Submitted URL: http://bonzi.sh/
Effective URL: https://bonzi.sh/
Submission: On December 16 via manual from US — Scanned from US

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 104.21.96.1, located in and belongs to CLOUDFLARENET, US. The main domain is bonzi.sh.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time bonzi.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.96.1 13335 (CLOUDFLAR...)
4 172.67.197.50 13335 (CLOUDFLAR...)
1 2a03:9ba0:203... 209082 (SWLINES S...)
1 2a02:6ea0:e20... 60068 (CDN77 Dat...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.67.71.214 13335 (CLOUDFLAR...)
20 6
Apex Domain
Subdomains
Transfer
9 bonzi.sh
bonzi.sh
950 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 8761
570 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
cloudflareinsights.com — Cisco Umbrella Rank: 591
7 KB
2 uptimerobot.com
api.uptimerobot.com — Cisco Umbrella Rank: 412737
2 KB
1 icons8.com
maxst.icons8.com — Cisco Umbrella Rank: 27957
17 KB
1 railmiles.me
public.railmiles.me
8 KB
20 6
Domain Requested by
9 bonzi.sh bonzi.sh
4 rsms.me bonzi.sh
rsms.me
2 cloudflareinsights.com static.cloudflareinsights.com
2 api.uptimerobot.com bonzi.sh
1 static.cloudflareinsights.com bonzi.sh
1 maxst.icons8.com bonzi.sh
1 public.railmiles.me bonzi.sh
20 7
Subject Issuer Validity Valid
bonzi.sh
WE1
2024-11-04 -
2025-02-02
3 months crt.sh
rsms.me
WE1
2024-10-19 -
2025-01-17
3 months crt.sh
*.railmiles.me
E6
2024-11-24 -
2025-02-22
3 months crt.sh
1454623486.rsc.cdn77.org
E6
2024-11-11 -
2025-02-09
3 months crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
uptimerobot.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bonzi.sh/
Frame ID: 51539061F633E0A7C0107E6D35B6D427
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

bonzi

Page URL History Show full URLs

  1. http://bonzi.sh/ HTTP 307
    https://bonzi.sh/ Page URL

Detected technologies

Overall confidence: 80%
Detected patterns
  • <body[^>]+govuk-template__body
  • <a[^>]+govuk-link

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

1554 kB
Transfer

1804 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bonzi.sh/ HTTP 307
    https://bonzi.sh/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bonzi.sh/
Redirect Chain
  • http://bonzi.sh/
  • https://bonzi.sh/
14 KB
4 KB
Document
General
Full URL
https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4260870568d5dd1d2842a0dbf271f013e95e016df8fc4554426c93abd2a980ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f31b835fca608ae-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 Dec 2024 21:20:49 GMT
link
<https://rsms.me/>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSSfoj5gPylXTitczfTG8xRCteHPS%2B%2FgLCL%2FkekzXozCktGPTIFRdBH7WGHsBi6OZJcDnre4xefkCqgEO5EQkH%2BxpumitPlVj%2B3XpNoQS68i6NCMnRhSaKcplw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Location
https://bonzi.sh/
Non-Authoritative-Reason
HttpsUpgrades
govuk.css
bonzi.sh/assets/css/
132 KB
16 KB
Stylesheet
General
Full URL
https://bonzi.sh/assets/css/govuk.css
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92487f8fe1a8c16db4b5aeace0f1f5fca78ba50a09d35cb10204c057e805eb3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"7579c21ca8fad869f9fe508404b06f92"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Sq2JFyZibUnvUbIRochCJ%2Bnay40rg5J9mqGSlNLLjijJWSfOe5x%2BOpzdbbNYJbozt7LapNIBGpwmYYHCBojrH38YSWTAaNwPE65I8bxgtS2JH0ZLr9%2Fe4u8ag%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f31b837fcba08ae-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
inter.css
rsms.me/inter/
11 KB
2 KB
Stylesheet
General
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

x-fastly-request-id
483161146863c1e617b132aa35efcf48d2f19682
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6737eec5-2ce9"
age
369
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbhfaIEntM2PdeDw0DTr9YjW0e1icgYQcL6O%2FW6X9FQixAxQNHsda30aNPB8XhADVNEhMydBSUfspyQy0OZPlVDZPxOUoEC1C0ckR4APCHmMAu5YP5Bj2tOK"}],"group":"cf-nel","max_age":604800}
x-github-request-id
71FD:1110:15FFB6:16695C:673CE147
expires
Tue, 19 Nov 2024 16:18:10 GMT
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=58758&min_rtt=58644&rtt_var=22073&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4101&recv_bytes=4263&delivery_rate=53265&cwnd=12000&unsent_bytes=0&cid=7c387a3146b80563&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-bur-kbur8200146-BUR
x-cache-hits
1
last-modified
Sat, 16 Nov 2024 01:00:53 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1732625123.090989,VS0,VE1
via
1.1 varnish
cf-ray
8f31b8386fac2939-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
1305
x-origin-cache
HIT
server
cloudflare
custom.css
bonzi.sh/assets/css/
563 B
841 B
Stylesheet
General
Full URL
https://bonzi.sh/assets/css/custom.css
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b60db1dec746d5f06f52d772cd6fe60089132111429181e954a675ba08f058
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"9a26aacb225b17024f8cbe2d193dbd6e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kp0lqvBnef3AYhlRVBOs8YKsySsuwnuTueB23JrsI17UlThLvn21Gu6n0BDWqlWYtXn6mUqdhPXF0yqaD4cIQvhL73AiAwTENbQx0w%2BOWCwZepx6UtznT4EEwA%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f31b837fcbb08ae-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
rocket-loader.min.js
bonzi.sh/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://bonzi.sh/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
etag
W/"675318bd-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvOSfsMxyJwS4ZHtfWWjkS4%2FCTAeHQRaPnlN6hWqA%2B%2BGurFP4D57BpfT6gUp2yW6O%2F62yBG74Q3L%2Bhi6kPurDdoCnzUmFaMBBAmu8%2FHzwzQxyPtR6wmK4tvSaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f31b837fcbc08ae-LAX
expires
Wed, 18 Dec 2024 21:20:49 GMT
date
Mon, 16 Dec 2024 21:20:49 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
4576eb22ec01b69628c1b6aa44820e64.png
public.railmiles.me/signatures/
7 KB
8 KB
Image
General
Full URL
https://public.railmiles.me/signatures/4576eb22ec01b69628c1b6aa44820e64.png
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9ba0:203:16::16 , United Kingdom, ASN209082 (SWLINES Swlines Ltd, GB),
Reverse DNS
Software
nginx /
Resource Hash
36d1b2e3837f3162787b046f47db812a97a2b4c9e1848858ab8f4ef00724ef3c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

transfer-encoding
chunked
cache-control
max-age=1800, s-maxage=2700
content-encoding
gzip
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
image/png
vary
Accept-Encoding
server
nginx
x-frame-options
DENY
line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/
105 KB
17 KB
Stylesheet
General
Full URL
https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4716ecc4c3d6816c0cce4e62bd854fa32c81f9ced9eccd36d009723879e27fea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

access-control-max-age
1728000
content-encoding
gzip
etag
W/"1a57e-m/ufJj2eAiPapDT36d69nG4R6Hc"
x-77-cache
HIT
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-77-nzt-ray
0f63d419e1708615b29960673fb6660e
last-modified
Mon, 20 May 2024 09:42:57 GMT
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=15724800; includeSubDomains
x-77-nzt
EgwBbT1b5QHXlZ0SAQwBnJI76AH3dT4AAA
cache-control
max-age=315360000, public
access-control-allow-credentials
true
access-control-allow-origin
*
x-77-pop
ashburnUSVA
x-77-age
17997205
server
CDN77-Turbo
openmoji.css
bonzi.sh/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://bonzi.sh/assets/css/openmoji.css
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdcbfbc6dd8cde998711ab2a5b3c6c3e26bf3f4dda491fc074c71ca6738ac9c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"537c83b79eb8b2d18c79bab5ba5fa451"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5NPu9TEbKvAfhQrqZSHFn2G5%2FFGoGKxej%2Bnt4Ly7X2cN67u5TeQSaOd%2FlB9F17O5vyP4RJ5Gg8R2%2B%2BHv9f%2BH07b%2FIcstrG1HN3COKLoLu99cgTVz4F%2B%2Fm3vfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f31b83a6ce608ae-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
email-decode.min.js
bonzi.sh/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://bonzi.sh/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
etag
W/"675318bd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULrOpzipiw%2BWcoMIIoa%2F5luoLuXNkcUnRXmbW6rpskw0PDcTRvTuLUwCbBDsqGObq3EXzHcIH4tAFDNa2CNgrhAq3jhvcQAjITJLPzvGHkTPDhg1O%2BeUDSnj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f31b83a6ce708ae-LAX
expires
Wed, 18 Dec 2024 21:20:50 GMT
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
Inter-Bold.woff2
rsms.me/inter/font-files/
112 KB
113 KB
Font
General
Full URL
https://rsms.me/inter/font-files/Inter-Bold.woff2?v=4.1
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa888127b6da015b65569f0351f3b5c391ad928904951f1c20e9f8462a8d95ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bonzi.sh
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
ea359fdab73189672c6a8807ee60b19b82b2346b
cf-cache-status
MISS
etag
"6737eec5-1c098"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPxJUyOIPQtM43VMo%2B8iWVIB%2B4qTnJ899z4vqdntEl76LfkBfvkX%2BWA4e34wAbERp%2Fr5j8wFoX1M7p%2FrrTbIa%2FfTDL5xcIkSE6V%2By7XR4r0U9Q1BdxbfJ5Tl"}],"group":"cf-nel","max_age":604800}
x-github-request-id
9F4D:3026BF:623109:649B32:67580492
expires
Tue, 10 Dec 2024 09:16:18 GMT
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=59549&min_rtt=59538&rtt_var=22348&sent=18&recv=8&lost=0&retrans=0&sent_bytes=13527&recv_bytes=4708&delivery_rate=24305&cwnd=12000&unsent_bytes=0&cid=073a059cf1b3586d&ts=78&x=1", cfExtPri, cfHdrFlush;dur=57
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
font/woff2
x-served-by
cache-lax-kwhp1940126-LAX
x-cache-hits
15
last-modified
Sat, 16 Nov 2024 01:00:53 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1734384050.417722,VS0,VE1
via
1.1 varnish
cf-ray
8f31b83b08027bcb-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
114840
x-origin-cache
HIT
server
cloudflare
Inter-Regular.woff2
rsms.me/inter/font-files/
109 KB
110 KB
Font
General
Full URL
https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.1
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06f6b1bc553aaea4e4668023ed0ab0a147129c3107f511bc7d03d361b0ae085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bonzi.sh
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
4781e5dbf7d5717333137e45f59a2a452fc54a14
cf-cache-status
MISS
etag
"6737eec5-1b2a4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxpiMFidpx8n5OgMJQ0gXRHrTrtBXqB1SQS7cBCraYDdbuGvhyw%2FvaQBaGaVVXIBNF9VODwlrfK9h2n53GQwd4ulz2pw6nGc1ENsda5TrZJJZNInrbZ8pq73"}],"group":"cf-nel","max_age":604800}
x-github-request-id
3F4C:199F54:280EA8:2966DD:673DF105
expires
Wed, 20 Nov 2024 14:34:05 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=59549&min_rtt=59538&rtt_var=22348&sent=8&recv=8&lost=0&retrans=0&sent_bytes=2109&recv_bytes=4708&delivery_rate=24305&cwnd=12000&unsent_bytes=0&cid=073a059cf1b3586d&ts=76&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
font/woff2
x-served-by
cache-bur-kbur8200041-BUR
x-cache-hits
11
last-modified
Sat, 16 Nov 2024 01:00:53 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1734384050.414526,VS0,VE0
via
1.1 varnish
cf-ray
8f31b83b08047bcb-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
111268
x-origin-cache
HIT
server
cloudflare
InterVariable.woff2
rsms.me/inter/font-files/
344 KB
345 KB
Font
General
Full URL
https://rsms.me/inter/font-files/InterVariable.woff2?v=4.1
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693b77d4f32ee9b8bfc995589b5fad5e99adf2832738661f5402f9978429a8e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bonzi.sh
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
9f922f5e03ecdb8c34b2c9c0885e2e4225876b18
cf-cache-status
MISS
etag
"6737eec5-55ff0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TD%2BjHlP9r0TGxyj0djgsLb2YCB7ZllkP3FdAobPdPYclvcBR%2FiLem4TMyvtApp%2FKAdGB4laeqSiPWzP7AdXk8gtzP1kqjaFvbKW0NwQL0R8KHszggVptk5U7"}],"group":"cf-nel","max_age":604800}
x-github-request-id
6D52:3FD0ED:135C5C:1405CF:674F35A6
expires
Tue, 03 Dec 2024 16:55:27 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=59549&min_rtt=59538&rtt_var=22348&sent=18&recv=8&lost=0&retrans=0&sent_bytes=13527&recv_bytes=4708&delivery_rate=24305&cwnd=12000&unsent_bytes=0&cid=073a059cf1b3586d&ts=80&x=1", cfExtPri, cfHdrFlush;dur=55
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
font/woff2
last-modified
Sat, 16 Nov 2024 01:00:53 GMT
x-served-by
cache-lax-kwhp1940132-LAX
x-cache-hits
8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1734384050.417742,VS0,VE0
via
1.1 varnish
cf-ray
8f31b83b08037bcb-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
352240
server
cloudflare
OpenMoji-color-glyf_colr_0.woff2
bonzi.sh/assets/woff2/
917 KB
918 KB
Font
General
Full URL
https://bonzi.sh/assets/woff2/OpenMoji-color-glyf_colr_0.woff2
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/assets/css/openmoji.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab37751d987fb12d61bd5f7726acebaffe26995229de8e3c0bddacbbd2d092ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bonzi.sh
Referer
https://bonzi.sh/assets/css/openmoji.css

Response headers

cf-cache-status
MISS
etag
"43ae8b59a2a2f4215bb3195f86976542"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tao8%2FSXhV3iuRipz2H%2Fvc4dURVZmCqeoEXoy4BnaoKBVNQXUIK1ztWn6Guk%2FJbYniEf2bm7e89TJi81b8DYbmo4aqtGB0xPwyqmk9syrEPWakGIApDBKRpUF8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f31b83bed0b08ae-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
939064
server
cloudflare
beacon.min.js
static.cloudflareinsights.com/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f31b83cbf3f102d-LAX
access-control-allow-origin
*
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
custom.min.js
bonzi.sh/assets/js/
2 KB
2 KB
Script
General
Full URL
https://bonzi.sh/assets/js/custom.min.js
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd064c6a57f34af92eb851025d57731c9e552ba0ba6933edd7154915cbc2cad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"3c9d3ab0d516f2345c4260f6a8431fb1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1iR7%2Bq%2BXd5mzkqsmPZCwlsJZn4isptCaFdSyeL95JlYm2oaNEtY085LEn6RkVRuOgdh4uplwDxHGhzTWmRMmm3w%2F0rau6WUNFJYTIlZh26BlywU9NJWULwd%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f31b83bed0c08ae-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 21:20:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
getMonitors
api.uptimerobot.com/v2/
973 B
1 KB
Fetch
General
Full URL
https://api.uptimerobot.com/v2/getMonitors
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/assets/js/custom.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b79348251dc8e15c4774900203730e73f62065a0434fb14b703d81d22bac32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://bonzi.sh/

Response headers

x-robots-tag
noindex, nofollow, nosnippet, noarchive
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"3cd-F5DJPpdAmu6Zt560kSvXi8oxxRY"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHG7Anf%2B0mpE00jdbiymUYEi3xJ9UnpJxQZ4sJK8l5Dlmj2fQFe35NT5u9i7GrE%2FehJIExkIZX3%2B2dnWE32ppWNZH1WsrNKy0LiGPjZU5L27%2Bfc7UjYk%2FoGMNjLfLwwmj3whZ7w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=58509&min_rtt=58312&rtt_var=9346&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4279&recv_bytes=4919&delivery_rate=335&cwnd=12000&unsent_bytes=0&cid=ecacae3926f1b62b&ts=249&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 21:20:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
content-security-policy
frame-ancestors 'self'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
x-ratelimit-reset
1734384111
referrer-policy
strict-origin-when-cross-origin
x-ratelimit-remaining
9
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
8f31b841c8740929-LAX
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-ratelimit-limit
10
server
cloudflare
getMonitors
api.uptimerobot.com/v2/
330 B
1 KB
Fetch
General
Full URL
https://api.uptimerobot.com/v2/getMonitors
Requested by
Host: bonzi.sh
URL: https://bonzi.sh/assets/js/custom.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4857fa47bd051b7c51b6700a6a5bf7db061667190a1f75b2553d5afec6054e76
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://bonzi.sh/

Response headers

x-robots-tag
noindex, nofollow, nosnippet, noarchive
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"14a-Kikq8q4SyvUQZWDIZpkkpU9lzco"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5krT7yWyMvceSS%2B4eTLu9nZ5kJlA3kXadHb8bzqzPputHyN7yqdlQsQ4YzmHPBQst7zgKiBAhr2pbdd9RW6ncmGpu54SOPkuMOq%2F64M06kO3g%2F7mR1kFfZr8oWAG4Ryasuj4sE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=58509&min_rtt=58312&rtt_var=9346&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5649&recv_bytes=4919&delivery_rate=335&cwnd=12000&unsent_bytes=0&cid=ecacae3926f1b62b&ts=250&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 21:20:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
content-security-policy
frame-ancestors 'self'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
x-ratelimit-reset
1734384111
referrer-policy
strict-origin-when-cross-origin
x-ratelimit-remaining
9
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
8f31b841c86c0929-LAX
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-ratelimit-limit
10
server
cloudflare
favicon.ico
bonzi.sh/
14 KB
4 KB
Other
General
Full URL
https://bonzi.sh/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa64914d02f8c3619b5b015671b75c39f19ec1197e4392e43792f39d33e636f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bonzi.sh/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2F1wg%2Bcdk%2FpQNkfbpNiYQXeNYa2Qa91WpyU5S6%2FHAi1aKqN%2BGxpi7WURIQJ5i%2FSiszgsiCWsTy4FYKSB0yHoGz4T737Twyl0rIE6xM5tL%2BYc2pMRMOjhYpVnHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f31b8411d1d08ae-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 21:20:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 16 Dec 2024 21:20:51 GMT
rum
cloudflareinsights.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://bonzi.sh/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8f31b8428df7cb7d-LAX
access-control-allow-origin
https://bonzi.sh
date
Mon, 16 Dec 2024 21:20:51 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bonzi.sh
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://bonzi.sh
access-control-max-age
86400
cf-ray
8f31b8422c8bcb7d-LAX
content-encoding
gzip
content-type
text/plain
date
Mon, 16 Dec 2024 21:20:51 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR function| getStatusClass function| uptimeRobotStatusConvert function| formatUnixTimestamp function| fetchWithRateLimitHandling function| isRateLimitedResponse function| statusFetch boolean| __cfRLUnblockHandlers object| __cfBeacon

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.uptimerobot.com
bonzi.sh
cloudflareinsights.com
maxst.icons8.com
public.railmiles.me
rsms.me
static.cloudflareinsights.com
104.21.96.1
172.67.197.50
172.67.71.214
2606:4700::6810:4f49
2a02:6ea0:e200::17
2a03:9ba0:203:16::16
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
36d1b2e3837f3162787b046f47db812a97a2b4c9e1848858ab8f4ef00724ef3c
4260870568d5dd1d2842a0dbf271f013e95e016df8fc4554426c93abd2a980ca
44b60db1dec746d5f06f52d772cd6fe60089132111429181e954a675ba08f058
46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441
4716ecc4c3d6816c0cce4e62bd854fa32c81f9ced9eccd36d009723879e27fea
4857fa47bd051b7c51b6700a6a5bf7db061667190a1f75b2553d5afec6054e76
693b77d4f32ee9b8bfc995589b5fad5e99adf2832738661f5402f9978429a8e3
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
92487f8fe1a8c16db4b5aeace0f1f5fca78ba50a09d35cb10204c057e805eb3c
ab37751d987fb12d61bd5f7726acebaffe26995229de8e3c0bddacbbd2d092ba
b0b79348251dc8e15c4774900203730e73f62065a0434fb14b703d81d22bac32
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdcbfbc6dd8cde998711ab2a5b3c6c3e26bf3f4dda491fc074c71ca6738ac9c9
cfa64914d02f8c3619b5b015671b75c39f19ec1197e4392e43792f39d33e636f
e06f6b1bc553aaea4e4668023ed0ab0a147129c3107f511bc7d03d361b0ae085
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd064c6a57f34af92eb851025d57731c9e552ba0ba6933edd7154915cbc2cad
fa888127b6da015b65569f0351f3b5c391ad928904951f1c20e9f8462a8d95ea