www.brightermonday.co.ke Open in urlscan Pro
2606:4700::6812:8954 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.brightermonday.co.ke/
Effective URL:
https://www.brightermonday.co.ke/
Submission: On June 10 via manual (June 10th 2023, 6:38:24 pm UTC) from UA — Scanned from DE

Summary HTTP 126 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 23 domains to perform 126 HTTP transactions. The main IP is 2606:4700::6812:8954, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.brightermonday.co.ke.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 12th 2023. Valid for: a year.

This is the only time www.brightermonday.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	2606:4700::68... 2606:4700::6812:8954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:8e37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.164.194 52.222.164.194	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.215.116 143.204.215.116	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	108.138.36.122 108.138.36.122	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.29 18.66.192.29	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 5	3.33.138.253 3.33.138.253	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:237... 2600:9000:237d:8800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
126	35

31 2606:4700::6812:8954 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.brightermonday.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:8e37 (United States)

ASN13335 (CLOUDFLARENET, US)

i.roamcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.164.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-164-194.cdg52.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-116.fra53.r.cloudfront.net

lib.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.36.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-122.muc50.r.cloudfront.net

sgqcvfjvr.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-29.muc50.r.cloudfront.net

artemis-cdn.ocdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.138.253 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ae6bee98fe393bd2a.awsglobalaccelerator.com

events.ocdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	brightermonday.co.ke 1 redirects www.brightermonday.co.ke	606 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 154	163 KB
15	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 121 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 248 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 362	188 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 412	160 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	200 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1005 c.clarity.ms — Cisco Umbrella Rank: 1563 q.clarity.ms — Cisco Umbrella Rank: 8837	27 KB
6	ocdn.eu 1 redirects artemis-cdn.ocdn.eu — Cisco Umbrella Rank: 55356 events.ocdn.eu — Cisco Umbrella Rank: 39454	8 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 390 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6569	5 KB
5	roamcdn.net i.roamcdn.net	55 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	3 KB
4	onet.pl lib.onet.pl — Cisco Umbrella Rank: 46060 sgqcvfjvr.onet.pl — Cisco Umbrella Rank: 49726	59 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 386 c.bing.com — Cisco Umbrella Rank: 252	15 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3028 adservice.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	135 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	192 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	979 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1007	377 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 942	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5056	408 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2001	16 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 671	295 B
126	23

	Domain	Requested by
31	www.brightermonday.co.ke	1 redirects www.brightermonday.co.ke
15	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com tpc.googlesyndication.com 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	cdn.cookielaw.org	www.brightermonday.co.ke cdn.cookielaw.org www.datadoghq-browser-agent.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com www.brightermonday.co.ke
6	s0.2mdn.net	www.brightermonday.co.ke s0.2mdn.net
6	securepubads.g.doubleclick.net	www.googletagservices.com www.datadoghq-browser-agent.com www.brightermonday.co.ke
5	events.ocdn.eu	1 redirects www.brightermonday.co.ke www.datadoghq-browser-agent.com
5	i.roamcdn.net	www.brightermonday.co.ke
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	px.ads.linkedin.com	3 redirects
3	sgqcvfjvr.onet.pl	lib.onet.pl
3	www.googletagservices.com	www.brightermonday.co.ke securepubads.g.doubleclick.net 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.brightermonday.co.ke
2	googleads4.g.doubleclick.net	www.brightermonday.co.ke
2	googleads.g.doubleclick.net	5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	q.clarity.ms	www.datadoghq-browser-agent.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.googletagmanager.com	www.brightermonday.co.ke www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	s0.2mdn.net
1	fonts.googleapis.com	s0.2mdn.net
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	www.datadoghq-browser-agent.com
1	snap.licdn.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	artemis-cdn.ocdn.eu	lib.onet.pl
1	www.google.de	www.brightermonday.co.ke
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	lib.onet.pl	www.googletagmanager.com
1	www.datadoghq-browser-agent.com	www.brightermonday.co.ke
1	geolocation.onetrust.com	cdn.cookielaw.org
126	39

This site contains links to these domains. Also see Links.

Domain
help-center.brightermonday.co.ke
static.brightermonday.co.ke
www.facebook.com
instagram.com
www.linkedin.com
twitter.com
www.youtube.com
play.google.com
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.onet.pl GeoTrust TLS RSA CA G1	`2023-05-15` - `2024-05-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ocdn.eu GeoTrust RSA CA 2018	`2023-01-05` - `2024-01-04`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.brightermonday.co.ke/
Frame ID: DDB2BF02548214258D1FEC74DC60B802
Requests: 81 HTTP requests in this frame

Frame: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A115B9DAB5B3F48976E473D4710DBE37
Requests: 1 HTTP requests in this frame

Frame: https://www.brightermonday.co.ke/discover/job-matching-just-got-an-upgrade?utm_source=dfp&utm_medium=cpc&utm_campaign=job-matching-reinvented-bmk-2023-05-29
Frame ID: 91C1DFD1173C6AC3682D22746DF1D2FC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EB0A746C3F3880833830570C35BD26B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7918FB61A06D3E98CD360BECFFD10FF6
Requests: 2 HTTP requests in this frame

Frame: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4EFE67573C9F2D52B3603CAE930A62AB
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXnfBDMio4CGK_l5ucBMAE&v=APEucNWx0IYrGpXbU-5jvWh2UHTpTjdPGIGli4zTw_TJuI7vg-s0b_FoI6kKuykrIwoVjoWTRUf-DcAYceAI4g_Ox__BenSqDVvo9qQGSUoCtzMuBprGI_ZpT3LVVVMeWwr1lRl8TR7lxwKBxtyCUPCqed4vkRaytteiUbnYhBqaYlfM_3odFZ0
Frame ID: 3E957331A722629884EF2EEF27A238BC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE50D40C8D1EBE7E2CA3E8E7C23B08E5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250
Frame ID: 11BEE4763FAD74828136D33BF9A593D1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find the Right Job Vacancies in Kenya | BrighterMondayBack ButtonFilter Button

Page URL History Show full URLs

http://www.brightermonday.co.ke/ HTTP 301
https://www.brightermonday.co.ke/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

126
Requests

94 %
HTTPS

66 %
IPv6

23
Domains

39
Subdomains

35
IPs

5
Countries

1855 kB
Transfer

5005 kB
Size

38
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help-center.brightermonday.co.ke/portal/en/home
Title: Help Center

Search URL Search Domain Scan URL

URL: https://static.brightermonday.co.ke/banner-rate-card-kenya.pdf
Title: Banner Rate Card

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BrighterMondayKenya

Search URL Search Domain Scan URL

URL: https://instagram.com/brightermondayke/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/brightermonday-com

Search URL Search Domain Scan URL

URL: https://twitter.com/BrighterMonKE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRnWs_8yZ7GFNHsDEOc42Kg

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.brightermonday&utm_source=brightermonday.co.ke&utm_campaign=google-play-badge&pcampaignid=MKT-Other-global-all-co-prtnr-py-2artBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.brightermonday.co.ke/ HTTP 301
https://www.brightermonday.co.ke/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://events.ocdn.eu/v2/EA-2205110/me?_ac=events HTTP 302
https://events.ocdn.eu/v2/EA-2205110/me?_ac=events&_ca=1&uuid=202306102038188176107244

Request Chain 68

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4FD779BC07614FA7A0956C68A8C4D376&RedC=c.clarity.ms&MXFR=10DE0CA2823E69E70E7B1F8E863E6727 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4FD779BC07614FA7A0956C68A8C4D376&MUID=353A578E17EE62372DFB44A216EE633B

Request Chain 71

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2100490%26time%3D1686422299035%26url%3Dhttps%253A%252F%252Fwww.brightermonday.co.ke%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKuOSJEX0kLXgAAAYimmiSI0MQVfgLx_P174GuCBTL5WPB5FBVHgDvrsJkY85aTuqphES4Wj9Gd

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZITDGyDWQsD-h7RxDvBEKQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCZk4GZup2nR6SMSvU928E&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MjgyMTY5NTE3MjkwMTU2Mg%3D%3D

126 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.brightermonday.co.ke/
Redirect Chain

http://www.brightermonday.co.ke/
https://www.brightermonday.co.ke/

81 KB
17 KB

102ms
82ms

Document
text/html

2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c7a0c96370e2af175c5835cacd5f460408286714b908096fa19564daf6959f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7d53bb042ad31cbd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 10 Jun 2023 18:38:18 GMT
referrer-policy: origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-request-id: 457086801baf5b94dc53740816c3e94f
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7d53bb03eaee996f-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 10 Jun 2023 18:38:18 GMT
Expires: Sat, 10 Jun 2023 19:38:18 GMT
Location: https://www.brightermonday.co.ke/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 inter-v11-latin-300.c1621953.woff2
www.brightermonday.co.ke/build/static-assets/fonts/ 17 KB
17 KB 26ms
24ms Font
font/woff2 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/static-assets/fonts/inter-v11-latin-300.c1621953.woff2

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f400eb2f6fa018e0fb23c7e5f41d300fc9fc90aafeedc447a90aedabfd2162a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brightermonday.co.ke/
Origin: https://www.brightermonday.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
age: 185985
etag: W/"647d7a91-4320"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 7d53bb04bbac1cbd-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 inter-v11-latin-regular.3a92ec24.woff2
www.brightermonday.co.ke/build/static-assets/fonts/ 16 KB
16 KB 20ms
17ms Font
font/woff2 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/static-assets/fonts/inter-v11-latin-regular.3a92ec24.woff2

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56fec2159406ce1d4e284774fd1ee371018f131e28aa303ad1675edc76f20dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brightermonday.co.ke/
Origin: https://www.brightermonday.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
age: 182614
etag: W/"647d7a91-40e0"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 7d53bb04cbb41cbd-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 inter-v11-latin-500.03a0aa43.woff2
www.brightermonday.co.ke/build/static-assets/fonts/ 17 KB
17 KB 21ms
19ms Font
font/woff2 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/static-assets/fonts/inter-v11-latin-500.03a0aa43.woff2

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa5a5a7aef18ee566c2ae611c7e7a23d61cceca332684e3f3d2bcbf7c4bfc886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brightermonday.co.ke/
Origin: https://www.brightermonday.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
age: 182506
etag: W/"647d7a91-4428"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 7d53bb04cbb51cbd-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 inter-v11-latin-700.28198516.woff2
www.brightermonday.co.ke/build/static-assets/fonts/ 17 KB
17 KB 21ms
20ms Font
font/woff2 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/static-assets/fonts/inter-v11-latin-700.28198516.woff2

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ced3f556e65561203347082cd3c41f2dda3ac93e2b449d553a1dbfb9b73a1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brightermonday.co.ke/
Origin: https://www.brightermonday.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
age: 184948
etag: W/"647d7a91-44b8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 7d53bb04cbb61cbd-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 fonts.3a1ef93d.css
www.brightermonday.co.ke/build/assets/css/brightermonday/ 3 KB
634 B 22ms
21ms Stylesheet
text/css 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/assets/css/brightermonday/fonts.3a1ef93d.css

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d0012c982b9e77481466f18dd7ce3d56967476a0c32df3cb85fdc9dfabde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 183216
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 14:16:39 GMT
server: cloudflare
etag: W/"6481e2c7-cb6"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d53bb04bbae1cbd-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 tailwindcss-v3.22e3de3a.css
www.brightermonday.co.ke/build/assets/css/brightermonday/ 101 KB
18 KB 27ms
26ms Stylesheet
text/css 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/assets/css/brightermonday/tailwindcss-v3.22e3de3a.css

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b0f7ea79e8ac370b34aa048f71e42942c0942934f25d822963f6bb46c1d8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 174584
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 14:16:39 GMT
server: cloudflare
etag: W/"6481e2c7-19253"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d53bb04cbb21cbd-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/ 21 KB
7 KB 44ms
22ms Script
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/otSDKStub.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b901f7c72387d44c5f8f9392019e89097d6c845b6b6cbe8631f19f952ac31662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GnuUGVy+XFzRWy49WrUohQ==
age: 33284
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Mon, 17 Apr 2023 13:26:32 GMT
server: cloudflare
etag: 0x8DB3F475BFB1A75
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3f2e266a-c01e-00c3-2830-7151a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb04e9b82bc1-FRA
expires: Sun, 11 Jun 2023 18:38:18 GMT

GET
H3 200 mini-xhr.umd.min.6cc6f550.js Show response
www.brightermonday.co.ke/build/assets/scripts/ 3 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/assets/scripts/mini-xhr.umd.min.6cc6f550.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cd14dd60e0d9e9ea7cff3009ec795672a1d0f5a49ce3e63fa4699693ee856d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 166484
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 14:15:56 GMT
server: cloudflare
etag: W/"6481e29c-df4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb04ecdd18f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 app.9157cd78.js Show response
www.brightermonday.co.ke/build/assets/scripts/ 172 KB
40 KB 24ms
23ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd96ddf25a3deba65bb06aaf0f2af24ea37136153ce977085e4a570752f5ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 186433
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 14:17:04 GMT
server: cloudflare
etag: W/"6481e2e0-2ae9a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb050d0018f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 location-marker.d37adfcd.svg
www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/ 929 B
653 B 40ms
40ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/location-marker.d37adfcd.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a95b15c17e7d5472fdb4c89212251c6b09c86906c2539c3d97c6c488a14a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 177491
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-3a1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb051d0d18f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 e878a337-9ac9-40ff-bc96-c77c4bf37bd3.json Show response
cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/ 3 KB
2 KB 32ms
17ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/e878a337-9ac9-40ff-bc96-c77c4bf37bd3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1619035a20227422e95fc3bcaa84876a3081518cdf9cb8cbf806c007ee2e0371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9F+Hhew0DaoxQy+j4DqyQA==
age: 6284
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1446
x-ms-lease-status: unlocked
last-modified: Mon, 17 Apr 2023 13:26:31 GMT
server: cloudflare
etag: 0x8DB3F475BB9ADBA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 89b148fc-b01e-0169-6030-71c11f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb052a248fe9-FRA
expires: Sun, 11 Jun 2023 18:38:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 388 KB
105 KB 60ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e4c9ec403466499bb0e0fb7e517a5f36966f36708179730e0b965d3e17b0cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107199
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Jun 2023 18:38:18 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8fd0ea2436a3c65bf7b99d8b3194351820ae7d6e05f4cee957b954dd0b14a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 inter-v11-latin-600.2397b37e.woff2
www.brightermonday.co.ke/build/static-assets/fonts/ 17 KB
17 KB 25ms
25ms Font
font/woff2 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/build/static-assets/fonts/inter-v11-latin-600.2397b37e.woff2

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/css/brightermonday/fonts.3a1ef93d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brightermonday.co.ke/build/assets/css/brightermonday/fonts.3a1ef93d.css
Origin: https://www.brightermonday.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
age: 186432
etag: W/"647d7a91-449c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 7d53bb052d2e18f1-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 landscape.svg
www.brightermonday.co.ke/static-assets/img/ke/ 8 KB
3 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/static-assets/img/ke/landscape.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab0c26366cbb6cff003f51ffa4e8a6f3c77a2a83324a0d3b7245cdc0805afd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4466
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 69190d7a5a9b29b28a01ae31ecef4adb
x-ua-compatible: IE=Edge
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-1eca"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb053d5218f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 adv8579_1476259023.jpg
i.roamcdn.net/kazi/ke/base/bee8db7cea2e3ca9abfe8666986311b2/-/advertiser-img-ke-jobs-prod/dealer-images/advid8579/ 4 KB
4 KB 66ms
23ms Image
image/webp 2606:4700::6811:8e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roamcdn.net/kazi/ke/base/bee8db7cea2e3ca9abfe8666986311b2/-/advertiser-img-ke-jobs-prod/dealer-images/advid8579/adv8579_1476259023.jpg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8e37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66abc81d0a95e960d18d2bcdd1b8bab9725bdb5501beba7df75d254a59e391b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: P1BBSBTC3N7MS9MJ
age: 873883
cf-polished: qual=85, origFmt=jpeg, origSize=6126
x-amz-storage-class: ONEZONE_IA
content-disposition: inline; filename="adv8579_1476259023.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3820
x-amz-id-2: 2cdOlED/C3AFU2f7J6Np1qndrwK/gTT7sbDi8nosy9xE6Fz3QWDfw1OAjUwTteCToOmoWClVfnY=
x-amz-expiration: expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="expiration"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2023 01:19:58 GMT
server: cloudflare
etag: "9a6729ea2bf8f7f5e38cc1c2ab5539dc"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb0578f52be4-FRA

GET
H2 200 adv1415_1477308369.jpg
i.roamcdn.net/kazi/ke/base/9057b2962c5beb7d6e8894de1fa74040/-/advertiser-img-ke-jobs-prod/dealer-images/advid1415/ 17 KB
17 KB 66ms
24ms Image
image/webp 2606:4700::6811:8e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roamcdn.net/kazi/ke/base/9057b2962c5beb7d6e8894de1fa74040/-/advertiser-img-ke-jobs-prod/dealer-images/advid1415/adv1415_1477308369.jpg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8e37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0d8c7883871d5b92b2026a9ab73cd9a3f0521f4ec7979127e6df5afb39c1930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: KG1Z378Y2B8JR63M
age: 67452
cf-polished: qual=85, origFmt=jpeg, origSize=28289
x-amz-storage-class: ONEZONE_IA
content-disposition: inline; filename="adv1415_1477308369.webp"
alt-svc: h3=":443"; ma=86400
content-length: 17424
x-amz-id-2: 7A6t/QpmZyHWb8C2LsiIpkrTkgQb9yKOUg6RKfEAwNmuSQIv4S04oEE7WMUjdN0/SLmrvMExE28=
x-amz-expiration: expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="expiration"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Feb 2023 17:50:08 GMT
server: cloudflare
etag: "06cbd225adf5cc2bef95afd4606b58b3"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb0578f62be4-FRA

GET
H2 200 adv8830_1684921418.jpg
i.roamcdn.net/kazi/ke/base/7e139e0bd47b98f52e99207b9002abc9/-/advertiser-img-ke-jobs-prod/dealer-images/advid8830/ 7 KB
8 KB 58ms
16ms Image
image/webp 2606:4700::6811:8e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roamcdn.net/kazi/ke/base/7e139e0bd47b98f52e99207b9002abc9/-/advertiser-img-ke-jobs-prod/dealer-images/advid8830/adv8830_1684921418.jpg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8e37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a00e9ea4f44b3545fb2e30ee99ffe534f70f0519f03ba101ce8606ee079cce1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: R53836Q029VZ8ZTQ
age: 290683
cf-polished: qual=85, origFmt=jpeg, origSize=13587
x-amz-storage-class: ONEZONE_IA
content-disposition: inline; filename="adv8830_1684921418.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7340
x-amz-id-2: nLWhQ0HrNEt6JSFZz+CEFdU+ECguWQZ5og2GTikOYWE4qTiLeS/DKHS2xanQcGrq+QB1FrhXWt4=
x-amz-expiration: expiry-date="Tue, 21 Nov 2023 00:00:00 GMT", rule-id="expiration"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 May 2023 09:43:40 GMT
server: cloudflare
etag: "c2c7fdda97200735b6e5fab6a95dbbaf"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb0578f72be4-FRA

GET
H2 200 adv71596_1591365950.jpg
i.roamcdn.net/kazi/ke/base/3f9041fbc2213ec153498f29628963cf/-/advertiser-img-ke-jobs-prod/dealer-images/advid71596/ 14 KB
14 KB 60ms
18ms Image
image/webp 2606:4700::6811:8e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roamcdn.net/kazi/ke/base/3f9041fbc2213ec153498f29628963cf/-/advertiser-img-ke-jobs-prod/dealer-images/advid71596/adv71596_1591365950.jpg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8e37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed51a059c9859521c2ee61bb434170f075da5252effdb852d7293737eaa888e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: P1BAWKSB1CZNY1R7
age: 873883
cf-polished: qual=85, origFmt=jpeg, origSize=30603
x-amz-storage-class: ONEZONE_IA
content-disposition: inline; filename="adv71596_1591365950.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13866
x-amz-id-2: +7dlQKn+tdfaaSoeggfkkaUMlz/Flc0RxKjdGo5YDh6jK9iWFng21hTHaJlIR/YpACaPePz3Llk=
x-amz-expiration: expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="expiration"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Feb 2023 17:50:08 GMT
server: cloudflare
etag: "6707b8c9338febd8461270b88c671a60"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb0578f82be4-FRA

GET
H2 200 adv44012_1504243043.jpg
i.roamcdn.net/kazi/ke/base/f4826a7c9ac355a9389e7eb0fa691b4b/-/advertiser-img-ke-jobs-prod/dealer-images/advid44012/ 12 KB
12 KB 59ms
17ms Image
image/jpeg 2606:4700::6811:8e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.roamcdn.net/kazi/ke/base/f4826a7c9ac355a9389e7eb0fa691b4b/-/advertiser-img-ke-jobs-prod/dealer-images/advid44012/adv44012_1504243043.jpg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8e37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93b8ec7c210dfce0786c545b970c60b90575087d3ca7830d92f4662dffb848f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: A2AZNVK9MCRT7BRX
age: 884437
cf-polished: degrade=85, origSize=15433, status=webp_bigger
x-amz-storage-class: ONEZONE_IA
alt-svc: h3=":443"; ma=86400
content-length: 12405
x-amz-id-2: bD1FuCnp94BB+v7sR5c7RajyiuinX6hOEYZyjrqtymi/gFV3iMMB+Jic/+hq6oQN4D+pplwSeoE=
x-amz-expiration: expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="expiration"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2023 00:56:56 GMT
server: cloudflare
etag: "3f3f5741b6ab05ce9952a0b02421274d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb0578f92be4-FRA

GET
H3 200 advance-your-career.6478c60f.png
www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/home-page/ 192 KB
192 KB 33ms
33ms Image
image/webp 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/home-page/advance-your-career.6478c60f.png

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee2111e9f59d51e2028b2a46e046e4d6ca4f1241b49ef3c05172cdb984443ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 166484
cf-polished: origFmt=png, origSize=221218
content-disposition: inline; filename="advance-your-career.webp"
alt-svc: h3=":443"; ma=86400
content-length: 196150
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: "647d7a91-36022"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb054d6a18f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 right-talent-desktop.4edbdba8.png
www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/home-page/ 84 KB
84 KB 28ms
27ms Image
image/webp 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/brightermonday-theme/home-page/right-talent-desktop.4edbdba8.png

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe8ba33a65ada53250f0139b71e0bed989d46ee4ad3f9fb75cd47f0052e905d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172539
cf-polished: origFmt=png, origSize=97079
content-disposition: inline; filename="right-talent-desktop.webp"
alt-svc: h3=":443"; ma=86400
content-length: 86098
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: "647d7a91-17b37"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb054d6d18f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 icon-facebook.a8ffd853.svg
www.brightermonday.co.ke/build/static-assets/img/ 484 B
557 B 21ms
19ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/icon-facebook.a8ffd853.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3efec7afc7ae56230e8f8d0b2417998660a159e5b85b2521e601bf7a7b2dcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 186139
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-1e4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb054d7018f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 icon-instagram.f94aacd6.svg
www.brightermonday.co.ke/build/static-assets/img/ 2 KB
1 KB 22ms
20ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/icon-instagram.f94aacd6.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47212ddd3bae582a65fc7babef16ce474d45e43c8c5ed4cbb7b9c0a14f5db0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 185712
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-7f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb054d7118f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 icon-linkedin.26a3db8e.svg
www.brightermonday.co.ke/build/static-assets/img/ 512 B
546 B 20ms
18ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/icon-linkedin.26a3db8e.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd82bcab67f9bcb30388c4b29a6b4a0421cbea6326216ae747d966ef1e4f751b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 166484
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-200"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb054d7318f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 icon-twitter.6b47ac5c.svg
www.brightermonday.co.ke/build/static-assets/img/ 550 B
546 B 22ms
20ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/icon-twitter.6b47ac5c.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0836dbcf77afc45f90dbdd735125a48b0c631de47b303db343a1f70e5fd5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 185843
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-226"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb054d7418f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 icon-youtube.bd29b086.svg
www.brightermonday.co.ke/build/static-assets/img/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/icon-youtube.bd29b086.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d120a95cdff26dfbb60f29390f58332b90d2a15370212f613e1c56074ac99b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 168121
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: W/"647d7a91-76f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7d53bb054d7518f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 play-badge.f8a9ba04.png
www.brightermonday.co.ke/build/static-assets/img/ 3 KB
3 KB 24ms
22ms Image
image/webp 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brightermonday.co.ke/build/static-assets/img/play-badge.f8a9ba04.png

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7337e4c590e9e0e7e83e7786c36dab8f44a37b2bd43c03d429a70161dd4b3452

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 182411
cf-polished: origFmt=png, origSize=6213
content-disposition: inline; filename="play-badge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2964
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Jun 2023 06:02:57 GMT
server: cloudflare
etag: "647d7a91-1845"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d53bb054d7718f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 60ms
29ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.brightermonday.co.ke/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7d53bb058b9a30cc-FRA
access-control-allow-headers: Content-Type

GET
H3 200 8605-f3391c2d9091443a2ae7.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 27 KB
8 KB 40ms
39ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/8605-f3391c2d9091443a2ae7.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12eb7a7883d5f86de235d33fabe6460aab45b9a0385ec63bc97f64c26130953e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5123832
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Apr 2023 08:11:44 GMT
server: cloudflare
etag: W/"643667c0-6c63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb055d8118f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 7667-e9cac73ae17b79d1d379.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 148 KB
38 KB 41ms
40ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/7667-e9cac73ae17b79d1d379.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3254fff30a1246a754c54436a92aef17fad66b1a46be370a86b2ee9fe009eea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5125041
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Apr 2023 08:11:44 GMT
server: cloudflare
etag: W/"643667c0-24fe5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb055d8418f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 5955-bf8033a4949ce196eb5d.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 32 KB
7 KB 22ms
22ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/5955-bf8033a4949ce196eb5d.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

908d5211c745dc4c6b8ffca62f7486d9502d195a1db6af1e65a40a1fa6eaad54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3819435
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Apr 2023 11:58:01 GMT
server: cloudflare
etag: W/"644a6349-7ff6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb055d8618f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 1727-f9ee2b9eb0932e9b08ba.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 22 KB
6 KB 42ms
41ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/1727-f9ee2b9eb0932e9b08ba.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7e357a31f9655ff73340c8c21ac6f4db09e373f6f37f9ecf032c3a9cd8dc7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3888920
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Apr 2023 08:11:44 GMT
server: cloudflare
etag: W/"643667c0-585a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb055d8818f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 5980-a028b7c4739d189eb696.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 40 KB
11 KB 42ms
42ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/5980-a028b7c4739d189eb696.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

513f937a8451c5fe031bc8a307a749dfcccc8c9eae6d5276f8bc84f838df57d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5089483
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Apr 2023 19:46:57 GMT
server: cloudflare
etag: W/"64370ab1-a063"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb055d8918f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 6982-11d38ddfc0e86958e212.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 55 KB
10 KB 43ms
43ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/6982-11d38ddfc0e86958e212.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d836954a80484e1203c39f288760db312372c12904cfc8e3bd504a95cbaec54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4603483
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Apr 2023 08:53:03 GMT
server: cloudflare
etag: W/"643e5a6f-ddf2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb055d8a18f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 8234-9b19319924b2003cee6c.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 5 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/8234-9b19319924b2003cee6c.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

646d1f946d758eea129d085f511082aaf557f6270fbb2aba69bfff6418aaf463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3931673
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Apr 2023 08:11:44 GMT
server: cloudflare
etag: W/"643667c0-1344"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb05ce2218f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H3 200 detect-user-country Show response
www.brightermonday.co.ke/ajax/ 450 B
1 KB 347ms
346ms XHR
application/json 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/ajax/detect-user-country

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/7667-e9cac73ae17b79d1d379.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5ebe900fb112bb173c81ad48b9bcc27501654aef82f96e9f981949081340c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.brightermonday.co.ke/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
cf-ray: 7d53bb05ce2618f1-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3a578004913db43029a85e5d4e3f0a7d
x-ua-compatible: IE=Edge

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 18ms
17ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 72893
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb05caee2bc1-FRA

GET
H2 200 datadog-logs-v4.js Show response
www.datadoghq-browser-agent.com/ 47 KB
16 KB 77ms
19ms Script
application/javascript 52.222.164.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by: Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.164.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-164-194.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8dba58c13df294cb3a2e4d574483e0985886ab914b72c8222ea060e230e63f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:37:58 GMT
content-encoding: br
via: 1.1 4bb1350a7e907cdd02f8977c1aa46622.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 16:08:37 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 21
x-amz-server-side-encryption: AES256
etag: W/"9a08b68dfc8dc1c01e365ebc2560d62e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: uOZyOq-F-T_cCGtqnDMsX61_QuqmgL3yIPW8aqqa2qqukgmNVOsKOQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 80ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 10 Jun 2023 18:38:18 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 156341AF00034A7CB251C5A175865D3C Ref B: FRAEDGE1918 Ref C: 2023-06-10T18:38:18Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 minit.boot.min.js Show response
lib.onet.pl/s.csr/build/dlApi/ 8 KB
4 KB 55ms
9ms Script
application/javascript 143.204.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.onet.pl/s.csr/build/dlApi/minit.boot.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-116.fra53.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 093b9667d03287d1f6a19aeb676f7e299c1b6c7cf7871291dc76e73dc3ac0789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:35:19 GMT
content-encoding: br
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
server: Ring Publishing - Accelerator
x-amz-cf-pop: FRA53-C1
age: 179
etag: "207d21391c99d2b5a600b19fc2f60f538d8c782f"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3224
x-amz-cf-id: oXRvcy0XojjISP9Z7U-x9sXOoy171TBeadOT7Q1A7y7MZ5hukxvxFQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
87 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1HS1YQ0VQS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1e0c3ca084ae3ac735b7278f865149f720e831cd03637357ac48c5cd63d77f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Jun 2023 18:38:18 GMT

GET
H3 200 4264-30bf303fe5ced7196f14.js Show response
www.brightermonday.co.ke/assets/scripts/chunk/jobberman/ 60 KB
16 KB 23ms
22ms Script
application/javascript 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/4264-30bf303fe5ced7196f14.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/build/assets/scripts/app.9157cd78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a957d621146311350de8d28fb5676dbcba136dd1d800792e28ce1939d2468e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3929050
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Apr 2023 08:11:44 GMT
server: cloudflare
etag: W/"643667c0-f020"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d53bb05fe6818f1-FRA
expires: Sun, 09 Jun 2024 18:38:18 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/a6f8578a-39ee-40e7-b077-3eb37cf73d1b/ 120 KB
23 KB 21ms
21ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/a6f8578a-39ee-40e7-b077-3eb37cf73d1b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c38d366c801c1c15a52ba4f6ff085f90a04953e9c89be0f450f3783b58e16f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: G1WW3v5ErhCHDgo0Eu1oYg==
age: 6283
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23222
x-ms-lease-status: unlocked
last-modified: Mon, 17 Apr 2023 13:26:33 GMT
server: cloudflare
etag: 0x8DB3F475CEBE88A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2fa2d7c1-b01e-00e5-4730-71ca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb060afd8fe9-FRA
expires: Sun, 11 Jun 2023 18:38:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 75 KB
25 KB 119ms
92ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/assets/scripts/chunk/jobberman/5955-bf8033a4949ce196eb5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384db2b2e720ba11ef825a5e3bce4d3565a5a7694f61e3e76df852551f9aa00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25237
x-xss-protection: 0
server: cafe
etag: 679 / 19518 / 31075210 / config-hash: 404984007886724395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:38:18 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1HS1YQ0VQS&gtm=45je3671&_p=972446626&_gaz=1&cid=886788286.1686422299&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1686422298&sct=1&seg=0&dl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&dt=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_type=home&ep.page_brand=&ep.page_country_code=ke
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HS1YQ0VQS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.brightermonday.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 57ms
17ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1HS1YQ0VQS&cid=886788286.1686422299&gtm=45je3671&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HS1YQ0VQS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.brightermonday.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 83ms
33ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1HS1YQ0VQS&cid=886788286.1686422299&gtm=45je3671&aip=1&z=590633308

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 13 KB
3 KB 23ms
22ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pRHDWyQMLvXwKY458EnqRw==
age: 76483
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:45 GMT
server: cloudflare
etag: 0x8DB55BF315FAED9
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 35f84fd6-101e-00e8-69fa-87251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb06ab828fe9-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 62 KB
13 KB 29ms
28ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UgqWqpl5qGBlgacC8J2b6A==
age: 60881
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32DD687C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c912f98f-101e-0109-39fa-87843d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb06ab848fe9-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 31ms
30ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 60881
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 177cc1a1-801e-0125-4cfa-870600000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7d53bb06ab858fe9-FRA

GET
H2 200 YnVpbGQve21pbml0MjA3fWRsQXBpL21pbml0LnsybWluaXQyMDd9bWluLmpz Show response
sgqcvfjvr.onet.pl/ 176 KB
52 KB 62ms
16ms Script
application/javascript 108.138.36.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/YnVpbGQve21pbml0MjA3fWRsQXBpL21pbml0LnsybWluaXQyMDd9bWluLmpz
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/minit.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-122.muc50.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: e6e6770ab6db5500526f6b7dd04607473766afd7677aadac48a0ddf010fec60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:36:09 GMT
content-encoding: br
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 129
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 52672
last-modified: Tue, 30 May 2023 08:04:25 GMT
server: Ring Publishing - Accelerator
etag: "e98d99a599d9c653265823f9dcae0cfd"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KOkhVSBQnf7raGO_1Nyju3EiA1XRWUAFIWGHPiBN3Meo7TyOlRdqAQ==

GET
H2 200 dl.aureus.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 2 KB
1 KB 76ms
30ms Script
application/javascript 108.138.36.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.aureus.min.js?4&077ac16f633bc13fc61ba37e0e5dadf0
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/minit.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-122.muc50.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:25:02 GMT
content-encoding: br
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 796
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 896
last-modified: Tue, 30 May 2023 08:04:17 GMT
server: Ring Publishing - Accelerator
etag: "077ac16f633bc13fc61ba37e0e5dadf0"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tIvx0drucUpVAbfNSenLVXt17e-DsTF_77QXBf03GCsjH42Owa9jEg==

GET
H2 200 dl.clickmap.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 4 KB
2 KB 75ms
29ms Script
application/javascript 108.138.36.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.clickmap.min.js?4&16433283345f7a0aaaf6559496134b7d
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/minit.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-122.muc50.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 12c404df0041a4998dbe80619c9e4b75aea8dae835957e55f13baaf155fe9f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:32:36 GMT
content-encoding: br
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 342
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1563
last-modified: Tue, 30 May 2023 08:04:18 GMT
server: Ring Publishing - Accelerator
etag: "16433283345f7a0aaaf6559496134b7d"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DkzQNIVqX4X_GiaV3KTLuj927EicX11msiAVqj_7MipkOJxw-S0I0Q==

GET
H2 200 artemis.min.js Show response
artemis-cdn.ocdn.eu/artemis/0.5.8/ 16 KB
6 KB 86ms
27ms Script
application/javascript 18.66.192.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artemis-cdn.ocdn.eu/artemis/0.5.8/artemis.min.js?c1c9a7dc67b462ac216401c81e9224ea
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/minit.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-29.muc50.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: c14fde4ef50a1c17d8f3658a85db78d21b75d4415fb4b4fd179682c82d30e7a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:25:13 GMT
content-encoding: br
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 10:37:55 GMT
server: Ring Publishing - Accelerator
x-amz-cf-pop: MUC50-P1
age: 785
etag: "c1c9a7dc67b462ac216401c81e9224ea"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6191
x-amz-cf-id: MBw4ViReXNbhFWKUEw2Ffj034ZRSxG4vtFiBgJ1MmRBukfCt4sOC_Q==

GET
H2 200 259001586.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 33ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/259001586.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57fda54fe5434c1a56c23f30d0ab42c0f17acd33517f4e627d754bc2e81de964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 10 Jun 2023 18:38:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D6906B52BD94F66BE2AEA0D1DF78051 Ref B: FRAEDGE1918 Ref C: 2023-06-10T18:38:18Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 37ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=259001586&tm=gtm002&Ver=2&mid=a5b76a2a-5929-47e1-b99b-c4eaa3342ab4&sid=f80abf6007bd11eeabec75d73ccb8ac5&vid=f80b0e1007bd11ee92338debab2201d1&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Find%20the%20Right%20Job%20Vacancies%20in%20Kenya%20%7C%20BrighterMonday&p=https%3A%2F%2Fwww.brightermonday.co.ke%2F&r=&lt=249&evt=pageLoad&sv=1&rn=657376

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 10 Jun 2023 18:38:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 174676A11BC6461A813D2FFA12515CC5 Ref B: FRAEDGE1918 Ref C: 2023-06-10T18:38:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 21ms
21ms Fetch
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 76483
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jun 2023 20:17:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a794d3df-201e-008d-27b7-9a9440000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7d53bb06fbd98fe9-FRA

GET
H2 200 BrighterMonday_kenya.png
cdn.cookielaw.org/logos/8b189fb9-6ba0-4629-9c37-014d34395e19/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/527903a6-f98c-46f9-92df-08e102744c99/ 8 KB
8 KB 27ms
26ms Image
image/png 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/8b189fb9-6ba0-4629-9c37-014d34395e19/e878a337-9ac9-40ff-bc96-c77c4bf37bd3/527903a6-f98c-46f9-92df-08e102744c99/BrighterMonday_kenya.png

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bc9b1493b0679abb01be786cc6d3c38e528919afbeae56ce71b0ad412bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VMYJ1xDWAasMBYFM/CFRtA==
age: 60279
content-length: 8500
x-ms-lease-status: unlocked
last-modified: Fri, 28 Oct 2022 14:01:09 GMT
server: cloudflare
etag: 0x8DAB8ECDD7182F5
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 841a64a8-f01e-008f-53e1-5a96ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d53bb070cb62bc1-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 18:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 75476
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 12:41:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d4a78e71-a01e-00d8-0efc-9a7f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7d53bb070cb82bc1-FRA

GET
H2 200 259001586 Show response
www.clarity.ms/tag/uet/ 826 B
1 KB 166ms
99ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/259001586
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/259001586.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 70645556fb5fcaccf533a19977023b3fe350036d80a39fa085958339e3309123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: -1
date: Sat, 10 Jun 2023 18:38:18 GMT
x-azure-ref: 20230610T183818Z-c1tmm4rqbh2kzenbhr37rcawhc00000001m0000000007vc1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 826
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/ 404 KB
125 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30298
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127525
x-xss-protection: 0
server: cafe
etag: 1285551304932764827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 09 Jun 2024 10:13:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
604 B 80ms
42ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.brightermonday.co.ke

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6c441815a3736a6858aa38f869fb4189341bbb0e3f73769704d46e9fd913dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Sat, 10 Jun 2023 18:38:18 GMT

GET
H2

200

me Show response
events.ocdn.eu/v2/EA-2205110/
Redirect Chain

https://events.ocdn.eu/v2/EA-2205110/me?_ac=events
https://events.ocdn.eu/v2/EA-2205110/me?_ac=events&_ca=1&uuid=202306102038188176107244

93 B
343 B

12ms
11ms

XHR
application/json

3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-2205110/me?_ac=events&_ca=1&uuid=202306102038188176107244
Requested by: Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/
Protocol: H2
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: d3692b07cc5222bcdd2915c0fe6b2ee7da1f7d24bd17eaca14d9bc79d4e46196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://www.brightermonday.co.ke
date: Sat, 10 Jun 2023 18:38:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator
content-length: 93
content-type: application/json; charset=utf-8

Redirect headers

access-control-allow-origin: https://www.brightermonday.co.ke
location: /v2/EA-2205110/me?_ac=events&_ca=1&uuid=202306102038188176107244
date: Sat, 10 Jun 2023 18:38:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET
H2 200 eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyMzA2MTAyMDM4MTg4MTc2MTA3MjQ0IiwiZ2xvYmFsIjoiMjAyMzA2MTAyMDM4MTg4MTc2MTA3MjQ0In0sInNzbyI6eyJsb2dnZWQiOnsiaWQiOiIwIn0sIm5hbWUiOiJEZWZhdWx0IFNTTyJ9LCJleHRlcm5hbCI6e... Show response
events.ocdn.eu/v2/EA-2205110/user/ 145 B
567 B 19ms
19ms Fetch
application/json 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-2205110/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyMzA2MTAyMDM4MTg4MTc2MTA3MjQ0IiwiZ2xvYmFsIjoiMjAyMzA2MTAyMDM4MTg4MTc2MTA3MjQ0In0sInNzbyI6eyJsb2dnZWQiOnsiaWQiOiIwIn0sIm5hbWUiOiJEZWZhdWx0IFNTTyJ9LCJleHRlcm5hbCI6eyJpZHMiOnt9fX0sImNvbnRleHQiOnsidXJsIjoiaHR0cHMlM0EvL3d3dy5icmlnaHRlcm1vbmRheS5jby5rZS8ifSwidmVyc2lvbiI6IjAuNS44IiwiZmxhZ3MiOnsiaWdub3JlSWQiOnRydWV9fQ==
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e4ff56cdc37e3cba5f9135ceffdd9c9d1addaa779fd49e60db40d764ac6aedfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
server: Ring Publishing - Accelerator
x-ats-elapsed: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.brightermonday.co.ke
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With
content-length: 145

GET
H2 204 / Show response
events.ocdn.eu/v2/ 0
204 B 9ms
9ms XHR
text/plain 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_gu=202306102038188176107244&_lu=202306102038188176107244&_it=72&RDLU=eyJzc28iOnsibG9nZ2VkIjp7ImlkIjoiMCJ9LCJuYW1lIjoiRGVmYXVsdCBTU08ifSwiaWQiOnsiZXh0ZXJuYWwiOnsibW9kZWxzIjp7fX19fQ==&CL=init-20230530_1004&RI=52dd76484c31a2f2&C1=1686422298754&IP=202306101838187505885565&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fwww.brightermonday.co.ke%2F&DV=brightermonday_co_ke%2Fdefault&IV=202306101838187505885565&RDLCN=eyJwdWJsaWNhdGlvbiI6e30sInNvdXJjZSI6e319&DA=brightermonday_co_ke%2Fdefault&SC=1&DP=0&CD=visible&NA=nb&RDLC=eyJ0cmFja2luZyI6eyJhdXRvc3RhcnQiOnRydWV9LCJ2ZXJzaW9uIjp7ImxpYnJhcnkiOnsidHJhY2tpbmciOiIyLjYuMyIsImRsYXBpIjoiMjAyMzA1MzBfMTAwNCJ9fX0%3D&RT=PageView&IZ=0&IL=0&TID=EA-2205110
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://www.brightermonday.co.ke
date: Sat, 10 Jun 2023 18:38:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET
H2 204 / Show response
events.ocdn.eu/v2/ 0
204 B 10ms
10ms XHR
text/plain 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=UserAction&_ac=kropka-events&_rt=now&_gu=202306102038188176107244&_lu=202306102038188176107244&_it=72&RDLU=eyJzc28iOnsibG9nZ2VkIjp7ImlkIjoiMCJ9LCJuYW1lIjoiRGVmYXVsdCBTU08ifSwiaWQiOnsiYXJ0ZW1pcyI6IiIsImV4dGVybmFsIjp7Im1vZGVsIjoiIiwibW9kZWxzIjp7ImF0c19yaSI6bnVsbH19fX0=&CL=init-20230530_1004&RI=06a346484c31a351&C1=1686422298849&IP=202306101838187505885565&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fwww.brightermonday.co.ke%2F&DV=brightermonday_co_ke%2Fdefault&IV=202306101838187505885565&RDLCN=eyJwdWJsaWNhdGlvbiI6e30sInNvdXJjZSI6e319&RT=UserAction&VE=ArtemisEvent&VC=ArtemisId&VM=%257B%2522ri%2522%253A%2522%2522%257D&IZ=0&IL=0&TID=EA-2205110
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://www.brightermonday.co.ke
date: Sat, 10 Jun 2023 18:38:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 29ms
29ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/259001586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:18 GMT
content-encoding: br
last-modified: Wed, 07 Jun 2023 10:27:30 GMT
etag: W/"0x8DB6741CC9FDBC5"
vary: Accept-Encoding
x-azure-ref: 20230610T183818Z-c1tmm4rqbh2kzenbhr37rcawhc00000001m0000000007vcu
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 64430d0f-f01e-007d-2a2d-995ff8000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4FD779BC07614FA7A0956C68A8C4D376&RedC=c.clarity.ms&MXFR=10DE0CA2823E69E70E7B1F8E863E6727
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4FD779BC07614FA7A0956C68A8C4D376&MUID=353A578E17EE62372DFB44A216EE633B

42 B
443 B

34ms
33ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4FD779BC07614FA7A0956C68A8C4D376&MUID=353A578E17EE62372DFB44A216EE633B
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:18 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 471640359DC049C7B40AE8B20630BE37 Ref B: FRAEDGE1918 Ref C: 2023-06-10T18:38:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4FD779BC07614FA7A0956C68A8C4D376&MUID=353A578E17EE62372DFB44A216EE633B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 58ms
16ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDM8865

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58445
accept-ranges: bytes
content-length: 4777

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2100490/domain/brightermonday.co.ke/ 36 B
377 B 71ms
24ms XHR
application/json 2600:9000:237d:8800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2100490/domain/brightermonday.co.ke/token
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:8800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.brightermonday.co.ke/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:22:49 GMT
content-encoding: gzip
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 930
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: y-IBAZ3jw6YB7uRppyUUxPybRGeb2Wo8zckQXz7EkKAVafYsaOPhWQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2100490%26time%3D1686422299035%26url%3Dhttps%253A%252F%252Fwww.brightermonday.co....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKuOSJEX0kLXgAAAYimmiSI0MQ...

0
480 B

234ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKuOSJEX0kLXgAAAYimmiSI0MQVfgLx_P174GuCBTL5WPB5FBVHgDvrsJkY85aTuqphES4Wj9Gd
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E99E268035524B598A3A945D38F2ECE0 Ref B: FRAEDGE1910 Ref C: 2023-06-10T18:38:19Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9ysoiUQxPl1Ki9unDbg==

Redirect headers

date: Sat, 10 Jun 2023 18:38:18 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A24CF1672F43417A853480D6823DA34E Ref B: FRAEDGE2010 Ref C: 2023-06-10T18:38:19Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2100490&time=1686422299035&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKuOSJEX0kLXgAAAYimmiSI0MQVfgLx_P174GuCBTL5WPB5FBVHgDvrsJkY85aTuqphES4Wj9Gd
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9ysoen2ROctcIntSwRQ==

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
304 B 533ms
278ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.brightermonday.co.ke/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.brightermonday.co.ke
Date: Sat, 10 Jun 2023 18:38:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
20ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.brightermonday.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 64ms
63ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4262233695952400&correlator=3697014560459686&eid=31075062%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fifs&iu_parts=7108206%2CBrighterMonday_Kenya_dsk_home_atf_h1_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2963885971&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686422299144&lmt=1686422299&dlt=1686422298352&idt=465&adxs=436&adys=1038&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&frm=20&vis=1&psz=1504x20&msz=1504x20&fws=4&ohw=1504&ga_vid=886788286.1686422299&ga_sid=1686422299&ga_hid=972446626&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b16a5186c5e1b4d09b94c7c85d63369c3c5fd43fd1c71a516350a3e2d708f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15093
x-xss-protection: 0
google-lineitem-id: 6302944783
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138435143416
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brightermonday.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 300ms
299ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4262233695952400&correlator=3697014560459686&eid=31075062%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fifs&iu_parts=7108206%2CBrighterMonday_Kenya_dsk_home_btf_h2_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=1195572964&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686422299152&lmt=1686422299&dlt=1686422298352&idt=465&adxs=436&adys=2092&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.brightermonday.co.ke%2F&frm=20&vis=1&psz=1504x20&msz=1504x20&fws=4&ohw=1504&ga_vid=886788286.1686422299&ga_sid=1686422299&ga_hid=972446626&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1664ab08f0a07fd7be0d4d2dc11fba5b73fe975267bf09cbacde9e6eeb913df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9354
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brightermonday.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
60ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080101&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40874a8c3a85be6c94666401a1ebf1851f3ac4f0a695868ea472f04df46abd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11266
x-xss-protection: 0

GET
H2 200 container.html Show response
5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A115 6 KB
3 KB 88ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brightermonday.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 18:38:19 GMT
expires: Sun, 09 Jun 2024 18:38:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 job-matching-just-got-an-upgrade Show response
www.brightermonday.co.ke/discover/ Frame 91C1 314 KB
58 KB 178ms
178ms Fetch
text/html 2606:4700::6812:8954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brightermonday.co.ke/discover/job-matching-just-got-an-upgrade?utm_source=dfp&utm_medium=cpc&utm_campaign=job-matching-reinvented-bmk-2023-05-29

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8954 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

92683257cdd91161cef09fedffd4e4195c1a9588c87c5498230744f1c189ea77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: WP Engine
x-cache: HIT: 16
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 103573c0bebaf25bec57a1d6763c20fc
x-ua-compatible: IE=Edge
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
cache-control: max-age=600, must-revalidate
cf-ray: 7d53bb0a5cf618f1-FRA
link: <https://www.brightermonday.co.ke/discover/wp-json/>; rel="https://api.w.org/", <https://www.brightermonday.co.ke/discover/wp-json/wp/v2/posts/11376>; rel="alternate"; type="application/json", <https://www.brightermonday.co.ke/discover/?p=11376>; rel=shortlink

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91C1 0
0 47ms
45ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvyxnDx_41tZYuNb3ZJRtYyZpyRbyJ-cPlWMsctab8oPzf2uOaMAq2Lfi9THsviIGR939tltFnH1tn883GOA-m_TXDu9i8A-gAh4GD-A4hOJeyP4td1QeFGebbV0hvGlPLQaDl4PmaqoDsE1hqZzD4HU0pV2-xBi-PvRs16UUFcVUaKKZ-WkmWmmxUnRduJhA73SebDUO_uiYbmTerVzFVAU_q5eYx_bCquXMGYRzkUoiQDXs0AKFKVulG1ApzgAsmFZzgRnrTJkDMongC2VC5g-_aeoOmdJJOsNkbr2Eb6Mw7OorfCmpLiM8G3iXYXu3NN0UReP8tuXqOfaTxzevwPU8nrONqHcjwzQQCkIa70328jdlZRwnYF-Fh2w&sai=AMfl-YSMSosK4HBLeCR26wsbZ_oc-DNDH3sH3UU6pzHJRRVeIRwdx3LqlZUjNz032xSIB5djoNUelrfVr50hQWp-RmItAb7S9xh3PTyQyCKY3mPU0S77RgUyz-2trXmooKTWim1aihNDH6KzMd6HTCbE&sig=Cg0ArKJSzGq_alG1tbT2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 91C1 3 KB
2 KB 61ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91C1 175 KB
55 KB 135ms
135ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H2 200 3217730316499286848
tpc.googlesyndication.com/simgad/ Frame 91C1 28 KB
29 KB 60ms
9ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3217730316499286848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396d477150992111b27d6812465487593522b69bca4c9981e2e4d75ff5d0e7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 06:53:36 GMT
x-content-type-options: nosniff
age: 42283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28936
x-xss-protection: 0
last-modified: Mon, 29 May 2023 13:54:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Jun 2024 06:53:36 GMT

GET
DATA 200
OK truncated
/ Frame 91C1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb522f78ba39b20299843b8b8f327e5566be92847fb39851fd7105d53af17840

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EB0 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brightermonday.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 08:17:14 GMT
expires: Sun, 09 Jun 2024 08:17:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7918 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bef6f8c03cdd3f12ed42fd2750db3463cb44484905acb2dfd0fdb394c24900b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WNKQoRKL4HQHFwPCitC98g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brightermonday.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-WNKQoRKL4HQHFwPCitC98g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 18:38:19 GMT
expires: Sat, 10 Jun 2023 18:38:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EB0 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91C1 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjx_be5XIALblpvY8U4L4cPmLXDlPXqRrd7k_K3_NVdZb18u6VBnmYcRCEpOwaENT57BxD8z3l7nyMcJa_4V49rXrgkBtafSff_ekP41Oobgrms7TzJEJy7ecPo7b-32_-nK2I3X_OloHLLiuiIktOhuJ73xkhdW8OiliduDcSZv7ar1oTrLzqDlvopFwY-FcU6JNb-umipMjIb5DoAX4opmK1knGg1UCb4IenZGUi8YLu-PSerI5kGfjMpvu02VKolImQUn88zFtJXecFdKq-OanCgF3jMQCOkVfwWBnjoPvXpwIldjXCw2IHqh-sTWnDWUgEKK9JcNOKMcka9eK9T5A1Fl_j0SQ3yIZBgpdkUDxu3Gui6ngQllXW0cPF&sai=AMfl-YS4D0uGLZxt8GNE0Y3EKQ4XlqTxF9EUtMFMWO2kdGAQY9JvT1F6zm1BBm_urlSJEfodjOoxQU74v7FK6tpr7vQx5kMkXrL6SKug74ugfUv2wlWWsRYxpyyy4DE6p_2yWx36q6m0hEaJ7rtSw6n0&sig=Cg0ArKJSzGskntD2NFYnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7918 0
0 41ms
41ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080101&jk=4262233695952400&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 container.html Show response
5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EFE 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brightermonday.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 18:38:19 GMT
expires: Sun, 09 Jun 2024 18:38:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E95 624 B
419 B 50ms
48ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXnfBDMio4CGK_l5ucBMAE&v=APEucNWx0IYrGpXbU-5jvWh2UHTpTjdPGIGli4zTw_TJuI7vg-s0b_FoI6kKuykrIwoVjoWTRUf-DcAYceAI4g_Ox__BenSqDVvo9qQGSUoCtzMuBprGI_ZpT3LVVVMeWwr1lRl8TR7lxwKBxtyCUPCqed4vkRaytteiUbnYhBqaYlfM_3odFZ0

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 18:38:19 GMT
expires: Sat, 10 Jun 2023 18:38:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4EFE 78 KB
27 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EFE 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dy1QSvytXGaKHcKVcy1gcVkPAeXw9Fgr8cwMcdjwxyrsDOs6_jygeV_WwHDi3B1Hhc3r4bYATMn2Tq6nnlriDSl_x1nDOy_tSf36BBtWZtU9n0XMw

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EFE 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10724840888482120695&x=1&ct=76

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4EFE 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4EFE 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EFE 175 KB
55 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1EB0 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?z6CW5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1

43 B
766 B

11ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXnfBDMio4CGK_l5ucBMAE&v=APEucNWx0IYrGpXbU-5jvWh2UHTpTjdPGIGli4zTw_TJuI7vg-s0b_FoI6kKuykrIwoVjoWTRUf-DcAYceAI4g_Ox__BenSqDVvo9qQGSUoCtzMuBprGI_ZpT3LVVVMeWwr1lRl8TR7lxwKBxtyCUPCqed4vkRaytteiUbnYhBqaYlfM_3odFZ0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jun 2023 18:38:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E95
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZITDGyDWQsD-h7RxDvBEKQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXnfBDMio4CGK_l5ucBMAE&v=APEucNWx0IYrGpXbU-5jvWh2UHTpTjdPGIGli4zTw_TJuI7vg-s0b_FoI6kKuykrIwoVjoWTRUf-DcAYceAI4g_Ox__BenSqDVvo9qQGSUoCtzMuBprGI_ZpT3LVVVMeWwr1lRl8TR7lxwKBxtyCUPCqed4vkRaytteiUbnYhBqaYlfM_3odFZ0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jun 2023 18:38:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYcBcadh0tmvplzE4w8SWQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3E95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCZk4GZup2nR6SMSvU928E&google_cver=1

43 B
1 KB

15ms
7ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFCZk4GZup2nR6SMSvU928E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXnfBDMio4CGK_l5ucBMAE&v=APEucNWx0IYrGpXbU-5jvWh2UHTpTjdPGIGli4zTw_TJuI7vg-s0b_FoI6kKuykrIwoVjoWTRUf-DcAYceAI4g_Ox__BenSqDVvo9qQGSUoCtzMuBprGI_ZpT3LVVVMeWwr1lRl8TR7lxwKBxtyCUPCqed4vkRaytteiUbnYhBqaYlfM_3odFZ0

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jun 2023 18:38:19 GMT
AN-X-Request-Uuid: 8584ded7-9e46-4eca-b4d6-541662dc4ee5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFCZk4GZup2nR6SMSvU928E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3E95
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MjgyMTY5NTE3MjkwMTU2Mg%3D%3D

170 B
243 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MjgyMTY5NTE3MjkwMTU2Mg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 10 Jun 2023 18:38:19 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.247; 37.58.58.247; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2ff9d87a-0eb0-4e24-8b6a-ad2457c3e882
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MjgyMTY5NTE3MjkwMTU2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EFE 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2484214133141&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EFE 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2484214133141&version=m202301230201&ct=76&x=1&cor=10724840888482120000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4EFE 93 KB
36 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRECythGvaoXSjubDcG08yMELlAMQzEvpfpLfQjoAo-chwoXWIyElJkOzGd5wgVJEsDwzzUKb8gsipFIUmHlkLEEEJy3jYqqca_ose3OHVQMCHHZdEq0gsNBAuYW5sJqkByNpoibHvXMWuoRzQPjb8BWux0PabQCLgXzZzDntKSVGPjPQ&dbm_d=AKAmf-DiHZtmo6OvOnICfBbwG0qlW2v4jxDwfPgNJgFRek60BC-QdhfFEaPwxldJTz6yunUEGTIZZtHTdseloOVym_Pbps6gENqLxlByI4Wgn8OWPXIfvSao3HTDL_pe4kWOpPnz70YKU6vmK_ezX-ZXxTL72H4H1mcj4OOMTZZleVfsiiKkMdZM5hqssowEIEAmFvAE25YFVUUaK4pvhad-3K3XasTG1ngWeEqOzkokLG3MXUqMkZrI4wUV1qa_WGkLAJeH8N2XKimXK7PlG_9P8A99FKJEEKvHxePF8NFcJnGwPAs1YTEwhYK8zh2v68O6r2nUHee14iRUqdeInJuMmkkK9_JxW2l4_N-Ue5bQfmPM6EmJ1o51UfY5qmsCBpZTXjupwafRDqJO88pftmvWLelOhtBBO4KcQw4am7M0AQI9gTcSEoRQw36wkjUNIUhu_AzWZIloBuQ21-8IneDtkCYSLACKCEVTlmTG4vM7JI3gUcTE-JTiQqKDLLCAcOBBAR5A6oezQscCX26ZxZUyN4oiacpn2s_RficQIzP4bVBJNdrjF1KQpODR2yfU62zw7ICCWDQKWH7-NHtokKeF3U1wjbZKmGM9WaTzw2PkIcrEwGNZ7wV-Oz84kUAJUshvEUtRtiVPmolwGxbw4VYkySEvuuD2ZoZkJwL6gLYc4XSq3l0kcQEjiYG_gXpogns0SUHByWocfS4XxXSVshTwd4W9lUGl_nZd-Cppq_9yZBqX7NDYfFcROESkZhN2nT0v8dnzMAIDW3TVjhFTumfJ7vXNrI0B3Azq500UUsV-O6XrNuVM2Oyw_pfvDWrPKN-x5r1IYGawadMQWACfM2bevxpvevGmt88aN7da-D1r3dwoPTOb-xpgWMrrdDG6J9zIfM3Kxm0-75-pZuC-MdqxE9M4aNjYYJHA3YfIcIyHio7W1kKbXO2fYznRiEg2Y6bDgh2G2mWGO2zpBtQNBKOk_OrsZZ5HdSyHybAU-qj-fSvfKdAmulST5ucmj4cmlyIK8Gknd1ucTzOyy7rnuqoRb1T9fvK7wGLI9FHPngyLDredyCrXB6pxaXpTR-7jCbFaiQimn5Dp9spGnkYHN0HYLfCCEofgjmmCRVPmT0emXzGz1ym2UUodZuAYJEh0ybYI6DgNfYDquijb0sF_CBpCgvurDdpGSqIyx0uYpz91n9VJdw9sWJ6mwpTwOLe_8bhfgZB2EQJlYOsgH9v_EeVxO9zgKTREZPmzNErBlMjZ-21PyBsteAzHBuFVC1n5r8k0bzhmvb6z0OkEJ-d_u_Vfr_b6TFTFgfvguNOWGaGY7Dv-GE5GeTgwdyRlUDgtk6nRbMNrxI_omuWfjZxt3sbIvrC03x4d6hSdqIjRrHc52HT3NwLaQ7v_t-6-SMZnX3ISJkk0YNpJL7dHEBAaB19ZY0LpcAx3ce7Bdc-Qo72yY2TT3bc9uz-c4O8UFDGtxl1_BCBhTEWEDH3PuwOico8LEyUfgi15QgRIYTUWrs_zi3yp2I48g4PSxKKzOortJ60vtc8jD37dt-U8v9iJVyi-GzXytrlq9inP3DXTyovzL6wCXIqRm2MEIiuRqdu2Aq2wwr_vW9CFqPCT3E8-ygXa-0F4cascWxGRpCxINzaSxqNtm3G6EgQMgw6rkFHbgDX1YiQGJy487Ke6PKXg7kvkn5YUWQ3bP0vJ2YYJaTBHPWQ0z02-5gZ9W3sx2e6GrXIgluFAktJBnRO6dL2CU2RpqFUGVqYy6wGOG7ozFy3q-HdVT0SzZ0SutjQBHuc-PyrHh_X_ORKika2me-Vykhb52Fcgqgg2Z3TaQY1XRY_J4iuPCxNznj7nwYp7xT1X2haF5yQwlWg4e1-XtVErDEmyppHQPWp7aOQGFEmtM06XLqk-58cdhX65um4Cn6s3Zpfn2w8KDZWAOIUNNQXjHsuSt4XxCXb_lPAV8iQ9RMI4z7x0yzvL7XK83pPQzRJT0D8MhMbOwI70isGzCP1dKkV4-ASCsXNWjbHfdkEqSA8p8RLymbH63UCfwQ7Hnwn-MxAnmm6utyCksfyAJGKwBOxFinSkn7U0_Z6l9C-8pE9NTFCgi-8Avek6G5t4gD4mFl64RTPJ47O6d5pzQYrdL4Fwkb9Rre1GDE_S7vi9bLpNqi-2c7WiqI6Kx3awJfHZobzmrEAo0zUbZfiwjsPioHiJOjRbuUArpRGxPs-yXqORlIOgS2IGK_ST3x-ofz0-RWqTTQ8YjT3aq0Hu75zGN1P6o2jAIVMNW4RU-VIi2a0dFSfqUTZDAu-4byznL1pY6cd_5PSBUWgDZk0_EfqYKz6vmD5QrR6wK-hPsFTtJ1QAClE8OAgKpYcX1kT3CkOpoxtzoVurZsIdcJ0vjKMXU68tVIpeJXTJAm8QosmyzoEVBkPy8a1N2UJ6fwxtLfxAEH7ebBsyG_29A3ZJe1DvX_gptW4weL2Cc9mW0m70e_RR1VzUUdDUjtbPw1UQAEbjQEZJq0MXgCtyU7Ev8qkMWPXDGeh2mOWrDX_kpzessqJQF6i0ZDlfoYDuxjN7QUe1NQHGPSMi7FLYi1WygrT5PG4fSOQnlEJmZZQnLVIIdL20CjRwzKlKZjphfoqVNUcGNp9YZ6QskZ_zNnOg4ksNVtDGhCueiMQoxSUQZKNwvCZwLHsDLxNFopDfE6tVakVsWSjPEz1JeYVlLhxmUTUmNlqC476dhTBRQ9uzFzrgLoQcRWujzZmtc7gKQ-3vGLDCLGbCV1644KDENOU_ROtkkRzJ0NXmYC9zXKKU_Nn58ST-G4A1JvPCaSk4VN6kIMBS6DwYyKQ44uxo2ehF6pYK6f45Eq94bIvcYvcznHiK1pvCNHQy6gdcLTRUdijOqX9k18jyEzb5CsUgGmLflqo4zHsQosm9Dz7NI6VpiG4Z3JBaO2yYyM4vJB8ZyF8-GgyUjFTAuhEOoNpK-QdDDpFRJo7DlgZEfjI7g6TonvMtB728Z2jC6nVewkB5oyZoWOtse2G1b8qJX_mljGMorPdVyKy2UPIzUN6wSg07E4KTuKQAOuexnagQY4pm_XRwxqNuYxWAvMffLOu2x5nvkrrq0TLamYG_-Ccuvwy76YRi3tWhGkZZJkMYsA620iz2mvKgimMLP3e6QF5t6Hfo6WUWFdLGxbRhGPAGysvB3BOR1VUpGv2OrelVU6y2ssCxhNyR6mUctzWDRxPpMPhAwiPqinAuSFW5zuukvVVwHf2TLXWEtYI1e1gnQxm2TZVkkJiXeCFMqiJpkaW9Z8BkNwyGKuZNqLJ5Y6YW2y_Eh_N4cVdsDGVfDH6nz_0qJ-jCyAuXxdgm0EsO8z1APia7Rd6_B47r2xJauzT4y4_wijW5xu7dShIRrCEVM-Z6V9p8a7jUB8AbmhvGiR-moGt09PVVyj9UyfPh8qzDXaE0s32xp6b8V5jb0KeeRgu0t2mZiSDq014hnYKpO7SWH568hz0vjUwph1zhGzwy-I6TkPRq2gkbRKwm1cVH2Nh7lkEnGbc5aoN-mMNnUitzQKF0gO9JlUOxSznHtq-ySg&cid=CAQSSwBygQiDEPaUqrwbF7PSPHrslP9TAsvBmWbHmQgf1sAYwIe0JcPE0DXvkpYNKUWYl8XpzsbyE_XuubO8SOpuXnUqyMPGf4G5neh4BhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&ds=l&xdt=1&iif=1&cor=10724840888482120000&adk=3047537735&idt=98&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0be83258932ab55b43c5e85ba761c9e6065a6c8d2e04e8d5feb4cb4464bdc5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4EFE 170 KB
59 KB 40ms
8ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
Origin: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame 4EFE 11 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRECythGvaoXSjubDcG08yMELlAMQzEvpfpLfQjoAo-chwoXWIyElJkOzGd5wgVJEsDwzzUKb8gsipFIUmHlkLEEEJy3jYqqca_ose3OHVQMCHHZdEq0gsNBAuYW5sJqkByNpoibHvXMWuoRzQPjb8BWux0PabQCLgXzZzDntKSVGPjPQ&dbm_d=AKAmf-DiHZtmo6OvOnICfBbwG0qlW2v4jxDwfPgNJgFRek60BC-QdhfFEaPwxldJTz6yunUEGTIZZtHTdseloOVym_Pbps6gENqLxlByI4Wgn8OWPXIfvSao3HTDL_pe4kWOpPnz70YKU6vmK_ezX-ZXxTL72H4H1mcj4OOMTZZleVfsiiKkMdZM5hqssowEIEAmFvAE25YFVUUaK4pvhad-3K3XasTG1ngWeEqOzkokLG3MXUqMkZrI4wUV1qa_WGkLAJeH8N2XKimXK7PlG_9P8A99FKJEEKvHxePF8NFcJnGwPAs1YTEwhYK8zh2v68O6r2nUHee14iRUqdeInJuMmkkK9_JxW2l4_N-Ue5bQfmPM6EmJ1o51UfY5qmsCBpZTXjupwafRDqJO88pftmvWLelOhtBBO4KcQw4am7M0AQI9gTcSEoRQw36wkjUNIUhu_AzWZIloBuQ21-8IneDtkCYSLACKCEVTlmTG4vM7JI3gUcTE-JTiQqKDLLCAcOBBAR5A6oezQscCX26ZxZUyN4oiacpn2s_RficQIzP4bVBJNdrjF1KQpODR2yfU62zw7ICCWDQKWH7-NHtokKeF3U1wjbZKmGM9WaTzw2PkIcrEwGNZ7wV-Oz84kUAJUshvEUtRtiVPmolwGxbw4VYkySEvuuD2ZoZkJwL6gLYc4XSq3l0kcQEjiYG_gXpogns0SUHByWocfS4XxXSVshTwd4W9lUGl_nZd-Cppq_9yZBqX7NDYfFcROESkZhN2nT0v8dnzMAIDW3TVjhFTumfJ7vXNrI0B3Azq500UUsV-O6XrNuVM2Oyw_pfvDWrPKN-x5r1IYGawadMQWACfM2bevxpvevGmt88aN7da-D1r3dwoPTOb-xpgWMrrdDG6J9zIfM3Kxm0-75-pZuC-MdqxE9M4aNjYYJHA3YfIcIyHio7W1kKbXO2fYznRiEg2Y6bDgh2G2mWGO2zpBtQNBKOk_OrsZZ5HdSyHybAU-qj-fSvfKdAmulST5ucmj4cmlyIK8Gknd1ucTzOyy7rnuqoRb1T9fvK7wGLI9FHPngyLDredyCrXB6pxaXpTR-7jCbFaiQimn5Dp9spGnkYHN0HYLfCCEofgjmmCRVPmT0emXzGz1ym2UUodZuAYJEh0ybYI6DgNfYDquijb0sF_CBpCgvurDdpGSqIyx0uYpz91n9VJdw9sWJ6mwpTwOLe_8bhfgZB2EQJlYOsgH9v_EeVxO9zgKTREZPmzNErBlMjZ-21PyBsteAzHBuFVC1n5r8k0bzhmvb6z0OkEJ-d_u_Vfr_b6TFTFgfvguNOWGaGY7Dv-GE5GeTgwdyRlUDgtk6nRbMNrxI_omuWfjZxt3sbIvrC03x4d6hSdqIjRrHc52HT3NwLaQ7v_t-6-SMZnX3ISJkk0YNpJL7dHEBAaB19ZY0LpcAx3ce7Bdc-Qo72yY2TT3bc9uz-c4O8UFDGtxl1_BCBhTEWEDH3PuwOico8LEyUfgi15QgRIYTUWrs_zi3yp2I48g4PSxKKzOortJ60vtc8jD37dt-U8v9iJVyi-GzXytrlq9inP3DXTyovzL6wCXIqRm2MEIiuRqdu2Aq2wwr_vW9CFqPCT3E8-ygXa-0F4cascWxGRpCxINzaSxqNtm3G6EgQMgw6rkFHbgDX1YiQGJy487Ke6PKXg7kvkn5YUWQ3bP0vJ2YYJaTBHPWQ0z02-5gZ9W3sx2e6GrXIgluFAktJBnRO6dL2CU2RpqFUGVqYy6wGOG7ozFy3q-HdVT0SzZ0SutjQBHuc-PyrHh_X_ORKika2me-Vykhb52Fcgqgg2Z3TaQY1XRY_J4iuPCxNznj7nwYp7xT1X2haF5yQwlWg4e1-XtVErDEmyppHQPWp7aOQGFEmtM06XLqk-58cdhX65um4Cn6s3Zpfn2w8KDZWAOIUNNQXjHsuSt4XxCXb_lPAV8iQ9RMI4z7x0yzvL7XK83pPQzRJT0D8MhMbOwI70isGzCP1dKkV4-ASCsXNWjbHfdkEqSA8p8RLymbH63UCfwQ7Hnwn-MxAnmm6utyCksfyAJGKwBOxFinSkn7U0_Z6l9C-8pE9NTFCgi-8Avek6G5t4gD4mFl64RTPJ47O6d5pzQYrdL4Fwkb9Rre1GDE_S7vi9bLpNqi-2c7WiqI6Kx3awJfHZobzmrEAo0zUbZfiwjsPioHiJOjRbuUArpRGxPs-yXqORlIOgS2IGK_ST3x-ofz0-RWqTTQ8YjT3aq0Hu75zGN1P6o2jAIVMNW4RU-VIi2a0dFSfqUTZDAu-4byznL1pY6cd_5PSBUWgDZk0_EfqYKz6vmD5QrR6wK-hPsFTtJ1QAClE8OAgKpYcX1kT3CkOpoxtzoVurZsIdcJ0vjKMXU68tVIpeJXTJAm8QosmyzoEVBkPy8a1N2UJ6fwxtLfxAEH7ebBsyG_29A3ZJe1DvX_gptW4weL2Cc9mW0m70e_RR1VzUUdDUjtbPw1UQAEbjQEZJq0MXgCtyU7Ev8qkMWPXDGeh2mOWrDX_kpzessqJQF6i0ZDlfoYDuxjN7QUe1NQHGPSMi7FLYi1WygrT5PG4fSOQnlEJmZZQnLVIIdL20CjRwzKlKZjphfoqVNUcGNp9YZ6QskZ_zNnOg4ksNVtDGhCueiMQoxSUQZKNwvCZwLHsDLxNFopDfE6tVakVsWSjPEz1JeYVlLhxmUTUmNlqC476dhTBRQ9uzFzrgLoQcRWujzZmtc7gKQ-3vGLDCLGbCV1644KDENOU_ROtkkRzJ0NXmYC9zXKKU_Nn58ST-G4A1JvPCaSk4VN6kIMBS6DwYyKQ44uxo2ehF6pYK6f45Eq94bIvcYvcznHiK1pvCNHQy6gdcLTRUdijOqX9k18jyEzb5CsUgGmLflqo4zHsQosm9Dz7NI6VpiG4Z3JBaO2yYyM4vJB8ZyF8-GgyUjFTAuhEOoNpK-QdDDpFRJo7DlgZEfjI7g6TonvMtB728Z2jC6nVewkB5oyZoWOtse2G1b8qJX_mljGMorPdVyKy2UPIzUN6wSg07E4KTuKQAOuexnagQY4pm_XRwxqNuYxWAvMffLOu2x5nvkrrq0TLamYG_-Ccuvwy76YRi3tWhGkZZJkMYsA620iz2mvKgimMLP3e6QF5t6Hfo6WUWFdLGxbRhGPAGysvB3BOR1VUpGv2OrelVU6y2ssCxhNyR6mUctzWDRxPpMPhAwiPqinAuSFW5zuukvVVwHf2TLXWEtYI1e1gnQxm2TZVkkJiXeCFMqiJpkaW9Z8BkNwyGKuZNqLJ5Y6YW2y_Eh_N4cVdsDGVfDH6nz_0qJ-jCyAuXxdgm0EsO8z1APia7Rd6_B47r2xJauzT4y4_wijW5xu7dShIRrCEVM-Z6V9p8a7jUB8AbmhvGiR-moGt09PVVyj9UyfPh8qzDXaE0s32xp6b8V5jb0KeeRgu0t2mZiSDq014hnYKpO7SWH568hz0vjUwph1zhGzwy-I6TkPRq2gkbRKwm1cVH2Nh7lkEnGbc5aoN-mMNnUitzQKF0gO9JlUOxSznHtq-ySg&cid=CAQSSwBygQiDEPaUqrwbF7PSPHrslP9TAsvBmWbHmQgf1sAYwIe0JcPE0DXvkpYNKUWYl8XpzsbyE_XuubO8SOpuXnUqyMPGf4G5neh4BhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.brightermonday.co.ke%2F&ds=l&xdt=1&iif=1&cor=10724840888482120000&adk=3047537735&idt=98&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:43:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 4EFE 29 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
server: cafe
etag: 10389968670829887652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:44:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4EFE 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 13:19:10 GMT

GET
DATA 200
OK truncated
/ Frame 4EFE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc4245d9ec643608247f232d1e5168cf78d8fdce8852a1d7a2c1a4352e31539

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EE50 22 KB
8 KB 12ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 13:20:43 GMT
expires: Fri, 07 Jun 2024 13:20:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/ Frame 11BE 62 KB
16 KB 32ms
15ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 16856
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-richmedia-studio-eng"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 18:38:19 GMT
expires: Sat, 10 Jun 2023 19:28:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4EFE 0
0 123ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss99AiaSnQX9Ws3OOGt79tKxG4UNHGJIt58-zO7xqD1tnZhr6lTROSHMUnyTKiB7TwcI-2g2k_csie6YApZM6Vc4vlpp1iJN-wbfgM_98sdqLlwy3ZN1M634jz8Raz5xNPd0Lu4wjB6wglwy6ihxh3iF2DNOoYHfnCktaRF9nTsL8QxFjsHzgqojATlAUJ7XjiF_RWRf4hwsMKpu5c1B43URC8WL3-1FA9_E4XTm24I4TYAqiZ2aQfu2PEbnUCd2rY-sI1VIH4A_Dl78GiA2h8GZ8eeCHKb3acFUYALwShk2c__3SsOpGnasb6VJQ5ZYucoN6JPf9SGY1AqXoTU3qu8jRpPBX22AnlxFFdix_Bp52h4-vZNwhHEhoZA3QeRF3aS87DsbFWi2jU64_BsBZCsyDTjud44GT4yZWJSzO-sdgqNq8KGJdHWcm7g3YvLHgxiSG5r53MoyM0JfSgmPLiZvf1ACTmv4ngSwopG0u0yz0KZzr3Hrm8CsOgcxNuWKLMDKd6kc04U9acpIAdojqxep1zYemU8k54v65Rbc_VxmNllIfTkZwLaPCETXrrCdkk0UWf9_DhFeFKFZHLrWUOtAPGSAP4tGhNdIwwngT3LoNf30gi-oEaTwWErc_vmxawyU8ywJnMnKSHrfMMe-cDwydM9eg7NEDpDoB_FRn8ry09_QxpPpg1K_ufzQ5thvib5BUSzEb3bUzNy4btNNWD9MJrVAdfAvryN_Mm3ed1zhoh5rjzq7RUw3Fi2rfJYYD4PqQ-4V1KhjCa04XLgkE0_ttwKUgtjhKVGD8AvDpKjt2-uMnyCP-p7qvDElmBc7WCCZQMwl0KRrfsuI4SrXoArIeK4EtbApvORmvXbu4cpM7escJQv_WPm6WgX6rD6WXdE2XAdFiBYd50e03Hk6yWdL7_KXC1eczxtcO6biFA5xGTNOEuwZnq9GRY4IHBoeM8dEC4lRqihr1V5kwxBfV9WaRuGHoe2jWTSe6Z0i5mV7KQ2ITlmHZ1GITh7tcB0v79f3SHIce95oH3UEUQsqhCISd0QOggukR50hM_-GHZr6PIQd5Ow-RUyCu37srs0gNhzzaPFJ0Ww57aKBI4J0RahZgFJjoPFpZKTG686R8NeO4E0eq4jpWsy03oiK2HV8eptCdBwRkD9BRUV3-jN7RmqgopE3F3Bwp3X8_XTHvluX6Zg7eOb_ijGpESi6PEAhwfHjTn-SBJCqVl67l1e9vjdOUYeAZMIvKGaJI3E2Qw3P5aVpEiLHI7Vs4FjBv5s6LIqQfnLX01rq7vEqpVE_r4E5TSR07wKQeBMv68Ca7em0HPV-jLjAsq5&sai=AMfl-YQV-z0p8OW11EefDFMZqSxJeH92HpLu8nCMoAoIJDQsUtgkVstx00Vc_mcqh6lU_BjwTjbwqeQ6yVu1e2hP51SZ5x_CrlAJh9SfFW5zgHJggIFEbruIkKdEHZnNbhWPEMpVHhq7OKMJhEnyJxIDktirYgoyrO_H_Gb_PBjQA_r2oaytI_bpt5wO6-mKurk_IY7G6_m4GQjBiO3Eo_pkx2Idnuu5koEcIS0uLG84yEFm9usFBHRV5ot2KgAXXE2rYT03Uux47iMxG1q1vvcLHQitnJ2xDaaa&sig=Cg0ArKJSzFAZ95gtv4xDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&cbvp=1&cstd=67&cisv=r20230607.47802&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame EE50 38 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11BE 2 KB
979 B 52ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 16:40:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H2 200 gwd_webcomponents_min.js Show response
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 11BE 16 KB
6 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcf7e9d00cf9801aa15790eed1b8eca5c403d8ee03c323f042562b426a8a8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5563
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 02:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H3 200 Enabler_01_238.js Show response
s0.2mdn.net/879366/ Frame 11BE 106 KB
36 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_238.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 21:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36751
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Jun 2023 21:17:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 11BE 15 KB
16 KB 39ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 54472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE50 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFkXaG8OEZKfNJuCPjuwPtry4yAUAAAAAOAHgBAI&bg=!tLelt-PNAAaGYqkwpmI7ADkAdvg8WoL0ljQvZFZEhiPC0W9tq8olUOFpHvn0ZfTK0Fmn_eTciWLW0AZTlNK7Ur1WwbzSR1GR840CAAAAj1IAAAADaAEHmQMpAGwnfrrNJKNOmwY9YSyAX7WA52JseplMZHu5xdqE0okGzq4dkFEVtuCwD2VFhaIfCjlntKG1FYf0nkn0YX_YhE95vOXaMlxwaJeNg1H0fcaEoXyOacrBckwbYK2qP4U-yG_4H-lbA26ZGb3fQTCmuF6a9PbY4kCEC3oD06cb1ZetMN1Pft-oe4dyxyXij4CNY6RmeoyKX8dKk-vqP5BpT8JP-3tAPaayyRkV9VO7WWGsTc85VJ09ovMoTqV52w-HWV8QxBk4xBKfujpxI3r2V_RrQbIckhH3etqUDbzdIAUxdYdCf_zbbn2kDTO1lRgRr6GgNuw0v0KW8IjGg8bwDAs6GPTxSK3eeRT7g5I0cMMRfIzpfS8Q0G4qJV3QjMtikOaWfn6SWxj51_YNbJrz8K021v0lQwocRdIrPzm6qCD3e5jYdTnzS3tMOn58YiLaRULmaRbrrUwIwl5JylbYIyJXl_Vnm09AFnPIqKXAtaRInIRQkkfivuSMO1v1i-V84OOb6zUov4fvMSCPGibYWeTY177rxNeJKVMoxSgRZrMrTGhtcO5XiIo12Nq5h9aM4wqKS4tlRvthBTMBlJo4stK6D3mXCrXezyOpgDbHKW_tlVtv_RjmnGZFPJxCGz6Fqe5maoyWGrwFmy2X_ZH6HINmeYKGR26Lpr2xmMsIppXAMYI-CXt0ATmL8H1uCJhyYAppiRgkMEmHesUjQv-HrtYBCxocd1W2AFlJv1VuELVG8-rY2CVP3E9C4izQxT62DKxsENukWcdJacYubNbA56L6-p-U3Bw4w_8ENyG48KrftreEeq3m8M_hF55VDni322OX1I5aPAqi7oNmgmuSD_R4XKpzXK8iC8l3HEeJz2lXLukM0vsMXvmh1oN76Gt74P3EbfN0BuKsuuqAd5NYy1crRTmc_o4Uy1_MZgR2Kb8NkXMJLHaLvXrhczTJc4f_Vthfm8xJwde3BOMMYXSEWy_aDNwqA59E72yl2TZ17vwDyLNQzkGx-fdlLjAcdlewUCKH06WD0GUS_epSqwCvPADWUHjZVa4GdWGqtu7K-0p7VCk0y3Qosbw

Requested by

Host: 5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
URL: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4EFE 0
0 51ms
50ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss99AiaSnQX9Ws3OOGt79tKxG4UNHGJIt58-zO7xqD1tnZhr6lTROSHMUnyTKiB7TwcI-2g2k_csie6YApZM6Vc4vlpp1iJN-wbfgM_98sdqLlwy3ZN1M634jz8Raz5xNPd0Lu4wjB6wglwy6ihxh3iF2DNOoYHfnCktaRF9nTsL8QxFjsHzgqojATlAUJ7XjiF_RWRf4hwsMKpu5c1B43URC8WL3-1FA9_E4XTm24I4TYAqiZ2aQfu2PEbnUCd2rY-sI1VIH4A_Dl78GiA2h8GZ8eeCHKb3acFUYALwShk2c__3SsOpGnasb6VJQ5ZYucoN6JPf9SGY1AqXoTU3qu8jRpPBX22AnlxFFdix_Bp52h4-vZNwhHEhoZA3QeRF3aS87DsbFWi2jU64_BsBZCsyDTjud44GT4yZWJSzO-sdgqNq8KGJdHWcm7g3YvLHgxiSG5r53MoyM0JfSgmPLiZvf1ACTmv4ngSwopG0u0yz0KZzr3Hrm8CsOgcxNuWKLMDKd6kc04U9acpIAdojqxep1zYemU8k54v65Rbc_VxmNllIfTkZwLaPCETXrrCdkk0UWf9_DhFeFKFZHLrWUOtAPGSAP4tGhNdIwwngT3LoNf30gi-oEaTwWErc_vmxawyU8ywJnMnKSHrfMMe-cDwydM9eg7NEDpDoB_FRn8ry09_QxpPpg1K_ufzQ5thvib5BUSzEb3bUzNy4btNNWD9MJrVAdfAvryN_Mm3ed1zhoh5rjzq7RUw3Fi2rfJYYD4PqQ-4V1KhjCa04XLgkE0_ttwKUgtjhKVGD8AvDpKjt2-uMnyCP-p7qvDElmBc7WCCZQMwl0KRrfsuI4SrXoArIeK4EtbApvORmvXbu4cpM7escJQv_WPm6WgX6rD6WXdE2XAdFiBYd50e03Hk6yWdL7_KXC1eczxtcO6biFA5xGTNOEuwZnq9GRY4IHBoeM8dEC4lRqihr1V5kwxBfV9WaRuGHoe2jWTSe6Z0i5mV7KQ2ITlmHZ1GITh7tcB0v79f3SHIce95oH3UEUQsqhCISd0QOggukR50hM_-GHZr6PIQd5Ow-RUyCu37srs0gNhzzaPFJ0Ww57aKBI4J0RahZgFJjoPFpZKTG686R8NeO4E0eq4jpWsy03oiK2HV8eptCdBwRkD9BRUV3-jN7RmqgopE3F3Bwp3X8_XTHvluX6Zg7eOb_ijGpESi6PEAhwfHjTn-SBJCqVl67l1e9vjdOUYeAZMIvKGaJI3E2Qw3P5aVpEiLHI7Vs4FjBv5s6LIqQfnLX01rq7vEqpVE_r4E5TSR07wKQeBMv68Ca7em0HPV-jLjAsq5&sai=AMfl-YQV-z0p8OW11EefDFMZqSxJeH92HpLu8nCMoAoIJDQsUtgkVstx00Vc_mcqh6lU_BjwTjbwqeQ6yVu1e2hP51SZ5x_CrlAJh9SfFW5zgHJggIFEbruIkKdEHZnNbhWPEMpVHhq7OKMJhEnyJxIDktirYgoyrO_H_Gb_PBjQA_r2oaytI_bpt5wO6-mKurk_IY7G6_m4GQjBiO3Eo_pkx2Idnuu5koEcIS0uLG84yEFm9usFBHRV5ot2KgAXXE2rYT03Uux47iMxG1q1vvcLHQitnJ2xDaaa&sig=Cg0ArKJSzFAZ95gtv4xDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=263&vt=11&dtpt=187&dett=3&cstd=67&cisv=r20230607.47802&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.brightermonday.co.ke
URL: https://www.brightermonday.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:38:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Jun 2023 18:38:19 GMT

GET
H3 200 prod_studio_01_238_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 11BE 31 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10829
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Jun 2023 02:05:46 GMT

GET
DATA 200
OK truncated
/ Frame 11BE 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 14798283811058856729
s0.2mdn.net/simgad/ Frame 11BE 39 KB
39 KB 15ms
14ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14798283811058856729

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f61b9025b918ae0ba3912da8c938cc46922876828d5373cbb6f99a816f2be83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 18:03:07 GMT
x-content-type-options: nosniff
age: 88513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39725
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 14:38:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jun 2024 18:03:07 GMT

GET
H3 200 14798283811058856729
s0.2mdn.net/simgad/ Frame 11BE 39 KB
39 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14798283811058856729

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f61b9025b918ae0ba3912da8c938cc46922876828d5373cbb6f99a816f2be83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=12KHEsinaH&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 18:03:07 GMT
x-content-type-options: nosniff
age: 88513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39725
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 14:38:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jun 2024 18:03:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080101&jk=4262233695952400&bg=!3t2l3YnNAAaGYqkwpmI7ADkAdvg8WvyBSQ6cr4qlKIe60z5y0DW-RjOIrOwl2_pF9wfUIIZlJOMqDwWP7wi39cpQUxtEe3tO64kCAAAArlIAAAAEaAEHCgAnRlnZ2j4Cyo9R1F16YEJ37E4TPjftMte8B58JFarF7v4Sxd6p3HevmQLw1GacA8z2n2nX9uc8BMhKvNCX-XoNMhRrFxg4lh_sCMxLLg60mtYRYj_XP5UdlI_81Tts3IQzvjEvCl_Kva5dztbzTbS2zMTOGKDdyQxlXA2-KG0m4g6dZ3RFELvww7BxdYNy6YNCX7Ygphmrk113eBNHtm_1I1ueoSWTuYtgbVCbmPyOIw429UZU2hQI78dinuyjac9H9fzVnGdMmM5LyBsH__ZQZAn4mdxY1P_l1kIpZfd935gwS3frRVl7W7oVeP_S3uBUBATZNGTvFyhm9CoVEGLUjbIMAHQGfiubvJs3oQVRsmJzFtgE4vOtem7TLwqzF-Jjkkcpvx7d38AU-46h4lQqUhH-XesZy4DdG879QxiHuAxOfPZmIRk-bMIQAX4gOo--XifiDOYyMivFz0gkqtiqtkPY2JR5eMvEUk475GE6yyuahu_2Bq4yRK5Kmvd9d5KJjFu2xEJC1A7ldrHaZNb8yM-gm4tWFtCquAFcP34WfQ99z-f0pgvTVpkYiZiUR5OnNUz7SGqXshFPXAsHkbNeLjDutPouSZphlQLQlv4Smzql37AWBJgNsAfzzunw9FCM1MWM93_63oedNLMb3E3b1RzfFjJa4JjirW7HKZwpWpJVT-hMEC-FNlFQMYFtSyxgyOSW2g2onf1JIpGV8OtfYhEu6q6-FPY6xwllz6PkmLkY5udboi4CaFNEgS1TzBMlf999q3D0S-wQjWJZeptEbhmPMI6YbK_LvFE5cPMS-AEEUDhh2n9V-tTtz1KLiMMphbOAZL4H-hLPV8Gt4ZIV9VqbFYbMs5mwE1JFncJo1I8e_qwqCKH6tdcjMHio7h3QHscaK3s5eklXrygZzQ-2TSiLL3uZi3V0CPzr0UT8qKCRuPJHAFT7xAtAIRuIdhGRgVN4aM-MB22GWPixIFuLC0HAXwSTLR0QmPgAzph3vGzt3AiDNTTgVnf31MYtIQVhn_sxF8Oymos8vR3RCf-NUyXet79B5Im3Smk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
304 B 184ms
183ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.brightermonday.co.ke/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.brightermonday.co.ke
Date: Sat, 10 Jun 2023 18:38:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91C1 42 B
174 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWv6RXZxW-0vVgnYOBPUtzlfVsBKIn-OGEg_wBAO1Pl-QwM3D9Kzgg2EWB8QP8Xt2t1CGovpVKJp_52JOTGKYHfo-UGgjaALocX8hZMvRLw8wlYHNV&sig=Cg0ArKJSzA5b9wAhDwhoEAE&id=lidar2&mcvt=1000&p=1038,436,1128,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2963885971&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686422299239&rpt=216&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brightermonday.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EFE 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2484214133141&version=m202301230201&ct=76&x=1&cor=10724840888482120000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 18:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.brightermonday.co.ke/discover/	1970-01-20 12:28:28	Name: is_visitor Value: 11376
.brightermonday.co.ke/	1970-01-20 21:12:38	Name: _ga_1HS1YQ0VQS Value: GS1.1.1686422298.1.0.1686422298.60.0.0
.brightermonday.co.ke/	1970-01-20 21:12:38	Name: _ga Value: GA1.1.886788286.1686422299
.brightermonday.co.ke/	1970-01-20 12:28:28	Name: _uetsid Value: f80abf6007bd11eeabec75d73ccb8ac5
.brightermonday.co.ke/	1970-01-20 21:48:38	Name: _uetvid Value: f80b0e1007bd11ee92338debab2201d1
.www.brightermonday.co.ke/	1970-01-20 21:12:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Jun+10+2023+18%3A38%3A18+GMT%2B0000+(GMT)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=e892b2cf-1995-4d14-a859-13a263426e44&interactionCount=0&landingPath=https%3A%2F%2Fwww.brightermonday.co.ke%2F&groups=C0001%3A1%2CC0005%3A0%2CC0002%3A0%2CC0004%3A0%2CC0003%3A0
.bing.com/	1970-01-20 21:48:38	Name: MUID Value: 353A578E17EE62372DFB44A216EE633B
.events.ocdn.eu/	1970-01-20 22:03:02	Name: ea_uuid Value: 202306102038188176107244
.brightermonday.co.ke/	1970-01-20 22:03:02	Name: ea_uuid Value: 202306102038188176107244
.brightermonday.co.ke/	1970-01-20 13:56:19	Name: ats_ri Value: fp_ms=1686335898751&ri=&model=&models=eyJhdHNfcmkiOm51bGx9&ttl_ms=3600000&expires_ms=1686425898848&version=1686422298.84
www.brightermonday.co.ke/	1970-01-20 12:27:38	Name: XSRF-TOKEN Value: eyJpdiI6IkVIeHRrcEkwVGF4NUZFVCtpczRjM1E9PSIsInZhbHVlIjoielhqb2sxSTdpY3MyNzVQVmpaeWM0VFhmcVVVU0NibFcya01aVVI3elRVZTJrOTkyV1p1MmJ4WGxFbzhpUkNZd1BSS2VSQ2NUWGNSU2hsejBLVW4wbCtWbXJoTHZuc0pFZ2NETEhvWjdISkh5emdaY1B0dk45SloyNzY2SlBmdk0iLCJtYWMiOiJlNmI0YjAyY2Q2ZjkzYjA4YzMxYWJmZDU3Y2VjYWZkOWRlYTI2NzQxOTk3NTcyYjAxMzQ3NmY3ODFjOGY0MDNjIiwidGFnIjoiIn0%3D
www.brightermonday.co.ke/	1970-01-20 12:27:38	Name: laravel_session Value: eyJpdiI6InFUR0NSSVoxT0h2d2NGZzlDQklZY1E9PSIsInZhbHVlIjoibWhERS84dUdENVN6MGFsM1JydUZMVjQvdTI2YTV3U1ZZTG9nam5KRk1DMDYxbFZDUVp0YTNpOElSN0s0eS96RjV5M0RVWEhsUWVoQUcwa1ZZN0M4Z3RsZldJdzBoS0x1SEoxalJTbmdVQWhZTzJEUkFabU12WGJ2R3RBcmM4ZlYiLCJtYWMiOiI1MDY4OWNkZjNlYTE0N2UyYmI1YmY3MmIwZWNmZGNjZjcxOGNkOGVlN2RlYzQxYjczMTI1OTEwNmE1ZWMwNGYzIiwidGFnIjoiIn0%3D
www.clarity.ms/	1970-01-20 21:12:38	Name: CLID Value: d11c122d41b544e6b767a1c53acf8e41.20230610.20240609
.brightermonday.co.ke/	1970-01-20 21:12:38	Name: _clck Value: s55cn3\|2\|fcc\|0\|1256
www.brightermonday.co.ke/	1970-01-20 12:28:28	Name: ln_or Value: eyIyMTAwNDkwIjoiZCJ9
.c.bing.com/	1970-01-20 12:37:07	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:48:38	Name: SRM_B Value: 353A578E17EE62372DFB44A216EE633B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:48:38	Name: MUID Value: 353A578E17EE62372DFB44A216EE633B
.c.clarity.ms/	1970-01-20 12:37:07	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:27:02	Name: ANONCHK Value: 0
.linkedin.com/	1970-01-20 14:36:38	Name: li_sugr Value: 20cc9811-bafd-450d-8b89-7f0dfa635623
.linkedin.com/	1970-01-20 21:12:38	Name: bcookie Value: "v=2&76a41003-3b6e-4891-8e38-995834df3d33"
.linkedin.com/	1970-01-20 12:28:28	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2673:u=1:x=1:i=1686422299:t=1686508699:v=2:sig=AQENqPvQRbSgRZMMyNBI431DpXwy5O8k"
.doubleclick.net/	1970-01-20 21:48:38	Name: IDE Value: AHWqTUlU25eHa79tnHgDh2TwzLnIqqy4s11-VIyWVcs9Tui6jdeqBmzgBMim6EzMauk
.brightermonday.co.ke/	1970-01-20 21:48:38	Name: __gads Value: ID=21d6c0c350f25b30:T=1686422299:RT=1686422299:S=ALNI_MbgYc5Q5fVqmZ9F6msqxWkeUAL6Ww
.brightermonday.co.ke/	1970-01-20 21:48:38	Name: __gpi Value: UID=00000c418995511c:T=1686422299:RT=1686422299:S=ALNI_MYwCt64mBs4BkbxE-WRXYOxTleY7A
.linkedin.com/	1970-01-20 13:10:14	Name: UserMatchHistory Value: AQIaTcBgMjFtbwAAAYimmiL2CV2xUjRgzkS3cMCNjgTBzOyCC_1qqnwrruOjCzbmaBeFJH9MFjhKMw
.linkedin.com/	1970-01-20 13:10:14	Name: AnalyticsSyncHistory Value: AQJiJOjrR2mLqQAAAYimmiL2ytma4ZmfVjZvBy-xrpTkr8KTbNfkhWcilE-TngCSwg_5lSRpxTpUanQVRjcs-w
.brightermonday.co.ke/	1970-01-20 12:28:28	Name: _clsk Value: 1d4r3wu\|1686422299585\|1\|1\|q.clarity.ms/collect
.casalemedia.com/	1970-01-20 21:12:38	Name: CMID Value: ZITDGyDWQsD-h7RxDvBEKQAA
.casalemedia.com/	1970-01-20 14:36:38	Name: CMPS Value: 5141
.casalemedia.com/	1970-01-20 14:36:38	Name: CMPRO Value: 5141
.adnxs.com/	1970-01-20 14:36:38	Name: uuid2 Value: 7992821695172901562
.adnxs.com/	1970-01-20 14:36:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUjFE!W7!@wnfH8K6pQK`!5=E<L5?%M6Dej'7k^r+0sn]rkNl?pjG+JX@JG#+o@aYX%nugO%v4VB%nle@)[d=:
.www.linkedin.com/	1970-01-20 21:12:38	Name: bscookie Value: "v=1&20230610183819c0444adc-b701-4dec-87ce-d830a0ecab62AQEIgl475r32HkM74uxw6s_RPqIZ9K_r"
.linkedin.com/	1970-01-20 16:46:14	Name: li_gc Value: MTswOzE2ODY0MjIyOTk7MjswMjEnVpNR2pwHZC6lBhPKNLlFCU1VaG8wm650icPzsocXug==
www.brightermonday.co.ke/	1970-01-20 12:27:03	Name: _dd_s Value: logs=1&id=9a061c36-9f61-4f23-80e7-1b1b4f353daf&created=1686422298666&expire=1686423198666

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b8c71aa86e30a2cd02e3a02d55f2230.safeframe.googlesyndication.com
adservice.google.com
artemis-cdn.ocdn.eu
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cdn.linkedin.oribi.io
cm.g.doubleclick.net
dsum-sec.casalemedia.com
events.ocdn.eu
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.roamcdn.net
ib.adnxs.com
lib.onet.pl
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.clarity.ms
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
sgqcvfjvr.onet.pl
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.brightermonday.co.ke
www.clarity.ms
www.datadoghq-browser-agent.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
108.138.36.122
13.107.42.14
142.250.185.130
142.250.186.162
143.204.215.116
18.66.192.29
185.80.39.216
20.231.53.73
2001:4860:4802:34::36
2600:9000:237d:8800:2:53b2:240:93a1
2606:4700::6811:8e37
2606:4700::6812:1d26
2606:4700::6812:8954
2606:4700::6812:aa72
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::9b
2a02:26f0:480:f::213:7ec6
3.33.138.253
37.252.171.85
52.222.164.194
68.219.88.97
04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379
093b9667d03287d1f6a19aeb676f7e299c1b6c7cf7871291dc76e73dc3ac0789
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be83258932ab55b43c5e85ba761c9e6065a6c8d2e04e8d5feb4cb4464bdc5ad
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c404df0041a4998dbe80619c9e4b75aea8dae835957e55f13baaf155fe9f50
12eb7a7883d5f86de235d33fabe6460aab45b9a0385ec63bc97f64c26130953e
1619035a20227422e95fc3bcaa84876a3081518cdf9cb8cbf806c007ee2e0371
19f9bc9b1493b0679abb01be786cc6d3c38e528919afbeae56ce71b0ad412bc0
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2b16a5186c5e1b4d09b94c7c85d63369c3c5fd43fd1c71a516350a3e2d708f20
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3254fff30a1246a754c54436a92aef17fad66b1a46be370a86b2ee9fe009eea7
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
384db2b2e720ba11ef825a5e3bce4d3565a5a7694f61e3e76df852551f9aa00b
396d477150992111b27d6812465487593522b69bca4c9981e2e4d75ff5d0e7ab
3ced3f556e65561203347082cd3c41f2dda3ac93e2b449d553a1dbfb9b73a1e9
40874a8c3a85be6c94666401a1ebf1851f3ac4f0a695868ea472f04df46abd15
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47212ddd3bae582a65fc7babef16ce474d45e43c8c5ed4cbb7b9c0a14f5db0a0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513f937a8451c5fe031bc8a307a749dfcccc8c9eae6d5276f8bc84f838df57d1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fda54fe5434c1a56c23f30d0ab42c0f17acd33517f4e627d754bc2e81de964
5bef6f8c03cdd3f12ed42fd2750db3463cb44484905acb2dfd0fdb394c24900b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
646d1f946d758eea129d085f511082aaf557f6270fbb2aba69bfff6418aaf463
66abc81d0a95e960d18d2bcdd1b8bab9725bdb5501beba7df75d254a59e391b7
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d836954a80484e1203c39f288760db312372c12904cfc8e3bd504a95cbaec54
70645556fb5fcaccf533a19977023b3fe350036d80a39fa085958339e3309123
7337e4c590e9e0e7e83e7786c36dab8f44a37b2bd43c03d429a70161dd4b3452
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7dc4245d9ec643608247f232d1e5168cf78d8fdce8852a1d7a2c1a4352e31539
7e0d0012c982b9e77481466f18dd7ce3d56967476a0c32df3cb85fdc9dfabde0
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
8e4c9ec403466499bb0e0fb7e517a5f36966f36708179730e0b965d3e17b0cb0
8ee2111e9f59d51e2028b2a46e046e4d6ca4f1241b49ef3c05172cdb984443ef
8f400eb2f6fa018e0fb23c7e5f41d300fc9fc90aafeedc447a90aedabfd2162a
8f61b9025b918ae0ba3912da8c938cc46922876828d5373cbb6f99a816f2be83
908d5211c745dc4c6b8ffca62f7486d9502d195a1db6af1e65a40a1fa6eaad54
92683257cdd91161cef09fedffd4e4195c1a9588c87c5498230744f1c189ea77
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c38d366c801c1c15a52ba4f6ff085f90a04953e9c89be0f450f3783b58e16f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00e9ea4f44b3545fb2e30ee99ffe534f70f0519f03ba101ce8606ee079cce1c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d8c7883871d5b92b2026a9ab73cd9a3f0521f4ec7979127e6df5afb39c1930
a1664ab08f0a07fd7be0d4d2dc11fba5b73fe975267bf09cbacde9e6eeb913df
a2c7a0c96370e2af175c5835cacd5f460408286714b908096fa19564daf6959f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7a95b15c17e7d5472fdb4c89212251c6b09c86906c2539c3d97c6c488a14a1d
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
aa5a5a7aef18ee566c2ae611c7e7a23d61cceca332684e3f3d2bcbf7c4bfc886
aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e
ab0c26366cbb6cff003f51ffa4e8a6f3c77a2a83324a0d3b7245cdc0805afd8a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b901f7c72387d44c5f8f9392019e89097d6c845b6b6cbe8631f19f952ac31662
b9a957d621146311350de8d28fb5676dbcba136dd1d800792e28ce1939d2468e
bd82bcab67f9bcb30388c4b29a6b4a0421cbea6326216ae747d966ef1e4f751b
c14fde4ef50a1c17d8f3658a85db78d21b75d4415fb4b4fd179682c82d30e7a5
c93b8ec7c210dfce0786c545b970c60b90575087d3ca7830d92f4662dffb848f
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d120a95cdff26dfbb60f29390f58332b90d2a15370212f613e1c56074ac99b62
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d3692b07cc5222bcdd2915c0fe6b2ee7da1f7d24bd17eaca14d9bc79d4e46196
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
d56fec2159406ce1d4e284774fd1ee371018f131e28aa303ad1675edc76f20dc
d8b0f7ea79e8ac370b34aa048f71e42942c0942934f25d822963f6bb46c1d8f1
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
dfe8ba33a65ada53250f0139b71e0bed989d46ee4ad3f9fb75cd47f0052e905d
e1e0c3ca084ae3ac735b7278f865149f720e831cd03637357ac48c5cd63d77f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3efec7afc7ae56230e8f8d0b2417998660a159e5b85b2521e601bf7a7b2dcf8
e4cd14dd60e0d9e9ea7cff3009ec795672a1d0f5a49ce3e63fa4699693ee856d
e4ff56cdc37e3cba5f9135ceffdd9c9d1addaa779fd49e60db40d764ac6aedfe
e5ebe900fb112bb173c81ad48b9bcc27501654aef82f96e9f981949081340c9e
e6c441815a3736a6858aa38f869fb4189341bbb0e3f73769704d46e9fd913dc9
e6e6770ab6db5500526f6b7dd04607473766afd7677aadac48a0ddf010fec60c
eb522f78ba39b20299843b8b8f327e5566be92847fb39851fd7105d53af17840
ed51a059c9859521c2ee61bb434170f075da5252effdb852d7293737eaa888e5
edcf7e9d00cf9801aa15790eed1b8eca5c403d8ee03c323f042562b426a8a8db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd96ddf25a3deba65bb06aaf0f2af24ea37136153ce977085e4a570752f5ed7
f0836dbcf77afc45f90dbdd735125a48b0c631de47b303db343a1f70e5fd5d57
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e357a31f9655ff73340c8c21ac6f4db09e373f6f37f9ecf032c3a9cd8dc7eb
f8dba58c13df294cb3a2e4d574483e0985886ab914b72c8222ea060e230e63f2
f8fd0ea2436a3c65bf7b99d8b3194351820ae7d6e05f4cee957b954dd0b14a5c
ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

www.brightermonday.co.ke Open in urlscan Pro 2606:4700::6812:8954 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

94 %HTTPS

66 %IPv6

23 Domains

39 Subdomains

35 IPs

5 Countries

1855 kBTransfer

5005 kBSize

38 Cookies

9 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.brightermonday.co.ke Open in urlscan Pro
2606:4700::6812:8954 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

94 %
HTTPS

66 %
IPv6

23
Domains

39
Subdomains

35
IPs

5
Countries

1855 kB
Transfer

5005 kB
Size

38
Cookies

126 HTTP transactions
4 data transactions