urlscan.io logo urlscan.io
SecurityTrails logo

track.bobgo.co.za Open in urlscan Pro
2600:9000:214f:8800:15:b808:9900:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://track.bobgo.co.za/DETTZMWFZ
Submission: On October 31 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 16 HTTP transactions. The main IP is 2600:9000:214f:8800:15:b808:9900:93a1, located in United States and belongs to AMAZON-02, US. The main domain is track.bobgo.co.za.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 2nd 2023. Valid for: a year.
This is the only time track.bobgo.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2600:9000:214f:8800:15:b808:9900:93a1 (United States)

ASN16509 (AMAZON-02, US)
track.bobgo.co.za
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:206f:3000:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)
ik.imagekit.io
1    13.244.38.63 (Cape Town, South Africa)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-244-38-63.af-south-1.compute.amazonaws.com
api.bobgo.co.za
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 bobgo.co.za
track.bobgo.co.za
api.bobgo.co.za
271 KB
2 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22793
27 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1003 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
80 KB
16 11
Domain Requested by
3 track.bobgo.co.za track.bobgo.co.za
2 ik.imagekit.io track.bobgo.co.za
2 connect.facebook.net track.bobgo.co.za
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.facebook.com track.bobgo.co.za
1 www.google.de track.bobgo.co.za
1 www.google.com track.bobgo.co.za
1 googleads.g.doubleclick.net www.googletagmanager.com
1 api.bobgo.co.za track.bobgo.co.za
1 www.google-analytics.com track.bobgo.co.za
1 fonts.googleapis.com track.bobgo.co.za
1 www.googletagmanager.com track.bobgo.co.za
16 12

This site contains links to these domains. Also see Links.

Domain
www.bobgo.co.za
Subject Issuer Validity Valid
bobgo.co.za
Amazon RSA 2048 M01		 2023-02-02 -
2024-03-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-09 -
2023-11-07		 3 months crt.sh
*.imagekit.io
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://track.bobgo.co.za/DETTZMWFZ
Frame ID: 90715E2C4971C49D86F5AFB39C35FD7E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bob Go - Track my parcel

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

16
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

13
IPs

3
Countries

524 kB
Transfer

1688 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DETTZMWFZ
track.bobgo.co.za/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:8800:15:b808:9900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
591d9c72a172ace054c039bdba8424acc9ac6f10d81ec455d6e64c8c13ed9f80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25195
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Tue, 31 Oct 2023 04:37:41 GMT
etag
W/"b11373680c7c5e96ef035a6bed24a98b"
last-modified
Mon, 02 Oct 2023 07:50:22 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-id
mHz6wxwTQIHnnBr5bL5Dc6wfhWkbwotE7F5AlWaWbfUXRjak3q6A1Q==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
js
www.googletagmanager.com/gtag/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-958279024
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
716dd53b363ed6f9c1104e124737ef0926444e889ab1724ca592720f3d8a2139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 11:21:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81612
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Oct 2023 11:21:40 GMT
main.43e5b6af.js
track.bobgo.co.za/static/js/ 		967 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.bobgo.co.za/static/js/main.43e5b6af.js
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:8800:15:b808:9900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea661d18db71dfbcdff1011e9d9ce9a0fe42a0e73564a893ed66cc03cd5fd8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/DETTZMWFZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:18:15 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 07:50:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
21806
x-amz-server-side-encryption
AES256
etag
W/"bc64e204fc5b20bbf811119bc0987b64"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
WJrOA5Sk8k2ajYfNRvEa5Gn4P0UHvAffRub0C3AL179scLR_DEm9vg==
main.74c8ec39.css
track.bobgo.co.za/static/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://track.bobgo.co.za/static/css/main.74c8ec39.css
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:8800:15:b808:9900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db6d90a8a7788270964586d5fab48812472c6f110486c573b9bd92c3dd602b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/DETTZMWFZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:18:13 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 07:50:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
24544
x-amz-server-side-encryption
AES256
etag
W/"8a1ebcde0401222668e98870e26b5aa2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
in9rZxniLXqm2OW4vcAQ5rHx0TG29vNMurmwHOr_ene4QvIm2l__xw==
css
fonts.googleapis.com/ 		4 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,600&display=swap
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23767dc3d09110daa704af183ae76931ab094c0e5278c1508914c7291749a679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://track.bobgo.co.za/
Origin
https://track.bobgo.co.za
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 11:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:21:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 11:21:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 31 Oct 2023 11:21:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
LJiQg/1OxZpKiAU/lyDsOne+HUNXefP95y0Df67Wxh1BeJar2QF++y4yFWNlLKccPKvZD3N1pHFFK8KW8ssE8w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/static/js/main.43e5b6af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 09:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5518
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 31 Oct 2023 11:49:42 GMT
bobgo_logo_smart_shipping_black.png
ik.imagekit.io/z1viz85yxs/prod-v3/bobgo/corporate-identity/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/z1viz85yxs/prod-v3/bobgo/corporate-identity/bobgo_logo_smart_shipping_black.png
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4427d63cdfd132d4daaf7f1d5b59762a6e136187c8448f685d35a04d272605ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 04:19:55 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
111705
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16336
x-request-id
3a0d9567-aefe-47cf-8e88-d42e186e8d36
last-modified
Mon, 25 Sep 2023 17:09:21 GMT
etag
"6087661a658c787c9d1bfebe672e9f28"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
timing-allow-origin
*
access-control-allow-headers
*
x-amz-cf-id
L2x2NJ7V0LvUmL2LjrNHO_2lahZIp5NzUgTepPYtnvCrN6eK3-1VbQ==
614929387177605
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/614929387177605?v=2.9.135&r=stable&domain=track.bobgo.co.za
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae951bc6f6b396431f224cadfd9b1e8a45c072cbc75b63bb4471f2f17c43df78
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 31 Oct 2023 11:21:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
UZF9ls3z/7espxHV2isGkS68G5azGbmlLjFJ2yyuiEYeSY3VS5peuH0wr/8n1l5ZAeQEqrwJ4stng9jSanIEuA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking
api.bobgo.co.za/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bobgo.co.za/tracking?tracking_reference=DETTZMWFZ
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/static/js/main.43e5b6af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.244.38.63 Cape Town, South Africa, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-244-38-63.af-south-1.compute.amazonaws.com
Software
/
Resource Hash
7fbba1ba2e09f1bf62810085cbf8aea77ce545854858e8137fd2e6e0d2aeb1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Oct 2023 11:21:40 GMT
bob-go-request-id
6c882ce6-65ea-4ac9-89d8-2dbaaffbea0d
content-length
1416
apigw-requestid
NqhyyjfOifMEJEg=
content-type
application/json
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/958279024/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958279024/?random=1698751300245&cv=11&fst=1698751300245&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9100851289&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrack.bobgo.co.za%2FDETTZMWFZ&hn=www.googleadservices.com&frm=0&tiba=Bob%20Go%20-%20Track%20my%20parcel&auid=56086759.1698751300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-958279024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578a252a57458619dc2d201edd78ccf61df2fb846e11dc97951b1afc64d06b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 11:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/958279024/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/958279024/?random=1698751300245&cv=11&fst=1698750000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9100851289&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrack.bobgo.co.za%2FDETTZMWFZ&frm=0&tiba=Bob%20Go%20-%20Track%20my%20parcel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1764430503&rmt_tld=0&ipr=y
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 11:21:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/958279024/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/958279024/?random=1698751300245&cv=11&fst=1698750000000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9100851289&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrack.bobgo.co.za%2FDETTZMWFZ&frm=0&tiba=Bob%20Go%20-%20Track%20my%20parcel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1764430503&rmt_tld=1&ipr=y
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 11:21:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=614929387177605&ev=PageView&dl=https%3A%2F%2Ftrack.bobgo.co.za%2FDETTZMWFZ&rl=&if=false&ts=1698751300655&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.2.1698751300654.439530121&ler=empty&it=1698751300226&coo=false&rqm=GET
Requested by
Host: track.bobgo.co.za
URL: https://track.bobgo.co.za/DETTZMWFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 31 Oct 2023 11:21:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5995dccf94b4fc380bff5a7316e3a53b79deeb1e71a0aeb4f5499a5379903e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55b86019126e62dd2c57514d19a91a80a25150f142fe13be58a45d43a67f4a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
b15b299f-34fc-4bee-98e1-ce31ac8aa512-detpaklogoRGBnotag.jpg
ik.imagekit.io/z1viz85yxs/prod-v3/account-logos/17802/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/z1viz85yxs/prod-v3/account-logos/17802/b15b299f-34fc-4bee-98e1-ce31ac8aa512-detpaklogoRGBnotag.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7d964eff606631864b0d9547d5c20482088de08c37fe4d1f8b8b658b4719853e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.bobgo.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 11:21:41 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
server-timing
transformation;dur=29,download;dur=239
alt-svc
h3=":443"; ma=86400
content-length
10060
x-request-id
ca1d4f34-2913-401a-a9a5-e4d232a2a8a4
etag
W/"274c-rSXMhajnTRN+9wRdmF+xdjFE/ME"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
timing-allow-origin
*
access-control-allow-headers
*
x-amz-cf-id
kXXq5evg9UK6KRkIcunUoPsP6jyzXrfqM8ke8kyQqzUQ77bALxtxbg==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://track.bobgo.co.za
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:17:59 GMT
x-content-type-options
nosniff
age
407022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:17:59 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| fbq function| _fbq function| gtag object| dataLayer object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| __core-js_shared__ string| raygunUserAgent object| raygunUserAgentData number| raygunUserAgentDataStatus string| RaygunObject function| rg4js object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunErrorUtilitiesFactory function| raygunNetworkTrackingFactory function| raygunViewportFactory function| raygunBreadcrumbsFactory function| raygunCoreWebVitalFactory object| Raygun string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.bobgo.co.za/ Name: _gcl_au
Value: 1.1.56086759.1698751300
.bobgo.co.za/ Name: _ga
Value: GA1.3.12326093.1698751300
.bobgo.co.za/ Name: _gid
Value: GA1.3.1406637993.1698751300
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bobgo.co.za/ Name: _fbp
Value: fb.2.1698751300654.439530121

1 Console Messages

Source Level URL
Text
security warning URL: https://track.bobgo.co.za/DETTZMWFZ
Message:
Mixed Content: The page at 'https://track.bobgo.co.za/DETTZMWFZ' was loaded over HTTPS, but requested an insecure element 'http://ik.imagekit.io/z1viz85yxs/prod-v3/account-logos/17802/b15b299f-34fc-4bee-98e1-ce31ac8aa512-detpaklogoRGBnotag.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bobgo.co.za
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ik.imagekit.io
track.bobgo.co.za
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.244.38.63
2600:9000:206f:3000:15:c281:3500:93a1
2600:9000:214f:8800:15:b808:9900:93a1
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
23767dc3d09110daa704af183ae76931ab094c0e5278c1508914c7291749a679
4427d63cdfd132d4daaf7f1d5b59762a6e136187c8448f685d35a04d272605ef
55b86019126e62dd2c57514d19a91a80a25150f142fe13be58a45d43a67f4a95
578a252a57458619dc2d201edd78ccf61df2fb846e11dc97951b1afc64d06b0b
591d9c72a172ace054c039bdba8424acc9ac6f10d81ec455d6e64c8c13ed9f80
716dd53b363ed6f9c1104e124737ef0926444e889ab1724ca592720f3d8a2139
7d964eff606631864b0d9547d5c20482088de08c37fe4d1f8b8b658b4719853e
7fbba1ba2e09f1bf62810085cbf8aea77ce545854858e8137fd2e6e0d2aeb1f0
a5995dccf94b4fc380bff5a7316e3a53b79deeb1e71a0aeb4f5499a5379903e6
ae951bc6f6b396431f224cadfd9b1e8a45c072cbc75b63bb4471f2f17c43df78
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
db6d90a8a7788270964586d5fab48812472c6f110486c573b9bd92c3dd602b6a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea661d18db71dfbcdff1011e9d9ce9a0fe42a0e73564a893ed66cc03cd5fd8fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629