www.login.sipetresbyr.co.za Open in urlscan Pro
196.41.130.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.login.sipetresbyr.co.za/
Submission: On March 23 via automatic, source certstream-suspicious (March 23rd 2020, 12:24:15 pm UTC)

Summary HTTP 52 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 52 HTTP transactions. The main IP is 196.41.130.158, located in South Africa and belongs to OPTINET, ZA. The main domain is www.login.sipetresbyr.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2020. Valid for: 3 months.

This is the only time www.login.sipetresbyr.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	196.41.130.158 196.41.130.158	12258 (OPTINET) (OPTINET)
13	99.84.155.118 99.84.155.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
3	213.209.16.13 213.209.16.13	8660 (MATRIX-AS) (MATRIX-AS)
5	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:214... 2600:9000:214f:2c00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.77.223.127 54.77.223.127	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1	185.54.150.20 185.54.150.20	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1 2	23.5.97.37 23.5.97.37	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:ac00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	213.209.16.12 213.209.16.12	8660 (MATRIX-AS) (MATRIX-AS)
2	52.215.102.72 52.215.102.72	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20e8:4400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.244.37.20 104.244.37.20	7415 (ADSAFE-1) (ADSAFE-1)
1	54.154.27.134 54.154.27.134	16509 (AMAZON-02) (AMAZON-02)
52	21

1 196.41.130.158 (South Africa)

ASN12258 (OPTINET, ZA)
PTR: cpt-cpanel-08.mweb.co.za

www.login.sipetresbyr.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.84.155.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-118.txl52.r.cloudfront.net

i.plug.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.209.16.13 (Assago, Italy)

ASN8660 (MATRIX-AS, IT)

geoisp.libero.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:2c00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.223.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-223-127.eu-west-1.compute.amazonaws.com

secure-it.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.20 (Berlin, Germany)

ASN60164 (WEBTREKK-AS, DE)

italiaonline01.wt-eu02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.5.97.37 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ac00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.209.16.12 (Assago, Italy)

ASN8660 (MATRIX-AS, IT)

geoisp.virgilio.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.102.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-72.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e8:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.37.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: daldt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.27.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-27-134.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	plug.it i.plug.it	39 KB
6	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	90 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	102 KB
5	imrworldwide.com cdn-gl.imrworldwide.com secure-it.imrworldwide.com	54 KB
4	doubleclick.net securepubads.g.doubleclick.net	90 KB
3	googletagservices.com www.googletagservices.com	69 KB
3	libero.it geoisp.libero.it	2 KB
3	consensu.org onetag.mgr.consensu.org vendorlist.consensu.org	56 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	911 B
1	crwdcntrl.net ad.crwdcntrl.net	397 B
1	virgilio.it geoisp.virgilio.it	792 B
1	onetag-sys.com onetag-sys.com	357 B
1	wt-eu02.net italiaonline01.wt-eu02.net	827 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googleapis.com ajax.googleapis.com	30 KB
1	sipetresbyr.co.za www.login.sipetresbyr.co.za	23 KB
52	17

	Domain	Requested by
13	i.plug.it	www.login.sipetresbyr.co.za i.plug.it
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.login.sipetresbyr.co.za
3	cdn-gl.imrworldwide.com	www.login.sipetresbyr.co.za cdn-gl.imrworldwide.com
3	www.googletagservices.com	i.plug.it securepubads.g.doubleclick.net
3	geoisp.libero.it	i.plug.it
2	dt.adsafeprotected.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.login.sipetresbyr.co.za
2	pixel.adsafeprotected.com	www.login.sipetresbyr.co.za
2	vendorlist.consensu.org	onetag.mgr.consensu.org
2	sb.scorecardresearch.com	1 redirects www.login.sipetresbyr.co.za
2	secure-it.imrworldwide.com	www.login.sipetresbyr.co.za
1	ad.crwdcntrl.net	i.plug.it
1	geoisp.virgilio.it	i.plug.it
1	onetag-sys.com	onetag.mgr.consensu.org
1	italiaonline01.wt-eu02.net	www.login.sipetresbyr.co.za
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	onetag.mgr.consensu.org	i.plug.it
1	ajax.googleapis.com	www.login.sipetresbyr.co.za
1	www.login.sipetresbyr.co.za
52	22

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
www.libero.it
aiuto.libero.it
registrazione.libero.it
motori.virgilio.it
www.italiaonline.it
info.libero.it
privacy.italiaonline.it
easy.libero.it

Subject Issuer	Validity	Valid
login.sipetresbyr.co.za cPanel, Inc. Certification Authority	`2020-03-23` - `2020-06-21`	3 months	crt.sh
*.plug.it GlobalSign Domain Validation CA - SHA256 - G2	`2019-05-03` - `2020-06-14`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-03-02` - `2020-05-31`	3 months	crt.sh
*.libero.it GlobalSign RSA OV SSL CA 2018	`2019-07-16` - `2020-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.wt-eu02.net Go Daddy Secure Certificate Authority - G2	`2018-01-08` - `2021-01-08`	3 years	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.virgilio.it GlobalSign RSA OV SSL CA 2018	`2019-07-16` - `2020-09-17`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
static.adsafeprotected.com Amazon	`2019-11-01` - `2020-12-01`	a year	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://www.login.sipetresbyr.co.za/
Frame ID: 41C59949793C5C6CC4385EB4EE7C3B87
Requests: 44 HTTP requests in this frame

Frame: https://i.plug.it/iplug/js/lib/iol/analytics/ads/adv/_ads.js?_t=1584966238528
Frame ID: 45E16B82805B41D970D4086754706CA4
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A961E5CE6FDBA74136C63C28DDCD6528
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJPc9CULB08JW0WhDKF0GOWy5Q3uphLmDpaSCw5BXHaYqMZPDN0pVvkDzAkl4vz3n-rGjKrOavmU_2BTzCd6nsmcciDqEGunG7mWQ0hjymegH1kwQ3anh68hxdzUMfjAL4IX2GeTj-Hz-TOvWS4QhmXj0qKMPA4rcDWlm9VeugR9JqxWuP3iAHkP-M43y-W73YMmBLdQeo7Ck7oaazjn1JBE_jb_YHXBkhAzTO_qXn8XIHJhjdzs5ZigmrbRgBXahZj1skfkR4bXd6bJz0piwpclgIkZHOUg9httZU&sai=AMfl-YRJu6Q8r3cgKAJbd57ZiNSqACHdYcVX4zBikUHy_kSbIJT49A7T81F1cuYBqd1h92mz0cZRqloewhZZQhuKAmatMrmez-Vc6I52xP_Fow&sig=Cg0ArKJSzDGOfQ08VAXuEAE&urlfix=1&adurl=
Frame ID: A03ED4C69BA01B51E493A0777F9C680D
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=38840327&chanId=21721897975&placementId=5307074825&pubCreative=138247330835&pubOrder=2637633276&cb=1210501420&adsafe_par&impId=&ias_adpath=%23ads-maxi
Frame ID: 260C4866C3A0CF49825848F0EAB71299
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 143FA1D06F804B52CAEFAB3F8F40EA0E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: FB97ADE6416B552D2B028915D8CB38A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

52
Requests

100 %
HTTPS

40 %
IPv6

17
Domains

22
Subdomains

21
IPs

6
Countries

558 kB
Transfer

1511 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv8DIXK3gs_v5PjVJCXCIDNFo_elSzUxsxGhaQ0Cu47uCpCxeHY7zB1kJ0e4-fPFmTvCOhX5lvU_7Jh8Ls_xrTdtcYDZxUtgYcpocBes7IM0SJ5UNCI3hWKOnY26olSnGTEUX1nG89pTCZor0Bi7EyzcwomqAvNqzWMScin_y4NpEA5qaH1ezGS0J9VzBbtYpXopwAhCSHXB0b_f0klahrH5xuwRueElywz5EgCxMq7tXh_bXfb81aaHxL8aILmNizYJIA2E0FbYusxCtOaAmSZyYdZl-lZ&sai=AMfl-YR9zQlNTKc3-pU7zvd2_aHifECFfAyxM9Obpbm-HBKkbrghoMXVCIDLRZ_xuE1utwxmiBUVGjI9kQdmUpedAAT7b7kAZLTcZJRDV9yjjw&sig=Cg0ArKJSzFEWYR5rG8BLEAE&urlfix=1&adurl=https://b3jrf.app.goo.gl/IOL_login

Search URL Search Domain Scan URL

URL: http://www.libero.it/

Search URL Search Domain Scan URL

URL: https://aiuto.libero.it/
Title: AIUTO

Search URL Search Domain Scan URL

URL: https://registrazione.libero.it/?service_id=appsuite&redirect_uri=https%3A%2F%2Fmail1.libero.it%2Fappsuite%2Fapi%2Flogin%3Faction%3DliberoLogin
Title: CREA ACCOUNT

Search URL Search Domain Scan URL

URL: https://motori.virgilio.it/

Search URL Search Domain Scan URL

URL: https://www.italiaonline.it/chi-siamo/
Title: Chi siamo

Search URL Search Domain Scan URL

URL: https://info.libero.it/note-legali/
Title: Note legali

Search URL Search Domain Scan URL

URL: https://privacy.italiaonline.it/privacy_libero.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://privacy.italiaonline.it/common/cookie/privacy_detail.php?ref=libero
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://easy.libero.it/
Title: Libero Easy

Search URL Search Domain Scan URL

URL: http://privacy.italiaonline.it/common/cookie/privacy_detail.php?from=banner
Title: privacy policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://sb.scorecardresearch.com/b?c1=2&c2=33012141&ns__t=1584966238524&ns_c=UTF-8&c7=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c8=Libero%20Mail%20-%20login HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1584966238524&ns_c=UTF-8&c7=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c8=Libero%20Mail%20-%20login

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.login.sipetresbyr.co.za/ 22 KB
23 KB 1384ms
211ms Document
text/html 196.41.130.158
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.sipetresbyr.co.za/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.158 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-08.mweb.co.za
Software: Apache /
Resource Hash: 8eb017c01ae9624ef47f6300a13452e383f271edb59f8fdc15b5e4246a5fcffd

Request headers

Host: www.login.sipetresbyr.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Mon, 23 Mar 2020 12:23:58 GMT
Server: Apache
Last-Modified: Mon, 23 Mar 2020 12:12:47 GMT
Accept-Ranges: bytes
Content-Length: 22863
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 style.min.css
i.plug.it/mail/login/2019/libero/css/ 11 KB
3 KB 125ms
44ms Stylesheet
text/css 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/mail/login/2019/libero/css/style.min.css?20200130
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: a2e52ddd4b39511cfa30c7c6ca13461fd985ca8e471510fac918eaadf802228d

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 23 Mar 2020 12:23:37 GMT
content-encoding: br
server: nginx
age: 21
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: 27ROEUcvpY-SVOfmrDXCi-oXCmcLFiEXV-LFgPjKnLlNi69cZlnRpA==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 31 Jan 2020 00:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4536227
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 00:20:11 GMT

GET
H2 200 placeholders.min.js Show response
i.plug.it/mail/login/2018/js/ 4 KB
2 KB 115ms
34ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/mail/login/2018/js/placeholders.min.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 10:32:12 GMT
content-encoding: br
server: nginx
age: 6706
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: R3Zghgd7tseZkwu2pSabTzmUMmiRBM3nLAwO4UtvmCAgvoRSvutVdg==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 policy_cookieCMP.js Show response
i.plug.it/common/tech_includes/lib/ 6 KB
2 KB 116ms
35ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/common/tech_includes/lib/policy_cookieCMP.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 55137ab76eea957ac63037bfaf5fb94a5257f7624774b46ca8006cb941e81728

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 05:22:27 GMT
content-encoding: br
server: nginx
age: 25291
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: eGCSjiet5MK2dL9t33TrzIbnDhSeX5JNJIYQ_AO2WXRg3JH80v37Ow==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 cmp.min.js Show response
i.plug.it/common/tech_includes/lib/ 1 KB
887 B 115ms
35ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/common/tech_includes/lib/cmp.min.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 00be4a75e748a196d522a7353e1555308e1122ad1eda6218ce6092de72c5e340

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 01:46:50 GMT
content-encoding: br
server: nginx
age: 38228
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: CGaQEmedM676FuSZvpW8L7aOGLUwkAzb8MqT7xBq3HCqwsM8haBHew==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 adv_library3_https.js Show response
i.plug.it/banners/js/ 61 KB
13 KB 133ms
53ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/banners/js/adv_library3_https.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 7fa57658b48982d12122a10667edae7fe767d680cdd765d33d99ae601f37b0f0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: TXL52-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=1200, public
x-amz-cf-id: FI4XL52llsUQ4hxbFZCfweWuZ7_Kjf8ahDwbIcb3IdSeXElb2uYDAA==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)
expires: Mon, 23 Mar 2020 12:43:58 GMT

GET
H2 200 adv_lib_login_2step_v2.js Show response
i.plug.it/banners/js/ 6 KB
2 KB 128ms
48ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/banners/js/adv_lib_login_2step_v2.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 3a1a2417641691e3055ea0a8720916fde68d1cadcacddcf4893cd239b4ea73dc

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:54 GMT
content-encoding: br
server: nginx
age: 4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=1200, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: IWEXWiYal3xkKF9-M_0_PoCiadwjkL6ZpXnO_xIdxmaDBjG5nFblkg==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)
expires: Mon, 23 Mar 2020 12:43:54 GMT

GET
H2 200 logo-motorlife.png
i.plug.it//mail/login/2018/libero/img/ 1 KB
1 KB 34ms
33ms Image
image/png 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it//mail/login/2018/libero/img/logo-motorlife.png
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: e902685d8cb3ed41c4fb0073103a2a778d7f1ad95c2f26663f970c3a00f2c11a

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 10:50:58 GMT
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Nov 2018 07:13:19 GMT
server: nginx
age: 6164
etag: "5bfe400f-42d"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 1069
x-amz-cf-id: WEL_O5EqWATHrc_1wQWFcZMJjVCgU7pBURTL5VkEVmt1_iGTCabJow==

GET
H2 200 tracking_login-libero-it.min.js Show response
i.plug.it/iplug/js/lib/iol/analytics/data/login-libero-it/ 3 KB
963 B 34ms
32ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/iplug/js/lib/iol/analytics/data/login-libero-it/tracking_login-libero-it.min.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: d1db6076a2a74744fd67f947dec7be38235e7aa5a63ef45a1b6beeefb38f38cd

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 11:36:50 GMT
content-encoding: br
server: nginx
age: 2828
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=1200
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: cS9nD4bA9qfIaJ1ljQNGd9q1rqmWvgpwe7sAOPyx7eRMb_aXRPDq4g==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 IOL.Analytics.Tracking.min.js Show response
i.plug.it/iplug/js/lib/iol/analytics/engine/ 31 KB
9 KB 40ms
40ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/iplug/js/lib/iol/analytics/engine/IOL.Analytics.Tracking.min.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 6e36307d4e8702f349fd7e17ed2b7291ac80f3d9044ffb19b4bcbea32ce35fa7

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 11:41:26 GMT
content-encoding: br
server: nginx
age: 2552
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=1200
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: teyl2JMed2b4Ia8g2bq37NOnw_tOycOhzbqkYTslGj1-rkHq5iu-KA==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 cmp.js Show response
onetag.mgr.consensu.org/ 144 KB
37 KB 103ms
37ms Script
application/javascript 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag.mgr.consensu.org/cmp.js

Requested by

Host: i.plug.it
URL: https://i.plug.it/common/tech_includes/lib/cmp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

67eae26428ad2b3c10b58da4dec6e0a198a13af3dea6a5eab3f0881d485826e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
strict-transport-security: max-age=2592000
content-encoding: gzip
cache-control: no-transform, no-cache
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK iolobj-rc-read.js Show response
geoisp.libero.it/ioladv/ 798 B
694 B 221ms
48ms Script
application/javascript 213.209.16.13
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.libero.it/ioladv/iolobj-rc-read.js?tm=1584966238475
Requested by: Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.209.16.13 Assago, Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: 239537ff30411d0ce5f1abf7618fed9bdcc53a9e42b6939b6ab7f44d1e4c3cb6

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 12:23:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 275

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_lib_login_2step_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bea1d21173af935272a0a8baee8c4b5935c642e983405b8c126d6a866a3b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "464 / 112 of 1000 / last-modified: 1584721566"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14444
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:58 GMT

GET
H2 200 logo-libero.png
i.plug.it/mail/login/2019/libero/img/ 1 KB
1 KB 43ms
42ms Image
image/png 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it/mail/login/2019/libero/img/logo-libero.png
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: e399987441159ab453cb1ca7262074463bb3e387125c19cfc815af5e98b1a962

Request headers

Referer: https://i.plug.it/mail/login/2019/libero/css/style.min.css?20200130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 09:17:34 GMT
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 06:28:14 GMT
server: nginx
age: 11316
etag: "5cdbb17e-44f"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 1103
x-amz-cf-id: qKGoF-2VFa4oE38u8YPNM0auZcXAme1-srPODZ6Hpgkl2Rp9fCsK4g==

GET
H2 200 check.png
i.plug.it/mail/login/2019/libero/img/ 154 B
489 B 45ms
45ms Image
image/png 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it/mail/login/2019/libero/img/check.png
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: b2e891e59418557d24d859a695a59a90c7db808100a275e4c2190671880e0291

Request headers

Referer: https://i.plug.it/mail/login/2019/libero/css/style.min.css?20200130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 10:16:05 GMT
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 06:28:14 GMT
server: nginx
age: 7805
etag: "5cdbb17e-9a"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 154
x-amz-cf-id: dA9jw-s2qBpTKFoj64UMvoYB7Cttro834MRVPNpq2QAKJyXQRkiVtg==

GET
H2 200 divisorio.png
i.plug.it/mail/login/2019/libero/img/ 2 KB
2 KB 45ms
45ms Image
image/png 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it/mail/login/2019/libero/img/divisorio.png
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 478d8454ef8538957447fcd3cee65aaa8ad99312dde1f668b5a5edbba3d62a4a

Request headers

Referer: https://i.plug.it/mail/login/2019/libero/css/style.min.css?20200130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 22 Mar 2020 22:43:01 GMT
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 06:28:13 GMT
server: nginx
age: 50929
etag: "5cdbb17d-680"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 1664
x-amz-cf-id: UqhiRwo39mi8Q8hVyU5lTETYyW8XWNyPgPEydVMIF5FUQFeLGPpIbA==

GET
H2 200 PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js Show response
cdn-gl.imrworldwide.com/conf/ 27 KB
7 KB 26ms
10ms Script
application/javascript 2600:9000:214f:2c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:2c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 632639207bfed9a5ddc7573510e2f1ef24a9297855fb50f56bfffa19441c8923

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: QvEQK9q9Y4.pInrTFhqvjOGScy7UTdYs
content-encoding: gzip
last-modified: Fri, 20 Mar 2020 13:17:10 GMT
server: AmazonS3
age: 802
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400,s-maxage=86400
date: Mon, 23 Mar 2020 12:10:37 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: HJNn1cDL6ezPNydK1BFSir3bRJdsw2pfNQsOYsST9Nkyls0OtqbrfQ==
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)

GET
H2 200 m
secure-it.imrworldwide.com/cgi-bin/ 44 B
524 B 139ms
46ms Image
image/gif 54.77.223.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1584966238484
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.223.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-223-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 12:23:58 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.login.sipetresbyr.co.za

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.login.sipetresbyr.co.za

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 165 KB
60 KB 96ms
54ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065749

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:58 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 164 KB
47 KB 12ms
12ms Script
application/javascript 2600:9000:214f:2c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:2c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89d281be2d8967fc0d0384fc39c6822c9a86e5241dd5402eeb8041aaa05980da

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 1zBvXe9qsyfrxH44JlipBRRNG8EB91_Y
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 15:09:25 GMT
server: AmazonS3
age: 483
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Mon, 23 Mar 2020 12:16:53 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0Tkz7u6KXtpMIEbYqx_3KMbkzMBAnVoRgh5j6mLbBnlPJa113cHlrg==
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)

GET
H/1.1 200
OK wt
italiaonline01.wt-eu02.net/215973748390194/ 43 B
827 B 328ms
67ms Image
image/gif 185.54.150.20
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://italiaonline01.wt-eu02.net/215973748390194/wt?p=433,libero.web.messaging.smart.login.step1,1,1600x1200,24,1,1584966238523,0,1600x1200,0&pu=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&la=en&tz=1&cg1=libero&cg2=web&cg3=messaging&cg4=smart&cg5=login&cg6=step1&cg7=libero.web.messaging.smart.login.step1&cp1=no-referrer&cp2=no-referrer&cp4=no-refresh&cp7=utf-8&cp9=1.1.13&cp10=20200228091540&cp11=Libero%20Mail%20-%20login&cp12=web&cp24=appsuite&cp25=https%3A&cp26=www.login.sipetresbyr.co.za&cp35=0&cp36=0&cp37=0&cp38=0&cp39=0&cp40=0&cp41=0&cp42=0&cp43=0&cp44=0&cp103=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.20 Berlin, Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: 11 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 12:23:58 GMT
Content-Type: image/gif;charset=UTF-8
Last-Modified: Mon, 23 Mar 2020 12:23:58 GMT
Server: 11
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
X-Robots-Tag: noindex, nofollow, noarchive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=33012141&ns__t=1584966238524&ns_c=UTF-8&c7=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c8=Libero%20Mail%20-%20login
https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1584966238524&ns_c=UTF-8&c7=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c8=Libero%20Mail%20-%20login

0
248 B

23ms
23ms

Image
text/plain

23.5.97.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1584966238524&ns_c=UTF-8&c7=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c8=Libero%20Mail%20-%20login
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 12:23:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1584966238524&ns_c=UTF-8&c7=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c8=Libero%20Mail%20-%20login
Pragma: no-cache
Date: Mon, 23 Mar 2020 12:23:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ads.js Show response
i.plug.it/iplug/js/lib/iol/analytics/ads/adv/ Frame 45E1 25 B
327 B 70ms
69ms Script
application/javascript 99.84.155.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/iplug/js/lib/iol/analytics/ads/adv/_ads.js?_t=1584966238528
Requested by: Host: i.plug.it
URL: https://i.plug.it/iplug/js/lib/iol/analytics/engine/IOL.Analytics.Tracking.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-118.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: TXL52-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=1200
x-amz-cf-id: XGy0hZjUVcyOsE1r_tDBvSiryWpWcASlHcUId8rOs1HHM1NxDN6Fbg==
via: 1.1 25a04f62bad18c15d2a9bb2fa8af2af0.cloudfront.net (CloudFront)

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame A961 0
0 8ms
8ms Document
text/html 2600:9000:214f:2c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:2c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.login.sipetresbyr.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.login.sipetresbyr.co.za/

Response headers

status: 200
content-type: text/html
last-modified: Mon, 10 Feb 2020 15:09:24 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: lvTcT3niLoGcYKwJLXWUtlYUeOgANGqx
server: AmazonS3
content-encoding: gzip
date: Mon, 23 Mar 2020 12:07:04 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: vFdmXrVcwVxcL2-mYO6TYmWOGCJtqUTK1yIxuenT7nO1OyQ0vfbwLA==
age: 1097

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 95 KB
18 KB 41ms
26ms XHR
application/json 2600:9000:2057:ac00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: onetag.mgr.consensu.org
URL: https://onetag.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:ac00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da24f37a3ad56fc3b77e90a32126666618054524db6f13f7be6ad68bfa84340f

Request headers

Referer: https://www.login.sipetresbyr.co.za/
Origin: https://www.login.sipetresbyr.co.za
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 12:23:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 19 Mar 2020 16:00:33 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: n4_Yc2xvVXv5oSengNl9TRy7S7VJGMOn
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=604800
content-type: application/json; charset=utf-8
x-amz-cf-id: JRsdK1sFpYEN7pCOPNlbtQXJIzzN93u3rt-RjX27nr8MhX-e5JtB6w==

GET
H2 200 / Show response
onetag-sys.com/cmp-get-google-consent/ 1 B
357 B 32ms
31ms XHR
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/cmp-get-google-consent/

Requested by

Host: onetag.mgr.consensu.org
URL: https://onetag.mgr.consensu.org/cmp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.login.sipetresbyr.co.za/
Origin: https://www.login.sipetresbyr.co.za
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
content-type: text/plain
access-control-allow-origin: https://www.login.sipetresbyr.co.za
cache-control: no-cache, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 107ms
107ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3445020313761020&correlator=2030103550700280&output=ldjh&impl=fifs&adsid=NT&eid=21065749&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200323&iu_parts=5180%2Clibero%2Cwebmail%2Clogin%2Cstep1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1540x1024%7C300x600&cust_params=adv_st_active%3D%26optout%3D0%26adv_sso1%3D0%26adv_sso2%3D0%26adv_sso3%3D0%26adv_np%3Dyes%26laud%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1584965567&dt=1584966238653&dlt=1584966238144&idt=493&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=50&adks=1573533839&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&dssz=28&icsg=134218400&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x0&msz=1540x1024&ga_vid=1439844842.1584966239&ga_sid=1584966239&ga_hid=804884503&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e8d7dc5098568a2424763733214c49c38481210f434e6148ab9ef574aacf0c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
Origin: https://www.login.sipetresbyr.co.za
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3615
x-xss-protection: 0
google-lineitem-id: 5307074825
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138247330835
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.login.sipetresbyr.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 56ms
56ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065749

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:58 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 purposes-it.json Show response
vendorlist.consensu.org/ 4 KB
2 KB 17ms
17ms XHR
application/json 2600:9000:2057:ac00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/purposes-it.json
Requested by: Host: onetag.mgr.consensu.org
URL: https://onetag.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:ac00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3649724d2eacc088225b7c036cb696fc136683b225da1b18abad9c532d004f0a

Request headers

Referer: https://www.login.sipetresbyr.co.za/
Origin: https://www.login.sipetresbyr.co.za
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 12:23:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 19 Mar 2020 16:21:00 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: 4ay8OuPgkPYjTqJIqaPbXvm5LOZYiFLi
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: max-age=259200
content-type: application/json; charset=utf-8
x-amz-cf-id: pfaRfy38_wqe0P_ZAVen2R9irL2oRFwJenE1xrfMaBaJ-o4YwVKvMg==

GET
H/1.1 200
OK iolobj-geo.php Show response
geoisp.libero.it/ioladv/ 0
334 B 49ms
48ms Script
text/html 213.209.16.13
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.libero.it/ioladv/iolobj-geo.php?callback=window.IOLOBJ.Profile.setupFromGEO&tm=1584966238701
Requested by: Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.209.16.13 Assago, Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 12:23:58 GMT
Server: Apache
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=2, max=99
Content-Length: 0

GET
H/1.1 200
OK iolobj-rc-write.js Show response
geoisp.virgilio.it/ioladv/ 780 B
792 B 254ms
52ms Script
application/javascript 213.209.16.12
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.virgilio.it/ioladv/iolobj-rc-write.js?tm=1584966238751&g=[undefined]g&d=[virgilio.it]d
Requested by: Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.209.16.12 Assago, Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: 0c815b93cf68fc9a234ec06fc29143fb1f7ee2c5147ee9b1ae96bc27aa86fe67

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 12:23:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 278

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A03E 0
0 31ms
31ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJPc9CULB08JW0WhDKF0GOWy5Q3uphLmDpaSCw5BXHaYqMZPDN0pVvkDzAkl4vz3n-rGjKrOavmU_2BTzCd6nsmcciDqEGunG7mWQ0hjymegH1kwQ3anh68hxdzUMfjAL4IX2GeTj-Hz-TOvWS4QhmXj0qKMPA4rcDWlm9VeugR9JqxWuP3iAHkP-M43y-W73YMmBLdQeo7Ck7oaazjn1JBE_jb_YHXBkhAzTO_qXn8XIHJhjdzs5ZigmrbRgBXahZj1skfkR4bXd6bJz0piwpclgIkZHOUg9httZU&sai=AMfl-YRJu6Q8r3cgKAJbd57ZiNSqACHdYcVX4zBikUHy_kSbIJT49A7T81F1cuYBqd1h92mz0cZRqloewhZZQhuKAmatMrmez-Vc6I52xP_Fow&sig=Cg0ArKJSzDGOfQ08VAXuEAE&urlfix=1&adurl=

Requested by

Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Mon, 23 Mar 2020 12:23:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:58 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A03E 74 KB
28 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a45e722593ae80eb2997580b34565b035bcaf9d04dfaed2cf813bbbb604f994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584703791052826"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28213
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:58 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ 91 KB
91 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDbxO_K9QEQARgBMggn58Gka6E-mw&b2s=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8cf466de789d8b44d7da53a6a206ab3fdaef59028bbef9d7e7e86d178677c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

timing-allow-origin: *
date: Mon, 16 Mar 2020 21:40:59 GMT
x-content-type-options: nosniff
server: cafe
age: 571379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/jpeg
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 93295
x-xss-protection: 0
expires: Mon, 23 Mar 2020 21:40:59 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5f16203673e927018b568651ea731f86d62fafe2c57c9da92e4b442a7839af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584703791052826"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27953
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:58 GMT

GET
DATA 200
OK truncated
/ Frame A03E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c4dd232918442571f4d13314f45efb41258b813e4d51199477d3d3efdcd8d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 260C 45 KB
13 KB 168ms
77ms Script
application/javascript 52.215.102.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=38840327&chanId=21721897975&placementId=5307074825&pubCreative=138247330835&pubOrder=2637633276&cb=1210501420&adsafe_par&impId=&ias_adpath=%23ads-maxi
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 29f436086ea64e4ce1e52554f43667a3e2774aa46dcf63cb819aeb291854fcf9

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 12:23:58 GMT
content-encoding: gzip
x-server-name: app06.ie.303net.net
access-control-allow-origin: pixel.adsafeprotected.com
content-type: application/javascript;charset=utf-8
status: 200
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 main.19.8.59.js Show response
static.adsafeprotected.com/ Frame 260C 168 KB
55 KB 44ms
16ms Script
application/javascript 2600:9000:20e8:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.59.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=38840327&chanId=21721897975&placementId=5307074825&pubCreative=138247330835&pubOrder=2637633276&cb=1210501420&adsafe_par&impId=&ias_adpath=%23ads-maxi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20e8:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de6fef5d04f607f3569995b4187d4add67545713d91989f2f17e04bc6484ad0c

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 17 Mar 2020 20:51:44 GMT
content-encoding: gzip
age: 487936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: PENDING
last-modified: Tue, 17 Mar 2020 20:51:42 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: pJ_KwsBccZbhqCLOY9hx9yVzVinDlKji
via: 1.1 960b0b60c4f1507c51c75d8f9ab0dc91.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: irFFP9_inSRoiWH5V3BRM-hb5rafg-HjYRrlUGT_Wh0dWucrDK2ing==

GET
H/1.1 200
OK iolobj-rc-write.js Show response
geoisp.libero.it/ioladv/ 778 B
789 B 48ms
48ms Script
application/javascript 213.209.16.13
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.libero.it/ioladv/iolobj-rc-write.js?tm=1584966239007&g=[undefined]g&d=[libero.it]d
Requested by: Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.209.16.13 Assago, Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: 39a3257252a3c0d4c9e71ab27f53fbe417c2ef5d239f95c8324ac80ea0956cae

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 12:23:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=98
Content-Length: 278

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
19ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a70afaa09aef7e1fb4b8f23f7e6053334b38684f6bc2d982f231989addf27ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
Origin: https://www.login.sipetresbyr.co.za
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Mar 2020 12:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5188
x-xss-protection: 0

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 143F 81 KB
22 KB 15ms
14ms Script
application/javascript 2600:9000:20e8:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.login.sipetresbyr.co.za
URL: https://www.login.sipetresbyr.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20e8:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 07 Feb 2020 04:01:46 GMT
content-encoding: gzip
age: 3918134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 960b0b60c4f1507c51c75d8f9ab0dc91.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: vCGQOU0zwwJbY2OAn9d8lQD9r0AeZpgUWSIzsaZrQHyO4lTCyq-jAg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 52ms
52ms Image
image/gif 52.215.102.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=926174&campId=1540x1024&pubId=38840327&chanId=21721897975&placementId=5307074825&pubCreative=138247330835&pubOrder=2637633276&cb=1210501420&adsafe_par&impId=&ias_adpath=%23ads-maxi&adsafe_url=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:8b5fc811-b769-d33a-662f-8b1edc87b89d,c:7MJvjf,sl:na,em:true,fr:true,mn:app06ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rU3OOws+11|12|13*.926174|131|14,idMap:13*,pl:,rend:0,renddet:na,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:90,oid:2c0681ae-6d01-11ea-bc2d-0a6d0b536c42,v:19.8.59,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 12:23:59 GMT
x-server-name: app37.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 12:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 23 Mar 2020 12:23:59 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 471ms
157ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926174&asId=8b5fc811-b769-d33a-662f-8b1edc87b89d&tv={c:7MJvjv,pingTime:-2,time:105,type:a,im:{sf:0,pom:1,prf:{beA:173,beZ:174,mfA:252,cmA:253,inA:253,inZ:257,prA:257,prZ:260,si:262,poA:263,poZ:271,cmZ:271,mfZ:271,loA:274,loZ:276,ltA:277,ltZ:277,mdA:174,mdZ:232}},sca:{dfp:{df:0}},env:{gca:0},clog:[{piv:-1,vs:n,r:,w:0,h:0,t:89}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:0,n:105,pp:0,pm:0},slEvents:[{sl:n,t:89,wc:0.0.1600.1200,bkn:{piv:[23~1],as:[23~na.na]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rU3OOws+11|12|13*.926174|131|14,idMap:13*,rend:0,renddet:na,rmeas:0,slid:[google_ads_iframe_/5180/libero/webmail/login/step1_0,google_ads_iframe_/5180/libero/webmail/login/step1_0__container__,adsplash,wrapper-iol],sinceFw:14,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 12:23:59 GMT
X-Server-Name: dt17dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame FB97 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.login.sipetresbyr.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.login.sipetresbyr.co.za/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 23 Mar 2020 11:32:51 GMT
expires: Tue, 23 Mar 2021 11:32:51 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3068
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=3445020313761020&bg=!lZallo5YcbLvLkwDWpACAAAAOFIAAAAKmQFnk2qGvJd0DvWB-36RyOKHBnzmLCW99URIWk6vmtiEKzpcSGgx2jQDetLxGdFI1czoU0IGfzJATUsipPmrx8veE938E8W1oLRmAMlJyiF3xr4H6bJM55KTtXcUOHyeTWs8wdOHmLbxAl1oNboZ7yKwd2a8dPzdPJniF4vz8evHtMqZJwqq8kyHA857mGikFbhlewn6jfJgcgc0vpBsfFUIyc8KN9S7GGGntQE1-gSSgHqM6gEKY6V_j6z-eJ2EprnI0_Q4uCj0D2ixoq6hYsB7nkPvr5k4uxNL_tEFtjQSTB2d3b_bdnAGy2d5RJhcNxwOYEqxt7SsyTrE5QOf8_iLyIC4bfOTUsjSEctWwiJe479cjJKoPhGWkIuB4ogcXq1DXxFUNuDPb1lmmrIotwQ03qfkw-O4EV5Xr3FPXlpJksuDIK0t4cfbbveH8s4u6na3mD1mY8zwkQABn9jYyIc9H1stB6Xead4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 12:23:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 337ms
166ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926174&asId=8b5fc811-b769-d33a-662f-8b1edc87b89d&tv={c:7MJvom,pingTime:-10,time:406,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022020220000022002222000022220202020222220222220002222022002222202002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1584966239385||3000eead9e79021b6529a5f256ad1d30||675c74d5f114ba25a49fb0f4cb02f70f||e5d7be9653beac817589a6246970e15f||c3d8d96cd7bec39d1336f0d02ac6a855||08f8a08e4768b1455cae35ed68830dbe||71df58146b36fa549beb8eead54f1056||447d07cade4f9e440b10749d503eb201||1576000828}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 12:23:59 GMT
X-Server-Name: dt17dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK callback=iol.dmp.getProfile Show response
ad.crwdcntrl.net/5/c=6199/pe=y/ 83 B
397 B 186ms
45ms Script
application/javascript 54.154.27.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=6199/pe=y/callback=iol.dmp.getProfile
Requested by: Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.27.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-27-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4e0ce1ecb037a40493dca6b0f837e3d6d9f626a961f655cbe88c52da726940f6

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 23 Mar 2020 12:24:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.14.243
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 83
Expires: 0

GET
H2 200 gn
secure-it.imrworldwide.com/cgi-bin/ 44 B
332 B 49ms
49ms Image
image/gif 54.77.223.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=it-605193&ch=it-605193_c10_LiberoMessaging_BRW_S&asn=LiberoMessaging_BRW&sessionId=3zIh8hOTM9juMvTMyn0Vp3NQOu0hm1584966238&prv=1&c6=vc,c10&ca=NA&c13=asid,PB842EDC3-BDDA-4494-9CDE-8B0150370A55&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1584966238552987&c30=bldv,6.0.0.474&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1584966238486&c3=st,c&c64=starttm,1584966240&adid=1584966238486&c58=isLive,false&c59=sesid,&c61=createtm,1584966239&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.login.sipetresbyr.co.za%2F&c66=mediaurl,&c62=sendTime,1584966239&rnd=693605
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.223.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-223-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.login.sipetresbyr.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 12:24:00 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-19 17:37:42	Name: IMRID Value: 2bd585b0-6d01-11ea-8582-6707a518e95e
.imrworldwide.com/	1970-01-19 17:37:42	Name: SSCVER Value: v1
.sipetresbyr.co.za/	1970-01-20 01:47:18	Name: __gads Value: ID=d9563962c77ce32b:T=1584966238:S=ALNI_MZxX2LnYFG87fqhkBO7Ivv0HrZ-rg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://i.plug.it/banners/js/adv_lib_login_2step_v2.js(Line 2) Message: ADV LIBRARY Login : 08 Mag 2019
console-api	log	URL: https://i.plug.it/banners/js/adv_library3_https.js(Line 367) Message: ADV PROFILE = 0
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.0029296875ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn-gl.imrworldwide.com
dt.adsafeprotected.com
geoisp.libero.it
geoisp.virgilio.it
i.plug.it
italiaonline01.wt-eu02.net
onetag-sys.com
onetag.mgr.consensu.org
pagead2.googlesyndication.com
pixel.adsafeprotected.com
sb.scorecardresearch.com
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
vendorlist.consensu.org
www.googletagservices.com
www.login.sipetresbyr.co.za
104.244.37.20
172.217.22.98
185.54.150.20
196.41.130.158
213.209.16.12
213.209.16.13
23.5.97.37
2600:9000:2057:ac00:1:af78:4c0:93a1
2600:9000:20e8:4400:8:48e:53c0:93a1
2600:9000:214f:2c00:2:42d9:3100:93a1
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:824::2002
51.89.9.251
52.215.102.72
54.154.27.134
54.77.223.127
99.84.155.118
00be4a75e748a196d522a7353e1555308e1122ad1eda6218ce6092de72c5e340
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c815b93cf68fc9a234ec06fc29143fb1f7ee2c5147ee9b1ae96bc27aa86fe67
239537ff30411d0ce5f1abf7618fed9bdcc53a9e42b6939b6ab7f44d1e4c3cb6
29f436086ea64e4ce1e52554f43667a3e2774aa46dcf63cb819aeb291854fcf9
3649724d2eacc088225b7c036cb696fc136683b225da1b18abad9c532d004f0a
39a3257252a3c0d4c9e71ab27f53fbe417c2ef5d239f95c8324ac80ea0956cae
3a1a2417641691e3055ea0a8720916fde68d1cadcacddcf4893cd239b4ea73dc
3a70afaa09aef7e1fb4b8f23f7e6053334b38684f6bc2d982f231989addf27ba
478d8454ef8538957447fcd3cee65aaa8ad99312dde1f668b5a5edbba3d62a4a
4e0ce1ecb037a40493dca6b0f837e3d6d9f626a961f655cbe88c52da726940f6
55137ab76eea957ac63037bfaf5fb94a5257f7624774b46ca8006cb941e81728
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
62c4dd232918442571f4d13314f45efb41258b813e4d51199477d3d3efdcd8d0
632639207bfed9a5ddc7573510e2f1ef24a9297855fb50f56bfffa19441c8923
67eae26428ad2b3c10b58da4dec6e0a198a13af3dea6a5eab3f0881d485826e8
6e36307d4e8702f349fd7e17ed2b7291ac80f3d9044ffb19b4bcbea32ce35fa7
7fa57658b48982d12122a10667edae7fe767d680cdd765d33d99ae601f37b0f0
89d281be2d8967fc0d0384fc39c6822c9a86e5241dd5402eeb8041aaa05980da
8eb017c01ae9624ef47f6300a13452e383f271edb59f8fdc15b5e4246a5fcffd
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
9a45e722593ae80eb2997580b34565b035bcaf9d04dfaed2cf813bbbb604f994
a2e52ddd4b39511cfa30c7c6ca13461fd985ca8e471510fac918eaadf802228d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e891e59418557d24d859a695a59a90c7db808100a275e4c2190671880e0291
b5f16203673e927018b568651ea731f86d62fafe2c57c9da92e4b442a7839af1
bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5
c8cf466de789d8b44d7da53a6a206ab3fdaef59028bbef9d7e7e86d178677c62
d1db6076a2a74744fd67f947dec7be38235e7aa5a63ef45a1b6beeefb38f38cd
d9bea1d21173af935272a0a8baee8c4b5935c642e983405b8c126d6a866a3b33
da24f37a3ad56fc3b77e90a32126666618054524db6f13f7be6ad68bfa84340f
de6fef5d04f607f3569995b4187d4add67545713d91989f2f17e04bc6484ad0c
e399987441159ab453cb1ca7262074463bb3e387125c19cfc815af5e98b1a962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7dc5098568a2424763733214c49c38481210f434e6148ab9ef574aacf0c10
e902685d8cb3ed41c4fb0073103a2a778d7f1ad95c2f26663f970c3a00f2c11a
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

www.login.sipetresbyr.co.za Open in urlscan Pro 196.41.130.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

40 %IPv6

17 Domains

22 Subdomains

21 IPs

6 Countries

558 kBTransfer

1511 kBSize

3 Cookies

11 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.login.sipetresbyr.co.za Open in urlscan Pro
196.41.130.158 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

40 %
IPv6

17
Domains

22
Subdomains

21
IPs

6
Countries

558 kB
Transfer

1511 kB
Size

3
Cookies

52 HTTP transactions
1 data transactions