcV1OtLb0yFSc49l8DeCeA-P8KqVTv9WjF5Qdn6Ow
.linkedin.com/	1970-01-20 00:19:12	Name: AnalyticsSyncHistory Value: AQKKuS1Be-ef2wAAAX3hLfx6xsVOiiJW5dW6po_n9RLDMsjamyI-vCDTG9efINF6eTweTW47k7qXFwje3IK93w
.linkedin.com/	1970-01-20 17:07:54	Name: bcookie Value: "v=2&0d268a0b-f71b-4897-8820-e3f334aeb9af"
.doubleclick.net/	1970-01-20 08:57:36	Name: IDE Value: AHWqTUm6wSkepBHIHML-KNbVT5ZazT6YQIqPhW4CJIcEcFd6DJM2OFdUwVDYztdv
.bonitas.co.za/	1970-01-19 23:37:26	Name: _uetsid Value: 27e1add062fe11ecbe2cb1bfac7be8b9
.bonitas.co.za/	1970-01-20 08:57:36	Name: _uetvid Value: 27e27ca062fe11ec8f1bebaafaf46c1f
.twitter.com/	1970-01-20 17:07:12	Name: personalization_id Value: "v1_BENAAM1F793qQ7kuVY10og=="
.bonitas.co.za/	1970-01-20 01:45:36	Name: _fbp Value: fb.2.1640160427241.585060769
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:07:54	Name: bscookie Value: "v=1&20211222080707e6061a41-f17f-4d8d-89ee-f3bc690c195aAQFaNrmIaPsp_cofPvv-I6VW8srP1er5"
.linkedin.com/	1970-01-20 17:01:11	Name: li_gc Value: MTswOzE2NDAxNjA0Mjc7MjswMjEsgfwMPXLvQY725P2nsDhzpcPkV7lrlLaxkOMGbGc+/g==
.bonitas.co.za/	1970-01-20 17:07:12	Name: _ga Value: GA1.3.2104091567.1640160427
.bonitas.co.za/	1970-01-19 23:36:00	Name: _gat_UA-143011272-1 Value: 1
.adform.net/	1970-01-20 00:20:38	Name: C Value: 1
.yahoo.com/	1970-01-20 08:21:58	Name: A3 Value: d=AQABBKvcwmECEDgMWV9NoaGwNb5wvMzuzFwFEgEBAQEuxGHMYQAAAAAA_eMAAA&S=AQAAAmNyLNv7jtPBdiFZXgJu7mo
.adform.net/	1970-01-20 01:02:24	Name: uid Value: 2368857601535687282
.adform.net/	1970-01-19 23:37:26	Name: CM Value: 1\|1
.seadform.net/	1970-01-20 01:02:24	Name: uid Value: 2368857601535687282
.adform.net/	1970-01-19 23:56:10	Name: CM14 Value: 1640246827_1640160427_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.advertising.com/	1970-01-20 08:23:02	Name: APID Value: UP28151bea-62fe-11ec-ab10-06719bfa7d96
.bidswitch.net/	1970-01-20 08:21:36	Name: tuuid Value: b9cb1d2d-0bca-4950-843d-e4f52a7d8280
.bidswitch.net/	1970-01-20 08:21:36	Name: c Value: 1640160427
.bidswitch.net/	1970-01-20 08:21:36	Name: tuuid_lu Value: 1640160427
.casalemedia.com/	1970-01-20 08:21:36	Name: CMID Value: YcLcq8lYO6MrXXXGUNEa9wAA
.casalemedia.com/	1970-01-20 01:45:36	Name: CMPS Value: 5229
ads.stickyadstv.com/	1970-01-20 01:02:24	Name: uid-bp-617 Value: 2368857601535687282
ads.stickyadstv.com/	1970-01-20 00:19:12	Name: UID Value: 457b92ef33a32a8c2986e075d3d49a5
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: eb7ff51b36349ff812db115b72b271
.yieldlab.net/	1970-01-20 08:21:36	Name: id Value: c0c8d3cf-d1f0-4bb7-9e0f-9ce8984a3279
.casalemedia.com/	1970-01-20 01:45:36	Name: CMPRO Value: 1127
.casalemedia.com/	1970-01-19 23:37:26	Name: CMST Value: YcLcq2HC3KsA
.casalemedia.com/	1970-01-20 08:21:36	Name: CMRUM3 Value: 6f61c2dcab27602368857601535687282
.analytics.yahoo.com/	1970-01-20 08:23:02	Name: IDSYNC Value: 1760~2288
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP28151bea-62fe-11ec-ab10-06719bfa7d96
.yahoo.com/	1970-01-19 23:37:26	Name: APIDTS Value: 1640160427
.eyeota.net/	1970-01-19 23:36:01	Name: SERVERID Value: 17367~DM
.semasio.net/	1970-01-20 08:21:36	Name: SEUNCY Value: F0FEA513B6DA862B
.360yield.com/	1970-01-20 01:45:36	Name: tuuid Value: c9d8ed71-9e85-4cda-96cd-f62e3ce229c3
.360yield.com/	1970-01-20 01:45:36	Name: tuuid_lu Value: 1640160427
.360yield.com/	1970-01-20 01:45:36	Name: um Value: !42,ymVmyu6TeNRcb1GNOp-edTbIyqMXqgLlvxdyHWRDvhIB,1641370027
.360yield.com/	1970-01-20 01:45:36	Name: umeh Value: !42,0,1702368427,-1
.onaudience.com/	1970-01-20 08:21:36	Name: cookie Value: 5ddd4991d74ff834
.onaudience.com/	1970-01-19 23:37:26	Name: done_redirects161 Value: 1
cm.adsafety.net/	1970-01-20 08:21:36	Name: UID Value: CM12021122208497bf7dffacea542747
.adsafety.net/	1970-01-20 08:21:36	Name: cm_uid Value: CM12021122208497bf7dffacea542747
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.mathtag.com/	1970-01-20 09:01:55	Name: uuid Value: ef4c61c2-dcab-4d00-8c44-e191872c803d
.exelator.com/	1970-01-20 02:28:48	Name: EE Value: "e87589f83fcbef0e430858d85e446665"
.exelator.com/	1970-01-20 02:28:48	Name: ud Value: "eJxrXxzq6XKLQSHVwtzUwjLNwjgtOSk1zSDVxNjAwtQixcI01cTEzMzMdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F7%252FswHQBx9yp3"
.krxd.net/	1970-01-20 03:55:12	Name: _kuid_ Value: OjjlfUse
tags.adsafety.net/	1970-01-20 08:21:36	Name: UID Value: a1bd1b47ee9d075a9683818b80f1f180
tags.adsafety.net/	1970-01-20 08:21:36	Name: DID Value: a1bd1b47ee9d075a9683818b80f1f180
tags.adsafety.net/	1970-01-20 08:21:36	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 08:21:36	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 00:19:12	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 08:21:36	Name: ct_uid Value: a1bd1b47ee9d075a9683818b80f1f180
.adsafety.net/	1970-01-20 08:21:36	Name: ct_did Value: a1bd1b47ee9d075a9683818b80f1f180
.adsafety.net/	1970-01-20 08:21:36	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-20 08:21:36	Name: permanent Value: 1
.pubmatic.com/	1970-01-20 00:19:12	Name: KRTBCOOKIE_391 Value: 22924-2368857601535687282&KRTB&23263-2368857601535687282
.pubmatic.com/	1970-01-20 00:19:12	Name: PugT Value: 1640160427
.pubmatic.com/	1970-01-20 01:45:36	Name: PUBMDCID Value: 3
.adscale.de/	1970-01-20 08:18:16	Name: uu Value: 215b82bfc7dd487c8ef0c88aa6ecdfd0
.adscale.de/	1970-01-20 08:18:16	Name: cct Value: 1640160427787
.adnxs.com/	1970-01-20 01:45:36	Name: uuid2 Value: 6397985625492573019
.ih.adscale.de/	1970-01-20 08:18:16	Name: tu Value: 4#270909732#42~2368857601535687282~455600~0~0
.agkn.com/	1970-01-20 08:21:36	Name: ab Value: 0001%3AE9%2FmT5To0eHK7nvmaN6jJTDgLhzFnLzV
.adsrvr.org/	1970-01-20 08:21:36	Name: TDID Value: b3ae7ee9-9afd-4c4e-9d0a-0e0dcb8f52d2
ads.smartstream.tv/	1970-01-20 08:21:36	Name: DID Value: a1bd1b47ee9d075a9683818b80f1f180
ads.smartstream.tv/	1970-01-20 08:21:36	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 08:21:36	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 00:19:12	Name: cm_uid Value: CM12021122208497bf7dffacea542747
.adfarm1.adition.com/	1970-01-20 01:45:36	Name: UserID1 Value: 7044435394174646413
.adsrvr.org/	1970-01-20 08:21:36	Name: TDCPM Value: CAEYASABKAIyCwjIorX5mMuiOhAFOAFaBzcxZWk5cnJgAg..
.w55c.net/	1970-01-20 09:06:14	Name: wfivefivec Value: LJloyVC61MZWEr5
.w55c.net/	1970-01-20 00:19:12	Name: matchadform Value: 5
.demdex.net/	1970-01-20 03:55:12	Name: demdex Value: 57544888270214458482492210611733389820
.adnxs.com/	1970-01-20 01:45:36	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E?jj%Q.y!]tbPl1M66+q([OUezY[VB%Cta]E$F[RnJoOy6B#Sml:Um3o+T%nugO%v4VB%no2v(I[wr
.dpm.demdex.net/	1970-01-20 03:55:12	Name: dpm Value: 57544888270214458482492210611733389820
cm.adsafety.net/	1970-01-20 08:21:36	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaOUJjNFlpUy9OeHJTSzU2MklhWkppSjdWRFpwb0RHSk1mNHpWU3RnNGVVUHNYOTV0SVozY0NNcGxUeWE0eGdsdUxidkZTbmZiaHYvTmVjVWVDRjNabzRMaTN6KzRPWFRSeXpTVjAraGZiK09vSUVueHpoelNrNnNBK3Y4TVlMRlZpT0w0MkRRVzRpOUFZdERPdk85U2M0ejlzK1VTSkJTS2FMc1Q3WU1PbTJ4TWdBN0J5dlNSVExXbTZJWVA5VElZRjgyQ0lRSEF5d1I1U1RORmNFS3EyRFcrN2w2Q2RCNHFEWmtwTGU1TFlieHg5dU4xNkpld3BqN1FzdEZ3V2I2MTdMYi8vRnZYSUU0VVhNQ0JiU05WZmd6NGdqTCtMQnhlelVDYXRyTS8zdElwU1BoWStUYnFBR2ZqVzVGdWdLaENTWllmU2tUaGUrZXk4bjhLSlBabDZ1N0dqR3J3VU41eUdteU1GRktFS0VyNjdLb3MvelJNNVZkWlRhdTRHKzNET2x6b1FwQ0Y1WjJmdkRQMkd5RnZlRXFVNG0wUmgyY3dRVjhXeXg1LzhrZkhRQjJ2Y293QWI4UlZzdGtoNzBScHFodVl0bk9keVVERnBQU0dHY3g5Mko1ZGh5QXNpT0dwRjFGQkhvc21HK2JvK1JzRVJCLzF0bUswMW1TMUtYTmpIOGViU3BuRnRkZWw5d0NVV1NaUG5XenZCajR3MExBek43MWNRZGpVSzU3YmpKT1A3VVZITGpFR050eFhGYkRldUJ1WXdCMTFnZWp1UllibjRkN1J1UFgrUTF4dWwvOU9PQ2t2TUtPWDlHazh6RW5MU04rVE0xS3ZHbGRWdHhOZXNLb3E0VnNEbVIyUmlwQklTMU5zOUVBSHludzlZQkhwQ0pCV0s2UkZnVkFzTDFsUkVkQm9SODJNbmJ1TVRXUnZraitLNjFPRjZFWmdUdHI1Qk4rSDZWV3FUUi8wZHprVnVyZVFwSUdGTW1vMFQxOEgxS2t2UnI4WTBSNFFTRXkwQytYcWYwdzFtTXB5VklMTkRSK2ZVZ1N6eldMbS9IdEZjV242dHpNQ1dOSWNyeXNoQ2thSzl6TzI4VFFtM2YyV3c9PQ%3D%3D
.bluekai.com/	1970-01-20 03:55:12	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 03:55:12	Name: bkpa Value: KJpEnXTLu5DlBMRt1nnwEnWN1MSpLe9NBp1yBeDtBq1yBf/y9QY58yCW
.bluekai.com/	1970-01-20 03:55:12	Name: bku Value: aG/99vFzyZW3SZ/b
.weborama.fr/	1970-01-20 09:07:41	Name: AFFICHE_W Value: cBF@-Lkx649w18
.id5-sync.com/	1970-01-19 23:36:00	Name: cf Value:
.id5-sync.com/	1970-01-19 23:36:00	Name: cip Value:
.id5-sync.com/	1970-01-19 23:36:00	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:36:00	Name: car Value:
.id5-sync.com/	1970-01-19 23:36:00	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:36:00	Name: callback Value:
.1dmp.io/	1970-01-20 08:21:36	Name: uid Value: 285a8942-62fe-11ec-9752-901b0e8d9836
.tapad.com/	1970-01-20 01:02:24	Name: TapAd_TS Value: 1640160428003
.tapad.com/	1970-01-20 01:02:24	Name: TapAd_DID Value: 94c6690a-0077-4762-b783-38d67ab99a5e
.3lift.com/	1970-01-20 01:45:36	Name: tluid Value: 328745482408202507
.tapad.com/	1970-01-20 01:02:24	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: 6d3ogrgcWSmSJaByYlKr-4PQQ!20210804!1640160428143

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bat.bing.com/action/0?ti=137002139&Ver=2 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://dc.ads.linkedin.com/collect/?pid=1344305&fmt=gif Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://attribution.adclickafrica.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.bonitas.co.za%2F&opt=Bonitas%20-%20Home&t=1640160427001 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2368857601535687282 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7044435394174646413 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
allegradocstorage.blob.core.windows.net
allegraprod-bonitasapi.azurewebsites.net
analytics.google.com
analytics.twitter.com
api.adrtx.net
attribution.adclickafrica.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
coronavirus-19-api.herokuapp.com
d.adroll.com
dc.ads.linkedin.com
developer.apple.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
in.hotjar.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
maps.googleapis.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
play.google.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s.adroll.com
s.yimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
t.co
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
vars.hotjar.com
vc.hotjar.io
vroomf.chat
www.bonitas.co.za
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
bat.bing.com
dc.ads.linkedin.com
102.133.154.32
104.111.215.191
104.111.218.85
104.111.242.245
104.244.42.133
104.244.42.3
108.174.10.14
13.248.245.213
139.162.147.254
141.94.170.77
142.250.184.194
142.250.186.66
143.204.98.106
143.204.98.29
143.204.98.32
143.204.98.33
143.204.98.69
17.253.57.201
18.184.229.61
18.195.123.247
18.195.140.97
18.195.155.181
185.33.221.91
185.64.190.80
185.86.138.142
199.232.136.157
2.18.233.201
2.18.234.21
2.18.234.233
212.82.100.181
216.46.185.183
2600:9000:2156:1600:6:9280:1080:93a1
2600:9000:2156:4000:1b:5138:8a40:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9c
2a02:26f0:6c00::210:ba0b
2a02:6ea0:c700::2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.120.154.132
3.122.214.165
3.126.56.137
3.213.248.174
3.68.168.178
34.240.183.205
34.241.115.67
34.254.143.3
34.98.64.218
35.156.135.60
35.190.16.14
35.227.248.159
35.244.174.68
37.157.4.29
37.157.5.73
37.157.6.247
37.157.6.252
46.19.11.36
51.77.65.176
52.19.142.33
52.19.78.71
52.211.146.69
52.215.102.174
52.218.118.80
52.223.40.198
52.239.232.68
54.36.109.156
54.78.108.238
63.35.87.185
69.173.144.139
77.243.60.138
80.82.217.92
85.114.159.118
85.90.245.27
88.99.214.77
93.90.206.61
02807ddfc207f8bebcf48bb3bcc4b5b24443245cb1f5d13d8358ace71f35c20a
05399a97465dbfd9fdad187023d3398664bb110b7ee6f59559f25f68d1112947
06dc0d91b07e0506364d4ae864bb817e6125b4cef0d48fd82d439e898e8c60ae
078316556d1ea20ac469d50ac1313f3837b5d00001e6cce069d3fb1a0c5e96c9
0a45ea61ec46130e3a6ee9cbced04d51f52d3bf7be442b776718d152e1a6fe15
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b5b87c980c6ad00c093521b9ad9e45e75d3feedcf90cf70874864a4b321cbc5
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0c67479abb64a499bf624ccac92a3c813fb2630e8d8a81325ddda62231e0da82
0c9ee4fdedcbb6ad92f4b04203eebe54206f6a0e3d3d0573af91b592d6213eab
0d90995269315242539c67f5aaa4d1845a7703e1869d45bfe28b1f260e514ded
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11eb8a5c07871ec5540cf7724f99669c0872dc9d42ce462c52ebe5d2c7db5d90
1209d77855724a24ef3e4391b6820edfa6055766915f19c31170cb304290e833
1505d58f4f98e920029a243d66fc9ae368cd206ad776f859e72eb0f6ec7a2658
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
1ffdedc21b585655885ef4f2ef299d6d7388b0d24b5254f29713767665770158
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
231299ebbbc92dc45a3cd9700ef4bff0c10d307f903d35ef4716146a62f40d31
27514863c6aba98470374f94dab474ff13511e727f0f4271195f220c47385cee
28a02e821466fe4f2e6bb7062c3ca6c9ec84287505d81d640f6e311d0f62e544
28d166edeac9c9678740436619af0e7f624944dfe33044078595f049ebf0626e
2a0bf9365234106a3df5c55d7180577255200be17ed591013f08f4cf56078106
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c3c9a77a061dc645fa3084b964bce8e8880f002fc4131e23bc3be7bfec1061
383a9878a15ced7cbc9067d7df5398ff1046be7c61cbedfbf843623470f681ef
3944efd7e4e5bda036f898b0eff195390ebb7bac69588c61b242a135e1b01ef1
3bf32e5c803aea454ce4120293f7aed6c5dc33efd6f88855cb40adfa6f46f9b6
41845eade630e030c4009cbcdcdcbf28424b8c43b3e3fccf89b5bae69b10cab4
41fca96ec6e235b3dcff4bc97f90e036a6063d578eeec6a8a035f31e3b78eccb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b20cdee3e0928113e52b5f47160a4519898c94f0ec2f8e3b843877ec59bbfab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b649d17f3d7a8ab0f74ffcc25134664ac9c481bab977fb700df2c844dfebdac
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51b909f3c39c4a74aef028e78bae8714d2dc233864c83a1bf9581d3ddb947082
53151b27d3fe0aee685683cbe17655b3211283291e189219412694165053950e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
597a6317675c478966b8c116b051aab667384bb6c74720d86cf026338d0d5e34
5be438eaa50c4f307373cb60e784ca61a583b0833d75c9e555aa69a161b94188
5cdb092fb9de6b7622f5ff47b1260b4958c5e9884a3c87eb6d5f40c682e8cd77
5ed9e9d957a4d5501bc133a57c9fce04a7f8d16b444b2b6a25e8de2a6decbb64
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61847304339fb69360e0213db76c2eb1fc68fa4626a5b9919b2fe7fbb670f91d
64a2b5ad446a2647712d60a930f2c237587c505682ca04e5601110909bd1abd8
665c9e17cbf7805a04cae6c8c7fc50927eb63f6658a4cdcad23bcf43cfce6a33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c1ea6271c36d2ccdf1d2da4ff7b901382e08420026579dab60be8d433076d3b
6ea73e867471e61734d77e381e5110efccc887e97e86953d1157be7d455cd3b2
6f9142887fe8a25c736700c28b55830afd32b88b1bac357cea778ae8a257bf89
745c3792deda85051c00a846cdb22e9ae652ed4689f7ff6534799d78ceba0a4c
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
7705a2a83ae73b7228735c72e017b51b5b8521129bdcbabe79728976d749b3db
79f1f2ac457d293d5f391f2ea8f6f9201c26da424dbea3d2b798796f05e69798
7a367a391a2a9b0021113bc350629ea056b9dc46c5ac7f8832d303998f40de26
7e634f731923bd14d1cd08e4c01f37e8539f911751e67b4ce943178f3ab92964
7ee5d5c39b6cb534bea686be729a6d8eeb9c1d6d31c7e667dd36586cba82bae4
7ef952d1e14f1312ee0e870a3836639640090ddef88a752d0f49fb1dcf41b0e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839fefbdb2b03b89119c6dc1ff9d6c66dd10fe2835cef596fd37b5da6346a091
87f28dc9b0006ea0e2a93f2230d241a814ba15d4dabe2b207440e6ee4a25fddc
88a6fde816b28717ac9014e0c1d93cace2e7822072a6962ff54d3d90771523b0
88ea777c28c6968f779850842ce81426b9a4720252b17c491414c3877c67d21c
8914cd09482b7496bf327639f526b384da9183873289e46a86dbe48963deedc0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4ed4afd776eb5926fe34a60658a50b7144e517e50ad1c7c756b33f39082d0a
8cd2dc444378a4bd4c06f90814c93766cc9a2c70a81250570b61aa7a85b1ded1
8fb31fedd88595031fad6a5a2b2e5b51fe85b61bb8481414f4132437775580fe
8fbbd65998c3565174682d1a80dea049c341bffd0de489693fc68f69d0193692
96138a0a29f44a2b5053c2bbad34dc114ffdcdac779c05e78be5fee11f7e164c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a0226b9e22040f6eeb6f263e74d56da81c7cd19900a7296529fa44d87fe67815
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0843ac69ebc1702b76b63d686c50d51c2ff87e8954f11e20bd2aa5b6f4afa27
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a31038ffb654086a842132ecf4af54c6253834bb9126fbf32d4fee5e67b685c4
a4406468b3e794fccd0a8e07d601e150dc1fda0d792e85b9f13785a2f51d752e
a70afe08e0c4b8b207255f4d8da450b8eeeb6b1e0d29393e7d770815f2f0b809
a91089616f0e25161efb2efb13fdd1767835a8724dd1cc7f971df2f86fc84716
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b052fc6e96bb181cf154d153c7c6e6327ed726408c716428aa549bb3ab11f108
b088d9c8c9d4653ebef16a3ba3eb424928f5e15fe2a7bf671e849cb0b5b54b2a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ee68bebd775f0121e62c53aadb925deebdb19f79952111b0afa853ebf6826a
b20dab8c88aa0b7b0d8abda105f6ff08fb7cd06ec3cf532871734b3bfcb58ebf
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3b04e553ddae6756a8df2b8d05c287096744d5e09f2c24db460d921c807aedf
b7013433e1931b20909c73255d0aa4888c08671cddc71eafb6265087f6087d18
b93392783f8c3940f7d6267a8d16cc48976992f496379dd669b0c5fd9352736b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4402f2da02bf096efbf8dc465cfb290bc3cf52052eda6009de7e8bc21b795b
bcfe8e04f38284480eb9797b45616b25206c047d2e3d14dfad8d9a4124980ac0
bd2694cb9eadc437edd37fb7a2d2df68f829a6910234e5741999698ea649d6f7
c2a99600e5492bff4c8c7f7f3715bdebc310a5196de915b5534dd2bf4e269481
c3bc29b13200918889e84ed615a4975b5e735851637fc1d330d258e95cc515de
c3f2ab52b3d6c9aa91f70abee6b043536572dbd61df0a4692fae2ea3fa370ae6
c480de58f48b0f6a9a60e3babb0685dad925029863e979e2d65de6acef66e5d7
c7c8d61d7bf271f8bec16e596eea722269fc0d437e9d97514de7f6b571b90eaf
c7f135b68d38c9176e535083076f30e534ae7c0e22b4e441b6577ab69947602c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbe2fb7771425ce457a50d2d6433f7e1773f502cc8464ad93ec61bc1a25bfd9d
cc38dd34bef7c2328f4e6af8ee0c7c1d63989addc8f6ae3774648835fea79378
cc4d6ac1638f8a7464dc98f643bd3502dec0fdb86d4c8fb5df0b66fe39139874
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33846530edc2da1abbf19b8264d40287170bd90178ac75c517b6c715abb36a2
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de518464e7f9cf3679e05c4fbd7e1ece765544fd8d4c834f05710275aaac1f31
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e1b2760c90fb1c2fb88f2580c61fbbf5971bf1b56b302e673c0bf3af71176795
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4b3fbfa5d3f9064b7a0e4a30b9bbff6efd0e80cda7d0fd78f3b4826302e56
e7b2df78ad81bcea1b6105f65c8d5c9ba1fe6ea04f28482bd4a815ff3772712b
e976c2a1f5b7232f9059a62e4119e2e51a5910e72ac70897a16c95b3ea1a95f0
ec22ebed27d1fcb5cbf3dccb8f1f35d6cdece4db6fe2a02114572a9683f6e9b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ed18c3388b389184887a08a7957f5f5b8e8af344c0889cb82da2efe21e0163
f4e4b2d52bf0f106ab135f3fb62bff84afd9a891b437f012c739f07da8d9ea46
f565c417645339fadd3f9be2c40b4ba791405064c1e6a434ea3dc8dfa4cf6b35
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7e2c0a599f33b8dd7324284ef0a33c0c54f934ae8d754e3c0cc60aea63c53f1
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.bonitas.co.za Open in urlscan Pro 102.133.154.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

83 %HTTPS

23 %IPv6

72 Domains

92 Subdomains

69 IPs

10 Countries

17424 kBTransfer

22889 kBSize

107 Cookies

6 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bonitas.co.za Open in urlscan Pro
102.133.154.32 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

83 %
HTTPS

23 %
IPv6

72
Domains

92
Subdomains

69
IPs

10
Countries

17424 kB
Transfer

22889 kB
Size

107
Cookies

178 HTTP transactions
0 data transactions